SQLi exploitation tools
Albatar (SQL injection exploit tool)
penetration testing, security assessment, web application analysis
Albatar has the focus on the situations where tools like sqlmap need to be adjusted to make an exploit work. It is written in Python and unlike sqlmap, it does not detect SQL injection vulnerabilities.
jSQL Injection (automatic SQL database injection)
jSQL Injection is a security tool to test web applications. It can be used to discover if an application is vulnerable to SQL injection attacks.
nycto-dork (dork tool with option to scan for SQLi and LFI)
Nycto-dork is dork scanner that can also test for SQL injections and local file injections (LFI). It can be used during security assessments like a penetration test.
sqlmap (SQL injection and database takeover tool)
penetration testing, security assessment, vulnerability scanning, web application analysis
Tools like sqlmap are used to test the security of a database. The typical goal is to get control over the database instance by using different types of attacks like SQL injection.
SQLMate (a friend of SQLMap with additional features)
penetration testing, web application analysis
SQLMate is a tool to perform security assessments and vulnerability of web applications. It can discover admin panels of websites, which might be a way to break into a web application. It also has the option for dorking, which means it can find possible vulnerable targets to a particular attack.
Missing a favorite tool in this list? Share a tool suggestion and we will review it.