Database security audit tools

Tools

evilredis (Redis security scanner)

security assessment, vulnerability scanning

Evilredis tool is an offensive security program for pentesting Redis databases. It can scan the target and perform different actions, like shutting down a Redis instance.

Oscanner (Oracle assessment framework)

Oscanner is an Oracle assessment framework to perform enumeration on Oracle installations. It is written in Java and provides a graphical overview of findings.

sqlmap (SQL injection and database takeover tool)

penetration testing, security assessment, vulnerability scanning, web application analysis

Tools like sqlmap are used to test the security of a database. The typical goal is to get control over the database instance by using different types of attacks like SQL injection.

TheDoc (automation tool for sqlmap)

penetration testing

TheDoc is a tool written in shell-script to automate the usage of sqlmap. It comes with a built-in admin finder and hash cracker, using the Hashcat tool.

Missing a favorite tool in this list? Share a tool suggestion and we will review it.