jSQL Injection is a lightweight application used to find database information from a server. It provides a range of features as database injection, admin page search and hash brute force.
jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like SnoopGod, Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux.
This is free and open source software.
Key Features
- Automatic injection of 31 database engines : Access, Altibase, C-treeACE, CUBRID, DB2, Derby, Exasol, Firebird, FrontBase, H2, Hana, HSQLDB, Informix, Ingres, InterSystems-IRIS, MaxDB, Mckoi, MimerSQL, MonetDB, MySQL, Neo4j, Netezza, NuoDB, Oracle, PostgreSQL, Presto, SQLite, SQL Server, Sybase, Teradata and Vertica.
- Multiple injection strategies : Normal, Stacked, Error, Multibit, Blind and Time.
- Parallel bitwise Boolean Blind and Time strategies.
- Various injection processes : Default, Zip, Dios.
- Database fingerprint : Basic error, Order By error, Blind vendor specific query.
- Script sandbox for SQL and tampering.
- Inject multiple targets.
- Read and write files using injection.
- Create and display Web shell and SQL shell.
- Bruteforce password hash.
- Search for admin pages.
- Encode, decode and hash text.
- List CTF, labs, rooms and challenges.
- Authenticate with Basic, Digest, NTLM and Kerberos.
- Proxy connection with HTTP, SOCKS4 and SOCKS5.
Website: github.com/ron190/jsql-injection
Support:
Developer: ron190
License: GNU General Public License v2.0
jSQL Injection is written in Java. Learn Java with our recommended free books and free tutorials.
Related Software
| Vulnerability Analysis Tools | |
|---|---|
| sqlmap | Penetration testing tool |
| BeEF | The Browser Exploitation Framework |
| pocsuite3 | Remote vulnerability testing framework |
| AFL++ | Security-oriented fuzzer |
| Wapiti | "Black-box" vulnerability scanner |
| jSQL Injection | Automatic SQL database injection |
| sif | Pentesting (recon/exploitation) suite |
| XSSer | Detect, exploit and report XSS vulnerabilities |
| Kanha | Web-app pentesting suite |
| simple fuzzer | A fuzzer with two network modes of operation |
| Doona | Fork of the Bruteforce Exploit Detector Tool |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |