Security Hacks posted an article titled Top 15 free SQL Injection Scanners on Friday, with SQLBrute coming in at number four on the list. Which is interesting, since SQLBrute is not really a SQL Injection scanner, but is more of a exploitation tool. If you're looking for a SQL Injection scanner, have a look at SQLiX by Cedric Conchin.
For those of you using the tool, I am planning to do a rewrite in the not too distant future. Amongst other things planned, I'm probably going to move to .NET, include a GUI, and in general make the tool a lot easier to use. More news on this as I get some time to do some coding.
Found this useful? Then Digg It.
Comments (3)
Oh I can see the J2EE camp feeling left out now.
If i could ask for one thing, that would be proxy support, you would win my appreciation badge and a free drink next time uncon happens and i'm actually in the uk
Posted by Daniel | May 22, 2007 2:38 PM
Posted on May 22, 2007 14:38
I'm actually in the process of doing a code cleanup on SQLBrute right now. I'm fairly sure the version on the site right now (071906) is subtlely broken on some platforms...
Posted by Justin Clarke | May 22, 2007 9:38 PM
Posted on May 22, 2007 21:38
I'm like 99% sure they ripped it from this page
http://www.owasp.org/index.php/Phoenix/Tools
without linking or giving any credit.
i appreciate the work you did on the scanner and look forward to your announced improvements. thanks!
Posted by dre | May 24, 2007 5:37 PM
Posted on May 24, 2007 17:37