• Diniz Martins

SQLiv | SQL Injection

Before we are doing the injection consult, of course we must ensure that the server or target has a database security hole. To find database security holes, there are several methods we can use. Among them, Google dorking, is used mostly by hacker and penetration testers. Luckily there is a tool that is able to do that automatically. But we have to install its tool first. The tool is called SQLiv (SQL injection Vulnerability Scanner).


Install:

Then run:

Resolve some dependencies:


Finding SQL Injection Vulnerabilities:


Quick reference:


Reverse domain and scanning:

- Do reverse domain and look for websites that hosted on same server as target url


144 views0 comments

Recent Posts

See All

G00gle Dorks | Vulnerable Services

Google serves some 80 percent of all search queries on the Internet, making it by far the most popular search engine. Its popularity is due not only to excellent search effectiveness, but also extensi

OpenSSH via PowerShell

This is an alternative to connect to a server via SSH without leaving PowerShell or Command Prompt. ◼️ Free download HERE ◼️ #1 Download OpenSSH-Win64.zip and unzip it. #2 Open Windows PowerShell and

Vega | Web Security Scanner

Vega is a free and open source web security scanner and web security testing platform to test the security of web applications. It can help you find and validate SQL Injection, Cross-Site Scripting (X