YASIT
aka Yet Another SQL Injection Tool… It seems like SQL Injection tools have been crawling out of the woodwork the past few months and there’s yet another new one that I came across just the other day called PRIAMOS. I haven’t played with it yet, but it seems to be focused largely on usability.
Some of the other ones that have come across my radar recently are:
- SQLBrute (Python)
- SQLiX (Perl - OWASP Project!)
- sqlmap (Python) - I really like the feel of this one, but haven’t had a chance to dig into it too much
- Sqlninja (Perl) - Coolest name, in my opinion…
These are all also up on my del.icio.us page as well. And of course, there’s my personal tool, Blink (Perl), but I unfortunately never unleashed that on the world.
Continue reading » · Written on: 03-21-07 · 4 Comments »
try it, first version is a freeware release.
Best Regards,
March 28th, 2007 at 4:44 pmYigit Aktan.
Hi Yigit - I actually ended up trying it the other day. Although it will only handle basic SQL Injection via parameters in the URL, it is a great tool! I really like the manner it which it outputs the extracted data.
I did come across a possible bug that I will contact you about with more detailed information.
March 28th, 2007 at 5:03 pmHi Damon,
Yeah, in the structure PRIAMOS is continuity of the url for getting SQL Server infrastructure. If you can catch some bug, contact me. Also, I’m saying again2again first release of PRIAMOS is freeware and on a testing position.
March 29th, 2007 at 4:08 pmAre you planning on building out an update function where the tool can pull down new checks? Nice tool by the way Yigit.
CD
April 20th, 2007 at 12:10 pm