sqlmap

-

 

sqlmap

sqlmap is one of the best tools to perform SQL injection attacks. It just automates the process of testing a parameter for SQL injection and even automates the process of exploitation of the vulnerable parameter. It is a great tool as it detects the database on its own so we just have to provide a URL to check whether the parameter in the URL is vulnerable or not, we could even use the requested file to check for POST parameters.

To use sqlmap tool:

  • sqlmap comes pre-installed in Kali Linux
  • Just type sqlmap in the terminal to use the tool.

    sqlmap


Comments

Post a Comment

Popular posts from this blog

Nmap

-
Image
1. Nmap Nmap is an open-source network scanner that is used to recon/scan networks. It is used to discover hosts, ports, and services along with their versions over a network. It sends packets to the host and then analyzes the responses in order to produce the desired results. It could even be used for host discovery, operating system detection, or scanning for open ports. It is one of the most popular reconnaissance tools. To use nmap: Ping the host with ping command to get the IP address ping hostname Open the terminal and enter the following command there: nmap -sV ipaddress Replace the IP address with the IP address of the host you want to scan. It will display all the captured details of the host. To know more, you can read more from here .  
Read more

metasploit Framework

-
Image
   metasploit Framework Metasploit is an open-source tool that was designed by Rapid7 technologies. It is one of the world’s most used penetration testing frameworks. It comes packed with a lot of exploits to exploit the vulnerabilities over a network or operating systems. Metasploit generally works over a local network but we can use Metasploit for hosts over the internet using “ port forwarding “. Basically Metasploit is a CLI based tool but it even has a GUI package called “ armitage ” which makes the use of Metasploit more convenient and feasible. To use metasploit: Metasploit comes pre-installed with Kali Linux Just enter “ msfconsole ” in the terminal.  
Read more

nslookup

-
Image
  nslookup command in Linux with Examples Difficulty Level : Expert Last Updated : 24 May, 2019 Nslookup (stands for “Name Server Lookup”) is a useful command for getting information from DNS server. It is a network administration tool for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or any other specific DNS record. It is also used to troubleshoot DNS related problems. Syntax: nslookup [option]   Options of nslookup command: nslookup google.com
Read more