evilredis alternatives

Looking for an alternative tool to replace evilredis? During the review of evilredis we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. Oscanner (Oracle assessment framework)
  2. TheDoc (automation tool for sqlmap)
  3. sqlmap (SQL injection and database takeover tool)

These tools are ranked as the best alternatives to evilredis.

Alternatives (by score)

63

Oscanner

Introduction

The tool has a plugin-based architecture for enumeration purposes of Oracle installations.

  • Sid enumeration
  • Passwords tests (common & dictionary)
  • Enumerate Oracle version
  • Enumerate account roles
  • Enumerate account privileges
  • Enumerate account hashes
  • Enumerate audit information
  • Enumerate password policies
  • Enumerate database links

Project details

Oscanner is written in Java.

Strengths and weaknesses

  • + The source code of this software is available

    Oscanner review

    60

    TheDoc

    Introduction

    TheDoc is a tool written in shell-script to automate the usage of sqlmap. It comes with a built-in admin finder and hash cracker, using the Hashcat tool.

    Project details

    TheDoc is written in shell script.

    Strengths and weaknesses

    • + Used language is shell script
    • + Very low number of dependencies
    • + The source code of this software is available
    • - Full name of author is unknown
    • - Unknown project license

    Typical usage

    • Penetration testing

    TheDoc review

    74

    sqlmap

    Introduction

    The sqlmap is a well-known tool with an amazing number of GitHub stars (10,000+). It is used by many security professionals around the world to test the security of both web applications and the database that stores the data.

    Project details

    100

    Acra

    Introduction

    Acra is a database encryption proxy that provides encryption and data leakage prevention to applications. It provides selective encryption, access control, database and data leak prevention, and even intrusion detection capabilities. It is focused on developers and supports most popular programming languages such as Go, PHP, Python, Ruby.

    Project details

    Acra is written in Golang, Node.js, Objective-C, PHP, Python, Ruby.

    Strengths and weaknesses

    • + Commercial support available
    • + The source code of this software is available

      Typical usage

      • Data encryption
      • Data leak prevention
      • Data security
      • Vulnerability mitigation

      Acra review

      60

      MongoSanitizer (python-mongo-sanitizer)

      Introduction

      Typically this type of tool would be used as an additional defense layer to prevent injection attacks from reaching the database.

      Project details

      MongoSanitizer is written in Python.

      Strengths and weaknesses

      • + The source code of this software is available

        Typical usage

        • Application security
        • Database security

        MongoSanitizer review

        60

        NoSQLMap

        Introduction

        NoSQLMap is designed to audit database, as well to automate injection attacks. It can exploit configuration weaknesses in NoSQL databases and web applications using NoSQL.

        Project details

        NoSQLMap is written in Python.

        Strengths and weaknesses

        • + More than 10 contributors
        • + More than 500 GitHub stars
        • + The source code of this software is available

          Typical usage

          • Database security
          • Penetration testing
          • Security assessment

          NoSQLMap review

          89

          jSQL Injection

          Introduction

          jSQL Injection is a security tool to test web applications. It can be used to discover if an application is vulnerable to SQL injection attacks.

          Project details

          jSQL Injection is written in Java.

          Strengths and weaknesses

          • + The source code of this software is available
          • - Full name of author is unknown

          Typical usage

          • Database security

          jSQL Injection review

          64

          Dockerscan

          Introduction

          Dockerscan is a Docker toolkit for security analysis which includes attacking tools. It is more focused on side of the offensive than defensive.

          Project details

          Dockerscan is written in Python.

          Strengths and weaknesses

          • + More than 500 GitHub stars
          • + The source code of this software is available

            Typical usage

            • Information gathering
            • Security assessment
            • Vulnerability scanning

            Dockerscan review

            74

            Metasploit Framework

            Introduction

            Metasploit is a framework that consists of tools to perform security assignments. It focuses on the offensive side of security and leverages exploit modules.

            Project details

            Metasploit Framework is written in Ruby.

            Strengths and weaknesses

            • + More than 400 contributors
            • + More than 9000 stars
            • + Many maintainers
            • + The source code of this software is available
            • + Supported by a large company
            • + Well-known tool

              Typical usage

              • Penetration testing
              • Security assessment
              • Vulnerability scanning

              Metasploit Framework review

              64

              OWTF (Offensive Web Testing Framework)

              Introduction

              OWTF is short for Offensive Web Testing Framework and it is one of the many OWASP projects to improve security.

              Project details

              OWTF is written in Python.

              Strengths and weaknesses

              • + More than 25 contributors
              • + More than 500 GitHub stars
              • + The source code of this software is available

                Typical usage

                • Penetration testing
                • Security assessment

                OWTF review

                64

                Pyersinia

                Introduction

                Pyersinia is a tool like Yersinia and can perform network attacks such as spoofing ARP, DHCP DoS , STP DoS, and more. It is written in Python and uses Scapy.

                Project details

                Pyersinia is written in Python.

                Strengths and weaknesses

                • + The source code of this software is available

                  Typical usage

                  • Network analysis
                  • Penetration testing
                  • Security assessment

                  Pyersinia review

                  64

                  RouterSploit

                  Introduction

                  RouterSploit is a framework to exploit embedded devices such as cameras and routers. It can be used during penetration testing to test the security of a wide variety of devices. RouterSploit comes with several modules to scan and exploit the devices. The tool helps in all steps, like from credential testing to deploying a payload to perform an exploitation attempt.

                  Project details

                  RouterSploit is written in Python.

                  Strengths and weaknesses

                  • + More than 50 contributors
                  • + More than 6000 GitHub stars
                  • + The source code of this software is available

                    Typical usage

                    • Penetration testing
                    • Self-assessment
                    • Software testing
                    • Vulnerability scanning

                    RouterSploit review

                    Some relevant tool missing as an alternative to evilredis? Please contact us with your suggestion.