Wednesday, January 4, 2012 0 comments
SQL Injection is a well known vulnerability of websites which can be found in most of the website using database. The main reason for this vulnerability is that web developers always ignore some security measures. So hacking a website with SQL injection is usually easy in most of the websites.
SQL Inject Me is a firefox addon which turns firefox web browser into SQL injection testing tool. The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an SQL Injection attack.
The tool works by sending database escape strings through the form fields. It then looks for database error messages that are output into the rendered HTML of the page.
The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool.
You can think of the work done by the tool as the same as the QA testers for the site manually entering all of these strings into the form fields.
Add to your firefox from here: