SQL injection is the most dangerous and common web application attack, there are so many tools are available to exploit the SQL-injection vulnerability like Havij and SQLmap but to find a vulnerability is an important step to exploit the web application. So in this article we will discuss about a wonderful tool that can find the SQL-injection vulnerability on a web application.
the sql injection on a website. SQLSentinel includes a spider web and
sql errors finder. You give in input a site and SQLSentinel crawls and
try to exploit parameters validation error for you. When job is
finished, it can generate a pdf report which contains the url vuln found
and the url crawled.
Please remember that SQLSentinel is not an exploiting tool. It can only finds url Vulnerabilities.
- Go and download the tool here.
- Extract it on your directory.
- In my case I am on backtrack 5 based on Ubuntu.
- Simply open the terminal and then locate the directory where you have extracted the tool before.
- It is a Java dependent so use the command as:
[email protected]:~/Desktop# java -jar sqlsentinel.jar
Do not forget to share this wonderful tool around your circle.