Tool Of Hacking Website With SQL

1. SQLi Helper 2.7 by reiluke

Very useful tool. Just type vun website link and hit inject.

DOWNLOAD

2. darkMySQLi.py by rsauron from darkc0de.com

DOWNLOAD

To use this program, you will need python. 

DOWNLOAD 

How to use? 

1. Install Python to C:\ (or other drive, wocares)
2. Unrar darkMySQLi.py to Python25 folder
3. Go to: Start --> Run --> cmd
4. In cmd type cd C:\Python25\
5. It looks like C:\Python25. Now type python darkMySQLi.py and hit enter.
6. You will see program notes in command line. Type "--help" and program will show you all options.

This program helps you to find admin login page. Remember, then you type Website URL, always add / on URL end.

DOWNLOAD

4. Blind SQLi by reiluke

Helps to dump data when you using blind SQLi.

DOWNLOAD

5. Diamondhack vuln scanner

Scanning websites and shows vuns. Type dork, and wait a few minutes.

DOWNLOAD

PhonixXx Exploit

At below here is a some define about Phoenix Exploit Kit.

The Phoenix Exploit Kit is a good example of exploit packs used to exploit vulnerable software on the computers of unsuspecting Internet users. Often, cybercriminals drive traffic to the exploit kit by compromising legitimate sites and by inserting iframes that point to the exploit kit or by poisoning search engine results that take users to the exploit kit.

When users land on a page injected with the exploit kit, it detects the user’s Web browser and OS version then attempts to exploit either the browser or a browser plug-in. The latest version of the Phoenix Exploit Kit currently has payloads for nine different system configurations, including:

    * XPIE7: Internet Explorer 7 and either Windows XP, Windows XP SP2, or Windows 2003
    * VISTAIE7: Internet Explorer 7 and Windows Vista
    * XPIE8: Internet Explorer 8 and either Windows XP, Windows XP SP2, or Windows 2003
    * VISTAIE8: Internet Explorer 8 and Windows Vista
    * IE: Versions of Internet Explorer that are not IE7 or IE8
    * WIN7IE: Internet Explorer and Windows 7
    * XPOTHER: Browsers other than Internet Explorer on Windows XP, Windows XP SP2, or Windows 2003
    * VISTAOTHER: Browsers other than Internet Explorer on Windows Vista
    * WIN7OTHER: Browsers other than Internet Explorer on Windows 7

Once users are directed to a payload page, the kit attempts to exploit vulnerabilities in versions of Adobe Acrobat Reader, Adobe Flash Player, Internet Explorer, and Java.

Java has become the leading exploit vector for a variety of exploit packs. In fact, Phoenix Exploit Kit 2.5 has been updated to include three additional Java exploits, namely:

     JAVA RMI
     JAVA MIDI
     JAVA SKYLINE

The administration panel of Phoenix Exploit Kit 2.5 contains an option to switch modes, which changes the Java exploit delivered to users. It allows the administrator to choose from among TC (CVE-2010-0840), RMI, or MIDI. This indicates that exploits for Java have become very attractive to malware distributors.


Download

Collection Of Web Hacking Tools

Tool List:
Apache Hacking Tools Directory:
Apache Chunked Scanner
Apache Hacker Tool v 2.0
Apache H4x0r Script

Remote File Inclusion And Remote Command Execution Directory :
IIS 5 Dav Scanner & Exploiter
PHP Attacker
PHP Injection Scanner & Exploiter
XML-RPC Scanner & Exploiter

Databases & SQL Injection & XSS Tools Directory :
Casi 4.0
ForceSQL
Mssql BruteForce TooL
SQL Ping 2
SQL Recon
SQL Vuln Scanner
SQL & XSS TooL

PHP Shells :
rootshell v2.0
c99shell #16
Backdoor php v0.1
r57shell
ajan
casus15
cmd (asp)
CyberEye (asp)
CyberSpy5 (asp)
Indexer (asp)
Ntdaddy (asp)
News Remote PHP Shell Injection
PHP Shell
phpRemoteView
nstview php shell

Download

Scanner

Feature:

• As many as 70% of web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer lists.

• Hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, dynamic content, etc. Accessible 24/7 from anywhere in the world, insecure web applications provide easy access to backend corporate databases.

• Firewalls, SSL and locked-down servers are futile against web application hacking!

• Web application attacks, launched on port 80/443, go straight through the firewall, past operating system and network level security, and right in to the heart of your application and corporate data. Tailor-made web applications are often insufficiently tested, have undiscovered vulnerabilities and are therefore easy prey for hackers.

• Acunetix - a world-wide leader in web application security

• Acunetix has pioneered the web application security scanning technology: Its engineers have focused on web security as early as 1997 and developed an engineering lead in web site analysis and vulnerability detection.

• Acunetix Web Vulnerability Scanner includes many innovative features:

•  AcuSensor Technology

•  An automatic client script analyzer allowing for security testing of Ajax and Web 2.0 applications

•  Industries' most advanced and in-depth SQL injection and Cross site scripting testing

•  Advanced penetration testing tools, such as the HTTP Editor and the HTTP Fuzzer  

•  Visual macro recorder makes testing web forms and password protected areas easy

•   Extensive reporting facilities including VISA PCI compliance reports

•   Multi-threaded and lightning fast scanner crawls hundreds of thousands of pages with ease

•   Intelligent crawler detects web server type and application language

•   Acunetix crawls and analyzes websites including flash content, SOAP and AJAX

•   Port scans a web server and runs security checks against network services running on the server

• AcuSensor details are now exported in the report as well.

Bug Fixes:

Fixed a bug in cross domain check script.
Fixed 2 crashes in the scanner software.
Fixed a bug in DOM XSS security check.

DOWNLOAD PDF file


Acunetix Web Vulnerability Scanner Ver 7-20110406 Enterprise DOWNLOAD 

sql-poizon-v11-sqli-exploit-scanner

The Exploit Scanner Tool, I am hereby introducing you with the new release which is more handy. It has new features as well as bug fixes from the older release. Please take a look for it below:

Sql Crawler

Scan for vulnerable sites using error against responses list.

Export list to file.

Search Highlighting

Injection Builder
To make malicious sqli strings.
Contains lots of functions.

New Features
"Look n Feel" is more attractive now.

Rich "Context Menu" items.

"Results" contain check boxes to enable selection.

"Selected Dork" box is editable now for user convenience.

Built-in Browser for "Injection Builder" to check the impact of injection.

"Text Bucket" available for "Injection Builder" to save extra data.

"Insert Order By" button is added to "Injection Builder".

"Internet Browser" with Snapshot and HTML DOM Tree.

Bug Fixes

It wont get stucked after pressing the stop button. Just a minor wait can occur which is okay.

Progress bar for "Crawler" has been fixed. It will show correct progress now.

Error on importing file is fixed now. You can import files from other directories as well.

"Searchqu" shows invalid results. It is fixed now.

DOWNLOAD Sql Poison v1.1

OR

MIRROR