Jumat, 11 Mei 2012

SQL Injection With Havij

What is Havij?

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.

It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system.

The power of Havij that makes it different from similar tools is its injection methods. The success rate is more than 95% at injecting vulnerable targets using Havij.

The user friendly GUI (Graphical User Interface) of Havij and automated settings and detections makes it easy to use for everyone even amateur users.

What is SQL Injection?
SQL Injection is common web application vulnerability due to insufficient validation on user inputs. An attacker can inject some SQL commands into the original query written by the developer to change the result to what he/she wants and execute his/her commands. This work (injecting SQL commands) is called Exploitation that can cause sensitive data disclosure, changing data, deleting data or even whole system compromise!



Who should use Havij?

All security professionals, Web administrators, web application developers, penetration testers, everyone who wants to test his/her sites security and all hack and security researchers can use Havij.

Download Havij: http://www.mediafire.com/?n0f9fr965k8ce49
Havij Tutorial: http://www.mediafire.com/?tk33n29effhtq0j

0 komentar:

Posting Komentar

Your Ad Here
Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Best Web Host