‘SQID – SQL Injection Digger’

Summary

Credit:

‘The information has been provided by Metaeye SG.
To keep updated with the tool visit the project’s homepage at: http://sqid.rubyforge.org


Details

‘SQL injection digger is a command line program that looks for SQL injections and common errors in websites. This version now can perform the following operations.
 * Look for SQL injections and common errors in website urls found by performing a google search
 * Look for SQL injections and common erros in a given url or a file with urls
 * Look for SQL injections and common errors in links from a web page
 * Crawl a website/webpage and do the above

Also supports:
 * Load multiple triggers from file
 * Load multiple signature databases from files
 * HTTPS support
 * HTTP proxy support with authentication
 * Basic authentication
 * Specify user agent
 * Specify referer
 * HTTP Cookies loading from command line or a file

SQID’s greatest strength lies in its simple architecture of inserting triggers in URL parameters and matching responses using regular expressions. Hence one can use it for other purposes also.’

Categories: Tools