Thursday, January 2, 2020

SQL Injection Tools

January 02, 2020  , , ,  3 comments

 SQL Injection Tools

There are many tools which we discuss
Download

BSQL Hacker is an automated SQL Injection Tool designed to exploit SQL injection vulnerabilities in virtually any database.

Download

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.

Download

Marathon Tool is a malicious user
 can send heavy queries to perform a Time-Based 
Blind SQL Injection attack

Note:: You download this tools by click them..........

SQL Queries

SQL is a domain-specific language used in programming and designed for managing data held in a relational database management system, or for stream processing in a relational data stream management system.
Work OF SQL Query
Injection of SQL query will be executed on the server and replied by the

response.
SELECT * FROM [Orders]


These commands will reveal all information stored in the database "Orders"
table. If an organization maintains records of their orders into a database, all
information kept in this database table will be extracted by the command. 

SQL Delete Query
The DELETE statement is used to delete existing records in a table. To
understand, consider a table “Customers” in a database. The following
information is the table “Customers” is containing.
HERE 
You can see that an attacker perform SQL Injection attack on a website 
Here You can See when An attacker attack on a website he get same information like this 
===================================
For Android 
===================================
Tools
  2.  


This is most use full tools which  I use personally
==================================
In the last we read same Evasion Techniques
Evading IDS
In order to secure database, isolated deployment in a secure network location with an intrusion detection system (IDS) is recommended. IDS keep monitoring the network and host traffic as well as a database application. The attacker has to evade IDS to access the database, for this, it uses different evading techniques. For example, IDS using Signature-based Detection system In compare the input strings against the signature to detect intrusion. Now all you have to do is to evade the signature-based detection.

Types of Signature Evasion Techniques
  • In-line Comment
  • Char Encoding
  • String Concatenation 
  • obfuscated Codes
  • Manipulating White Spasea
  • Hex Encoding 
  • Sophisticated Matches 


What is  SQL Injection ???????????







3 comments:

  1. UnknownJanuary 28, 2020 at 8:11 AM

    Very Nice and Help Full

    ReplyDelete
  2. Jeeto PakistanMay 7, 2020 at 11:44 AM

    nice yar wow

    ReplyDelete
  3. johnnyAugust 12, 2020 at 8:38 AM

    Do you need to hack into any, databaseserver spy on Facebook,Emails, Whatsapp, Viber, Snapchat, Instagram and many more.
    I urge you to get in touch with the best people for the job, i have confirm the service when i need to spy on my spouse phone. They are good at Phone Cloning and Bitcoin/binary minning and any other hack job.
    Thanks guys for the team work HACKINTECHNOLOGYATGMAILDOTCOM
    +12132951376(WHATSAPP)

    ReplyDelete

Hack Me Tech