Are there any SQL injection tools out there so I can test my site for vulnerabilities? Any good ones? Free ones would be good.
Asked
Active
Viewed 429 times
6
-
This isn't exactly an external tool to check for SQL Injection. But if you're using PHP you might want to consider looking into MySQLI http://www.php.net/manual/en/class.mysqli.php It has various functions for binding variables into your Queries which prevents your site from being vulnerable to SQL Injection in the first place – Kenny Cason Sep 30 '10 at 17:38
-
Thank you for correcting the spelling, Matt. As someone who learned English as a second language, boy do I hate obvious errors! Get your act together, @gateway. This is not Twitter. It is not cool to type in LOL speak. It can actually make a difference between landing a good and a crappy job. – Hamish Grubijan Sep 30 '10 at 17:39
1 Answers
2
If it is non-commercial (free only for non-commercial use), http://www.nessus.org/nessus/ offers some really good web-app SQL injection tests. It also tests for XSS, and hundreds of known vulnerabilities as well. It helped me find a hole or two.
Mahdi.Montgomery
- 2,024
- 4
- 17
- 21