Is Your Site Free From SQL Injection? 1
Read Full Post

Is Your Site Free From SQL Injection?

SQL injection is a security exploit in which an attacker injects SQL parameters into a Web form, allowing him or her to send database queries and ultimately gain access. SQL injection is not a direct database problem but rather an application issue that indirectly affects your database systems. There are several web application vulnerability scanners to see if any input filtering or other SQL injection-specific holes exist.

SQLFury is the worlds first free online SQL Injection scanner. It is a developer tool written for the Adobe AIR runtime, this application performs SQL injection scans of a target website to identify any SQL injection vulnerabilities. SQLFury utilises blind or inband SQL injection techniques to identify vulnerable targets. If vulnerabilities are found options will be given to extract information from the database using the compromised parameter.


By Faraz Afroz