Finding SQL Injection with Scrawlr

Discussion in 'Cracking Tools' started by NFS, Jan 2, 2014.

  1. NFS

    NFS Well-Known Member Retired Staff

    Messages:
    2,501
    Likes:
    5,042
    Ratio:
    210.3
    [​IMG]


    Scrawlr is the latest tool to come out of HP’s Web Security Research Group. It was built in response to the massive number of SQL injection attacks happening on the web this year. Most of these vulnerable sites are found through googling, so Scrawlr works the same way. Point it at your web server and it will crawl all of the pages and evaluate the URL parameters to see if they’re vulnerable to verbose injection. It reports the SQL server and table names if it comes across anything.

    It only supports 1500 pages right now and can’t do authentication or blind injection. It’s still a free tool and a great way to identify if your site is vulnerable to automated tools finding you website via search engines

    Scrawlr will crawl and audit any of the following file extensions:

    •htm/html
    •asp
    •aspx
    •php/php3/php4
    •jsp
    •js
    •txt
    •cfm
    •any file without an extension


    Hidden Content:
    You must 'reply' before you can see the hidden content.
     
    Nexum and hanibalgol like this.
  2. Mr.Cr0n0s

    Mr.Cr0n0s Banned

    Messages:
    157
    Likes:
    2
    Ratio:
    0
    Is an old tool but good for old school hackers
     
  3. emad2012829

    emad2012829 Banned

    Messages:
    249
    Likes:
    1
    Ratio:
    0
    thanks
     
  4. Busy

    Busy Banned

    Messages:
    162
    Likes:
    1
    Ratio:
    0
    thanks for this
     
  5. mahdi-hacker

    mahdi-hacker New Member

    Messages:
    200
    Likes:
    22
    Ratio:
    0.09
    thanks
     
  6. berkay88

    berkay88 Banned

    Messages:
    258
    Likes:
    3
    Ratio:
    0
    tenks
     
  7. Ghost Rider

    Ghost Rider Basic Member

    Messages:
    1,977
    Likes:
    221
    Ratio:
    0.1
    thanks bro
     
  8. s1l3nt

    s1l3nt Banned

    Messages:
    59
    Likes:
    0
    Ratio:
    0
    tq
     
  9. hanibalgol

    hanibalgol New Member

    Messages:
    22
    Likes:
    0
    Ratio:
    0
    gracias
     
  10. mouss59100

    mouss59100 Banned

    Messages:
    53
    Likes:
    0
    Ratio:
    0
    thanlssssssssssssss
     
  11. ZCracker

    ZCracker Banned

    Messages:
    461
    Likes:
    492
    Ratio:
    0.56
    thanks
     
    fifa2014, milad and pes2014 like this.
  12. Nexum

    Nexum New Member

    Messages:
    555
    Likes:
    5
    Ratio:
    0
    Thanks buddy.
     
  13. dalt1

    dalt1 Banned

    Messages:
    241
    Likes:
    3
    Ratio:
    0
    thanks
     
  14. mrpapshmeer

    mrpapshmeer Banned

    Messages:
    63
    Likes:
    0
    Ratio:
    0
    tanxxxxxxxx
     
  15. mahmoodsoft

    mahmoodsoft Banned

    Messages:
    11
    Likes:
    1
    Ratio:
    0
    Tnx
     
  16. DESTROPANK

    DESTROPANK Banned

    Messages:
    116
    Likes:
    0
    Ratio:
    0
    THANKS
     
  17. Zurdox

    Zurdox New Member

    Messages:
    28
    Likes:
    0
    Ratio:
    0
    :o thanks for the tool
     
  18. umathala

    umathala Banned

    Messages:
    196
    Likes:
    0
    Ratio:
    0
    nice work
     
  19. newaki

    newaki Banned

    Messages:
    16
    Likes:
    0
    Ratio:
    0
    thanks
     
  20. Rohit

    Rohit Member

    Messages:
    357
    Likes:
    77
    Ratio:
    0.09
    thnk bro...
     

Share This Page