NT Objectives, A security application provider released a new Sql Injection Vulnerability Scanner, it will be very helpful for Penetration Testers to find the Vulnerabilities in Web Application .
"NTO SQL Invader" which scans for Sql injection vulnerability and exploits the Sql Injection vulnerability with few simple clicks. It is free to use..! NTO SQL Invader allows pen testers and developers to quickly and easily leverage a vulnerability to view the list of records, tables and user accounts on the back-end database.
"NTO SQL Invader" which scans for Sql injection vulnerability and exploits the Sql Injection vulnerability with few simple clicks. It is free to use..! NTO SQL Invader allows pen testers and developers to quickly and easily leverage a vulnerability to view the list of records, tables and user accounts on the back-end database.
Features:
- Easy to use - The tool’s GUI interface enables you to simply paste the injectable request found by a DAST tool or feed a detailed request straignt from an application scan report. You can then control how much information is harvested.
- Clearly presents evidence - Unlike tools that provide all data via command line, NTO SQL Invader provides the data in a organized manner that is useful for both executive meetings as well as technical analysis and remediation.
- Enables easy transport of logging data - All of the data harvested from NTO SQL Invader can be saved into a CSV file so the reports can be included as penetration evidence as part of a presentation or POC
Here is Video that demonstrates the basics of NTO SQL Invader tool:
http://www.ntobjectives.com/research/sqlinvader-introDownload it from here(for downloading , you have to register):
http://go.ntobjectives.com/l/8672/2011-12-01/DRMN
