[New Added] SQLMap V0.5 Automating SQL injection tests
SQLmap is an automatic SQL injection tool entirely developed in Python. It is capable to perform an extensive database management system back-end fingerprint, retrieve remote DBMS databases, usernames, tables, columns, enumerate entire DBMS, read system files and much more taking advantage of web application programming security flaws that lead to SQL injection vulnerabilities.
- Add support for Oracle database management system
- Add support to extract database users password hash
- Extend inband SQL injection functionality to all other possible queries
- Add Microsoft SQL Server database fingerprint
- Add a fuzzer class with the aim to parse html page looking for standard database error messages consequently improving database fingerprinting
- Add support for SQL injection on HTTP Cookie and User-Agent headers
- Add support for query ETA (Estimated Time of Arrival) real time calculation
- Improve Google dorking support to take advantage of remote hosts affected by SQL injection to perform other command line argument actions
- Improve logging functionality
Post scriptum
Compliance Mandates
|