Tools used to test for SQL Injection

Reference: OWASP Testing for SQL Injection OWASP SQLiX Sqlninja: a SQL Server Injection & Takeover Tool – http://sqlninja.sourceforge.net Bernardo Damele A. G.: sqlmap, automatic SQL injection tool – http://sqlmap.org/ Absinthe 1.1 (formerly SQLSqueal) – http://sourceforge.net/projects/absinthe/ SQLInjector – Uses inference techniques to extract data and determine the backend database server. http://www.databasesecurity.com/sql-injector.htm Bsqlbf-v2: A perl script allows […]

Read More

Open Source Black Box Testing tools

Reference: OWASP General Testing OWASP ZAP The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to […]

Read More

What is Burp Suite?

Burp Suite is an integrated platform for performing security testing of web applications.  Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities. Burp Suite has a large array of features, including but not limited to: […]

Read More