Is Your Site Free From SQL Injection?

Faraz Afroz March 20, 2010

SQL injection is a security exploit in which an attacker injects SQL parameters into a Web form, allowing him or her to send database queries and ultimately gain access. SQL injection is not a direct database problem but rather an application issue that indirectly affects your database systems. There are several web application vulnerability scanners to see if any input filtering or other SQL injection-specific holes exist.

SQLFury is the worlds first free online SQL Injection scanner. It is a developer tool written for the Adobe AIR runtime, this application performs SQL injection scans of a target website to identify any SQL injection vulnerabilities. SQLFury utilises blind or inband SQL injection techniques to identify vulnerable targets. If vulnerabilities are found options will be given to extract information from the database using the compromised parameter.

—————————–Recommendations; Please continue reading below——————————
ASUS Chromebook C223 11.6" HD Chromebook Laptop ASUS Chromebook C223 11.6″ HD Laptop Shop Now
This Asus HD Laptop is an amazon’s choice for ‘chrome computer laptop’ is reviewed by 980+ reviewers that is available at only $249.99. It is ready for productivity and performance while being on the go or travelling, with speedy performance, robust security, and convenience for the user. This laptop has Lightweight 2.2 pound body and with thin and premium metallic finish for a sleek appearance having 11.6 inch HD 1366×768 Anti-Glare Display. The machine is powered by the Intel Celeron N3350 Processor (2M Cache, up to 2.4GHz) for fast and snappy performance including 4 GB DDR3 RAM; 32GB eMMC hard drive; No CD or DVD drive with it. Learn more about this product >>>

SQLFury works by appending your own SQL statements to a parameter which is not correctly sanitised on the server. Given a parameter with SQL injection vulnerablities SQLFury can extract, Database version, Current database user, database name, table names, columns names and entire columns.

Click here to read Ashampoo WinOptimizer 25: A Comprehensive Guide to Boost Your PC Performance

Here are some key features of “SQLFury”:

Database Support:
• MySQL
• PostgreSQL
• Oracle
• Microsoft SQL Server

(Ad)

Extract from database:
• Database version.
• Current database user.
• All database users.
• Database name.
• All database names.
• All table names.
• All columns names.
• Entire columns.

Get SQLFury and test it to see for yourself just how useful it can be for you.

Now loading...

SmashingApps.com participates in various affiliate marketing programs and especially Amazon Services LLC Associates Program, which means we may get paid commissions on editorially chosen products purchased through our links to any of the linked sites from us.