• This is still the same old TBFE but we're starting off fresh with this new framework. You'll need to sign up again if you'd like your own account on the forums or there is a guest section that you can post in without signing up.

INFOSEC SQLiv - Massive SQL Injection Vulnerability Scanner

sqliv_2_1.png


SQLiv Massive SQL Injection Scanner Features
Both the SQLi scanning and domain info checking are done in a multiprocess manner so the script is super fast at scanning a lot of URLs. It’s a fairly new tool and there are plans for more features and to add support for other search engines like DuckDuckGo.
  • Multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo
  • Targetted scanning by providing specific domain (with crawling)
  • Reverse domain scanning
Installation
  1. git clone https://github.com/Hadesy2k/sqlivulscan.git
  2. sudo python2 setup.py -i
Dependencies
Pre-installed Systems
Using SQLiv For SQL Injection Dorks Scanning
Multiple domain scanning with SQLi dork
Simply search multiple websites from given dork and scan the results one by one:

Code:
python sqliv.py -d <SQLI DORK> -e <SEARCH ENGINE> 
python sqliv.py -d "inurl:index.php?id=" -e google
Targetted scanning
You can provide just the domain name or specific URLs with query parameters. If only the domain name is provided, it will crawl and get URLs with queries then scan the URLs one by one.

Code:
python sqliv.py -t <URL>
python sqliv.py -t www.example.com
Reverse domain and scanning
Reverse domain scan and look for websites that are hosted on the same server as target URL.

Code:
python sqliv.py -t <URL> -r
python sqliv.py -t www.example.com -r
Author
Brandon
Downloads
9
First release
Last update
Rating
0.00 star(s) 0 ratings

More resources from Brandon