Skip to content

Penetration Testing Tools

Search for:

Home
Data Forensics
Ethical Hacking
Mobile Hacking
Network Attacks
Vulnerability Assessment
Web AppSec
OSINT
Code Assessment
Malware Offense
IoT
Cryptography
Arsenal Lab
Hardware/Embedded
Malware Defense
Network Defense
Reverse Engineering
Smart Grid/Industrial Security

Home
Data Forensics
Ethical Hacking
Mobile Hacking
Network Attacks
Vulnerability Assessment
Web AppSec
OSINT
Code Assessment
Malware Offense
IoT
Cryptography
Arsenal Lab
Hardware/Embedded
Malware Defense
Network Defense
Reverse Engineering
Smart Grid/Industrial Security

Search for:

Penetration Testing Tools

Vulnerability Assessment / Web AppSec

ghauri: automates the process of detecting and exploiting SQL injection

by ddos · July 29, 2024

Ghauri

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

Features

Supports the following types of injection payloads:
- Boolean based.
- Error Based
- Time-Based
- Stacked Queries

Support SQL injection for following DBMS.
- MySQL
- Microsoft SQL Server
- Postgre
- Oracle
Supports following injection types.
- GET/POST-Based injections
- Headers Based injections
- Cookies Based injections
- Multipart Form data injections
- JSON based injections
support proxy option –proxy.

supports parsing requests from txt files: switch for that -r file.txt
supports limiting data extraction for dbs/tables/columns/dump: switch –start 1 –stop 2

Install

clone the repo: git clone https://github.com/r0oth3x49/ghauri.git

install requirements: pip install –upgrade -r requirements.txt
run: python setup.py install or python -m pip install -e .

Use

Copyright (c) 2022-2025 Nasir Khan

Source: https://github.com/r0oth3x49/

Share

Tags: exploiting SQL injection

Follow:

Next story tartufo: searches through git repositories for secrets, digging deep into commit history and branches
Previous story sniffnet: Application to comfortably monitor your Internet traffic

Search

MAKE THE WEBSITE ONLINE

Popular Posts
Tags

Malware Defense

Invoke-Maldaptive: LDAP Obfuscation, Deobfuscation & Detection

September 12, 2024
Malware Defense

DRAKVUF Sandbox: automated hypervisor-level malware analysis system

August 13, 2024
Vulnerability Assessment

sysdig-inspect: powerful opensource interface for container troubleshooting and security investigation

August 14, 2024
OSINT - Open Source Intelligence

identYwaf: Blind WAF identification tool

August 14, 2024
Vulnerability Assessment

Ping Castle: assess quickly the Active Directory security level

August 15, 2024

Amazon AMD Android Apple ARM Artificial intelligence ASRock Asus ChatGPT chrome facebook Firefox Gigabyte google Google Chrome hacker Huawei Intel iphone Lenovo LG Linux MediaTek Meta Micron Microsoft microsoft edge MSI Nvidia OpenAI PlayStation 5 Qualcomm ransomware Samsung SK Hynix Sony Steam Deck TSMC vulnerability windows Windows 7 Windows 10 Windows 10X Windows 11 Xbox

Reward

Brilliantly

SAFE!

meterpreter.org

Content & Links

Verified by Sur.ly

2022

Home
About Us
Contact Us
DMCA NOTICE
Privacy Policy

Penetration Testing Tools © 2024. All Rights Reserved.

x