Home » Story links » Param's story links

SQID - SQL Injection digger

Link: http://sqid.rubyforge.org/
Points: 2485 views User: Param Comments: 0 Comments Tag:

SQL injection digger is a command line program that looks for SQL injections and common errors in websites. It can perform the following operations:

* Look for SQL injection in a webpage, by looking for links.
* Submit forms in a webpage to look for SQL injection.
* Crawl a website to perform the above listed operations.
* Perform a Google search for a query and look for SQL injections in the urls found.

sqid is written in ruby and additionally requires http-access2 module for operation. sqid is extensible by adding more signatures to its database (sqid.db). The signatures simply use regular expressions.


Email: Email this Story to a Friend

Post new comment

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <h1> <quote> <img>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.