SQLSentinel - A Cross-Platform SQLi Vulnerability Scanner


SQLSentinel is an open source tool that you can use to find SQL Injection vulnerabilities in a website. It also has an SQL error finder (help you to identify the vulnerabilities) and a web crawler. This tool is very easy to use, all you need to do is, enter a site URL in the "Url" box, and click on the "Start" button, the SQLSentinel will do the rest... It will crawl the site and find vulnerable URL(s) and display them in the "Working Logs".

Note: SQLSentinel requires Java Runtime Environment.

SQLSentinel Screenshot

When it is finished scanning the site, you can generate a PDF report containing crawled and vulnerable URLs by using the "Generate PDF report" button.

It has support for MySQL, PostgreSQL, Microsoft SQL Server and Oracle(BETA). It also supports the union, error based, and blind SQL Injection techniques.

SQLSentinel features automatic random user-agents for the spider and SQL crawler connections, cookie module for crawling and checking sites that are login required, and HTTP Proxy support.

That's all. I hope you liked reading this article. If you did, please share...

No comments

Powered by Blogger.