SQLiv: a massive SQL injection scanner

SQLiv is a Python-based scanning tool that uses Google, Bing or Yahoo for targetted scanning, focused on reveal pages with SQL Injection vulnerabilities.

It uses known dorks in order to find vulnerable URLs.

Features

  1. multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo
  2. targetted scanning by providing specific domain (with crawling)
  3. reverse domain scanning

Installation

  1. Resolve some dependencies:
    pip install bs4 termcolor google
  2. Clone the git repository:
    git clone https://github.com/Hadesy2k/sqliv.git
  3. Start python setup:
    sudo python2 setup.py -i

Quick reference

python sqliv.py --help

usage: sqliv.py [-h] [-d D] [-e E] [-p P] [-t T] [-r]

optional arguments:
  -h, --help  show this help message and exit
  -d D        SQL injection dork
  -e E        search engine [Google only for now]
  -p P        number of websites to look for in search engine
  -t T        scan target website
  -r          reverse domain

Some usage examples

1. Multiple domain scanning with SQLi dork

  • it simply search multiple websites from given dork and scan the results one by one
python sqliv.py -d <SQLI DORK> -e <SEARCH ENGINE>  
python sqliv.py -d "inurl:index.php?id=" -e google

2. Targetted scanning

  • can provide only domain name or specifc url with query params
  • if only domain name is provided, it will crawl and get urls with query
  • then scan the urls one by one
python sqliv.py -t <URL>  
python sqliv.py -t www.example.com  
python sqliv.py -t www.example.com/index.php?id=1

3. Reverse domain and scanning

  • do reverse domain and look for websites that hosted on same server as target url
python sqliv.py -t <URL> -r

More information and downloads

WPSeku: a Black-box WordPress Security Scanner


WPSeku is a Black-box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues.

What is a Black-box scanner?

Black-box security testing refers to a method of software security testing in which the security controls, defences and design of an application are tested from the outside-in, with little or no prior knowledge of the application’s internal workings.
Essentially, black-box testing takes an approach similar to that of a real attacker.

(from Acunetix.com)

WPSeku is developed and mantained by m4ll0k, that have also developed other interesting security tools, like Infoga and Spaghetti.

The last available version is the 0.2.1 and can be downloaded from GitHub.

Installation

First, install requests:

# pip install requests

After, clone the git repository:

# git clone https://github.com/m4ll0k/WPSeku.git

Finally, start the tool:

# python wpseku.py

Usage

 

Usage: ./wpseku.py [--target|-t] http://localhost

-t --target Target URL (eg: http://localhost)
-x --xss Testing XSS vulns
-s --sql Testing SQL vulns
-l --lfi Testing LFI vulns
-q --query Testable parameters (eg: "id=1&test=1")
-b --brute Bruteforce login via xmlrpc
-u --user Set username, default=admin
-p --proxy Set proxy, (host:port)
-m --method Set method (GET/POST)
-c --cookie Set cookies
-w --wordlist Set wordlist
-a --agent Set user-agent
-r --redirect Redirect target url, default=True
-h --help Show this help and exit

Examples:
wpseku.py --target http://localhost
wpseku.py -t http://localhost/wp-admin/post.php -m GET -q "post=49&action=edit" [-x,-s,-l]
wpseku.py --target http://localhost --brute --wordlist dict.txt
wpseku.py --target http://localhost --brute --user test --wordlist dict.txt

More information and downloads