SuperSQLInjectionV1
SQL injection tester
A tool designed to test the security of databases by automatically injecting malicious SQL code into web applications
超级SQL注入工具(SSQLInjection)是一款基于HTTP协议自组包的SQL注入工具,采用C#开发,直接操作TCP会话来进行HTTP交互,支持出现在HTTP协议任意位置的SQL注入,支持各种类型的SQL注入,支持HTTPS模式注入;支持以盲注、错误显示、Union注入等方式来获取数据;支持Access/MySQL/SQLServer/Oracle/PostgreSQL/DB2/SQLite/Informix等数据库;支持手动灵活的进行SQL注入绕过,可自定义进行字符替换等绕过注入防护。本工具为渗透测试人员、信息安全工程师等掌握SQL注入技能的人员设计,需要使用人员对SQL注入有一定了解。
1k stars
33 watching
279 forks
Language: C#
last commit: almost 4 years ago
Linked from 1 awesome list
uhub/awesome-c-sharpRelated projects:
| Repository | Description | Stars |
|---|---|---|
 tommylemon/sqlauto | Automates testing of SQL queries against various databases by generating test data and parameters | 51 |
 himadriganguly/sqlilabs | An interactive platform for learning and practicing SQL Injection techniques through a web-based application. | 93 |
 netspi/esc | A tool designed to test and manipulate SQL Server security | 283 |
 sqlancer/sqlancer | Automated testing tool to identify logic and performance issues in databases | 1,512 |
 zt2/sqli-hunter | A tool that automates the process of detecting and exploiting SQL injection vulnerabilities in web applications. | 425 |
 payloadbox/sql-injection-payload-list | Provides a comprehensive list of SQL injection payloads and techniques | 5,067 |
 rhinosecuritylabs/sleuthql | A Python script to identify and extract potential SQL injection points from Burp Proxy History files. | 466 |
 fsprojects/sqlprovider | A general .NET/Mono SQL database type provider with support for LINQ queries and CRUD operations. | 582 |
 jasonshin/sqlx-ts | Tool for compile-time checked queries with type generation | 185 |
 sadicann/andor | A blind SQL injection tool that allows users to identify vulnerabilities in web applications by manipulating input parameters. | 74 |
 dimitri/regresql | A tool for regression testing and maintaining SQL queries against a PostgreSQL database | 279 |
 sqls-server/sqls | A tool that provides advanced intelligence for editing SQL code in various databases. | 1,023 |
 ysgstudyhards/easysqlite | A 7-day tutorial on building a full-stack web application using ASP.NET Core, Blazor, SQLite, and other related technologies. | 81 |
 smpetersgithub/advancedsqlpuzzles | A collection of challenging SQL puzzles and writings to test and improve skills in Microsoft SQL Server T-SQL. | 617 |
 keramas/mssqli-duet | A tool designed to extract domain users from Active Directory environments by exploiting SQL injection vulnerabilities in MSSQL databases. | 93 |