Re: Database pen-testing tools

From: "crazy frog crazy frog" <i.m.crazy.frog@xxxxxxxxx>
Date: Sat, 19 May 2007 11:30:28 +0530

http://secgeeks.com/top_15_free_sql_injection_scanners.html

On 5/19/07, Erin Carroll <amoeba@xxxxxxxxxxxxxx> wrote:

List members,

Does anyone have some suggestions or experience with database-specific
pen-testing tools that you would recommend? I am by no stretch of the
imagination a DBA (I run at the first sign of the words "Relational
Database") so tools that don't require a large amount of DBA-ish background
to use to their full potential would be of particular interest.

The database testing market seems to be growing rapidly now and some
recommendations of tools to look at would be useful. I've played around with
NGSSquirrel, AppSec, have experience with some Oracle-specific tools of
course...and ran into a new player in the market (Securno) at InfoSec
Europe. Just wondering what other players are out there that are effective
or you've played with.

--
Erin Carroll
Moderator
SecurityFocus pen-test list
"Do Not Taunt Happy-Fun Ball"

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

--
---------------------------------------
http://www.secgeeks.com
get a blog on SecGeeks :)
register here:-
http://secgeeks.com/user/register
rss feeds :-
http://secradar.com/node/feed

http://www.newskicks.com
Submit and kick for new stories from all around the world.
---------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

References:
- Database pen-testing tools
  - From: Erin Carroll

Prev by Date: Re: Legality of WEP Cracking
Next by Date: Re: Sneaking a peek on Wlan in airports
Previous by thread: Database pen-testing tools
Next by thread: Re: Database pen-testing tools
Index(es):
- Date
- Thread

Relevant Pages

Database pen-testing tools
... pen-testing tools that you would recommend? ... Database") so tools that don't require a large amount of DBA-ish background ... course...and ran into a new player in the market at InfoSec ...
(Pen-Test)
Re: Migrating to new SQL server
... Partner that could do this for you. ... I would also higly recommend that you save each project plan as an mpp file. ... The only way to clean up a duff database (apart from ensuring that duff data ... mpp, rebuild the resource pool, rebuild the outline codes, re-import the ...
(microsoft.public.project.pro_and_server)
Re: Unable to open some older messages
... "Darragh O'Kelly" wrote in message ... I recommend ensuring that you are ... >>Matthew Byrd ... The database was successfully ...
(microsoft.public.exchange.misc)
Re: Example of web application done right?
... I was wondering if anyone can recommend a large web ... abstract the database from the web front. ... we would have been able to take down the database server too ... Be very wary of any session handling, as soon as you need session ...
(comp.lang.perl.misc)
Re: Get a list of all top level WSS sites in SPS?
... In the demo I have some code that does basic queries and then I launch two web browsers to hit a SharePoint list. ... Also from a pure application development perspective, just treat the SharePoint object model as the database. ... Can you give one reason why someone shouldn't do a simple query ... As far as MS not recommend it, ...
(microsoft.public.sharepoint.portalserver.development)