Dosk3n
2016-10-05, 13:03
Afternoon guys
I just finished version 1.0.0 of a program I am calling sql drive by. This program was created when I was teaching a friend about website vulnerabilities and was finding it difficult to find an sql injection vulnerable website to show how to test for the vulnerability. I wanted a program that not only made it easier to find these sites but also emphasizes how many sites out these are still vulnerable to SQLi and why people should be paying more attention to fixing these issues.
A quick description of its use would be like this:
python3 sqldriveby.py --term=index.php?id=
The term can be any dork you can think of and the program will then run through and return a list of pages that look to be possibly vulnerable.
You can change the depth of search and choose between search engines. Currently yahoo and bing. It also includes an admin page finder.
You can find my git here:
https://github.com/Dosk3n/sql-drive-by
Thanks,
-D
I just finished version 1.0.0 of a program I am calling sql drive by. This program was created when I was teaching a friend about website vulnerabilities and was finding it difficult to find an sql injection vulnerable website to show how to test for the vulnerability. I wanted a program that not only made it easier to find these sites but also emphasizes how many sites out these are still vulnerable to SQLi and why people should be paying more attention to fixing these issues.
A quick description of its use would be like this:
python3 sqldriveby.py --term=index.php?id=
The term can be any dork you can think of and the program will then run through and return a list of pages that look to be possibly vulnerable.
You can change the depth of search and choose between search engines. Currently yahoo and bing. It also includes an admin page finder.
You can find my git here:
https://github.com/Dosk3n/sql-drive-by
Thanks,
-D