itsMe Posted August 14, 2023 Share Posted August 14, 2023 This is the hidden content, please Sign In or Sign Up jSQL Injection is a lightweight application used to find database information from a distant server. It is free, open-source, and cross-platform (Windows, Linux, Mac OS X). It is also part of the official penetration testing distribution Kali Linux and is included in other distributions like Pentest Box, Parrot Security OS, ArchStrike, or BlackArch Linux. This software is developed using great open-source libraries like Spring, Spock, and Hibernate, and it uses the platform Travis CI for continuous integration. Each program update is tested with Java version 8 through 13 in the cloud, against various MySQL, PostgreSQL, and H2 databases. Source code is open to pull requests and to any contribution on multi-threading, devops, unit and integration tests, and optimization. Features Automatic injection of 23 kinds of databases: Access, CockroachDB, CUBRID, DB2, Derby, Firebird, H2, Hana, HSQLDB, Informix, Ingres, MaxDB, Mckoi, MySQL{MariaDb}, Neo4j, NuoDB, Oracle, PostgreSQL, SQLite, SQL Server, Sybase, Teradata and Vertica Multiple injection strategies: Normal, Error, Blind and Time SQL Engine to study and optimize SQL expressions Injection of multiple targets Search for administration pages Creation and visualization of Web shell and SQL shell Read and write files on the host using injection Bruteforce of password’s hash Code and decode a string Changelog v0.91 Add Stacked strategy Add Stacked mode to Boolean strategies Add Stacked payloads to Error strategies Add file and privilege queries to SQL Engine Improve bulk scan result Improve cookies processing Improve CSRF and Digest handshake processing Improve H2 and PostgreSQL injection Switch PHP SQL shell to mysqli_connect Bugfix: #95426 #95422 This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts