Sql Injection

SQL injection is a code injection technique, used to attack data-driven applications, in which nefarious SQL statements are inserted into an entry field for execution

Methodology / How they use it

Description of how Hackers use this terminlogy

SQL Injection Tools used by Hackers


SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

jSQL Injection

java SQL Injection is a lightweight application used to find database information from a distant server.

BBQSQL - A Blind SQL Injection Exploitation Tool

It is extremely useful when attacking tricky SQL injection vulnerabilities.

Whitewidow - Automated SQL Vulnerability Scanner

Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites.

Leviathan - Mass Audit Toolkit

Leviathan is a mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities.