Blind SQL Injection Tool: BBQSQL



SQL Injection is one of the most dangerous attack.Last year many high profile hacking have been done with the help of SQL injection attack.Many websites are vulnerable to Sql injection.SQL injection attacks have been increased to 69% this year.

Few days back I wrote a post on Manual SQL Injection.

Read it here

http://www.hackatrick.blogspot.in/2012/07/manual-sql-injection-tutorial.html

Well it takes time for manual injection.But to solve this problem there are many automatic tools for it.

today I am going to write about one of them.

So there is a  nice SQL injection attack which can exploit Blin SQL injection attack vulnerability of web applications. This tool is called BBQSQL. According to the documentation, "BBQSQL is a SQL injection framework specifically designed to be hyper fast, database agnostic, easy to setup, and easy to modify".

Main feature of this tool is that it can exploit blind SQL injection vulnerability. So this is very useful tool to check the webapplication's security and then patch vulnerabilities found by the tool. This will make your application secure from various kind of web attacks.
This too comes with a nice interface that helps while working with the tool. It finds all the blind SQL injection vulnerabilities of the application and configuration to make sure your data looks right.

It was designed using the event driven concurrency provided by Python’s gevent.  This allows BBQSQL to run much faster than existing single/multithreaded applications.



Download