SQLiv | SQL Injection

Before we are doing the injection consult, of course we must ensure that the server or target has a database security hole. To find database security holes, there are several methods we can use. Among them, Google dorking, is used mostly by hacker and penetration testers. Luckily there is a tool that is able to do that automatically. But we have to install its tool first. The tool is called SQLiv (SQL injection Vulnerability Scanner).


Install:

Then run:

Resolve some dependencies:


Finding SQL Injection Vulnerabilities:


Quick reference:


Reverse domain and scanning:

- Do reverse domain and look for websites that hosted on same server as target url


32 views0 comments

Recent Posts

See All

LibreNMS

LibreNMS is an open source, powerful and feature-rich auto-discovering PHP based network monitoring system which uses the SNMP protocol. It supports a broad range of operating systems including Linux,

Vulmap – Web Vulnerability

Vulmap is a vulnerability scanning tool that can scan for vulnerabilities in Web containers, Web servers, Web middleware, and CMS and other Web programs, and has vulnerability exploitation functions.

Vigenere Cipher

Vigenere Cipher is a method of encrypting alphabetic text. It uses a simple form of polyalphabetic substitution. A polyalphabetic cipher is any cipher based on substitution, using multiple substitutio