SQLiv | SQL Injection

Before we are doing the injection consult, of course we must ensure that the server or target has a database security hole. To find database security holes, there are several methods we can use. Among them, Google dorking, is used mostly by hacker and penetration testers. Luckily there is a tool that is able to do that automatically. But we have to install its tool first. The tool is called SQLiv (SQL injection Vulnerability Scanner).

Install:

Then run:

Resolve some dependencies:

Finding SQL Injection Vulnerabilities:

Quick reference:

Reverse domain and scanning:

- Do reverse domain and look for websites that hosted on same server as target url