Skip to content

Penetration Testing Tools

Search for:

Home
Data Forensics
Ethical Hacking
Mobile Hacking
Network Attacks
Vulnerability Assessment
Web AppSec
OSINT
Code Assessment
Malware Offense
IoT
Cryptography
Arsenal Lab
Hardware/Embedded
Malware Defense
Network Defense
Reverse Engineering
Smart Grid/Industrial Security

Home
Data Forensics
Ethical Hacking
Mobile Hacking
Network Attacks
Vulnerability Assessment
Web AppSec
OSINT
Code Assessment
Malware Offense
IoT
Cryptography
Arsenal Lab
Hardware/Embedded
Malware Defense
Network Defense
Reverse Engineering
Smart Grid/Industrial Security

Search for:

Penetration Testing Tools

Vulnerability Assessment / Web AppSec

ghauri: automates the process of detecting and exploiting SQL injection

by ddos · July 29, 2024

Ghauri

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

Features

Supports the following types of injection payloads:
- Boolean based.
- Error Based
- Time-Based
- Stacked Queries

Support SQL injection for following DBMS.
- MySQL
- Microsoft SQL Server
- Postgre
- Oracle
Supports following injection types.
- GET/POST-Based injections
- Headers Based injections
- Cookies Based injections
- Multipart Form data injections
- JSON based injections
support proxy option –proxy.

supports parsing requests from txt files: switch for that -r file.txt
supports limiting data extraction for dbs/tables/columns/dump: switch –start 1 –stop 2

Install

clone the repo: git clone https://github.com/r0oth3x49/ghauri.git

install requirements: pip install –upgrade -r requirements.txt
run: python setup.py install or python -m pip install -e .

Use

Copyright (c) 2022-2025 Nasir Khan

Source: https://github.com/r0oth3x49/

Share

Tags: exploiting SQL injection

Follow:

Next story tartufo: searches through git repositories for secrets, digging deep into commit history and branches
Previous story sniffnet: Application to comfortably monitor your Internet traffic

Search

MAKE THE WEBSITE ONLINE

Popular Posts
Tags

OSINT - Open Source Intelligence

Scrapling: Fast, Adaptive Web Scraping for Python

November 16, 2024
Network Defense

OpenBAS: Open Breach and Attack Simulation Platform

October 17, 2024
OSINT - Open Source Intelligence

reNgine: an automated reconnaissance framework

October 17, 2024
Web AppSec

HaE: BurpSuite Highlighter and Extractor

October 18, 2024
Malware Defense

phpMussel: PHP-based anti-virus anti-trojan anti-malware solution

October 18, 2024

Amazon AMD Android Apple ARM Artificial intelligence ASRock Asus ChatGPT chrome facebook Firefox Gigabyte Github google Google Chrome hacker Huawei Intel Lenovo LG Linux Linux Kernel MediaTek Meta Microsoft microsoft edge MSI Nvidia OpenAI PlayStation 5 Qualcomm ransomware Samsung SK Hynix Sony Steam Deck TSMC vulnerability windows Windows 7 Windows 10 Windows 10X Windows 11 Xbox

Reward

Brilliantly

SAFE!

meterpreter.org

Content & Links

Verified by Sur.ly

2022

Home
About Us
Contact Us
DMCA NOTICE
Privacy Policy

Penetration Testing Tools © 2024. All Rights Reserved.

x