一个国外的SQL扫描工具,还不错。
| WebCruiser – Web Vulnerability Scanner, a compact but powerful web security scanning tool that will aid you in auditing your site! It has a Vulnerability Scanner and a series of security tools. It can support scanning website as well as POC (Proof of concept) for web vulnerabilities: SQL Injection, Cross Site Scripting, XPath Injection etc. So, WebCruiser is also an automatic SQL injection tool, an XPath injection tool, and a Cross Site Scripting tool! |
Key Features:
* Crawler(Site Directories And Files);
* Vulnerability Scanner: SQL Injection, Cross Site Scripting, XPath Injection etc.;
* SQL Injection Scanner;
* SQL Injection Tool: GET/Post/Cookie Injection POC(Proof of Concept);
* SQL Injection for SQL Server: PlainText/Union/Blind Injection;
* SQL Injection for MySQL: PlainText/Union/Blind Injection;
* SQL Injection for Oracle: PlainText/Union/Blind/CrossSite Injection;
* SQL Injection for DB2: Union/Blind Injection;
* SQL Injection for Access: Union/Blind Injection;
* Post Data Resend;
* Cross Site Scripting Scanner and POC;
* XPath Injection Scanner and POC;
* Auto Get Cookie From Web Browser For Authentication;
* Report Output.
System Requirement: Windows with .Net Framework 2.0 or higher
Download WebCruiser – Web Vulnerability Scanner
