20.28
Unknown
What is Havij?
Havij is an automated SQL Injection tool that
helps penetration testers to find and exploit SQL Injection vulnerabilities on a
web page.
It can take advantage of a vulnerable web
application. By using this software user can perform back-end database
fingerprint, retrieve DBMS users and password hashes, dump tables and columns,
fetching data from the database, running SQL statements and even accessing the
underlying file system and executing commands on the operating
system.
The power of Havij that makes it different from
similar tools is its injection methods. The success rate is more than 95% at
injecting vulnerable targets using Havij.
The user friendly GUI (Graphical User
Interface) of Havij and automated settings and detections makes it easy to use
for everyone even amateur users.
What is SQL Injection?
SQL Injection is common web application
vulnerability due to insufficient validation on user inputs. An attacker can
inject some SQL commands into the original query written by the developer to
change the result to what he/she wants and execute his/her commands. This work
(injecting SQL commands) is called Exploitation that can cause sensitive data
disclosure, changing data, deleting data or even whole system
compromise!
Who should use Havij?
All security professionals, Web
administrators, web application developers, penetration testers, everyone who
wants to test his/her sites security and all hack and security researchers can
use Havij.
Download Havij: http://www.mediafire.com/?n0f9fr965k8ce49
Havij Tutorial: http://www.mediafire.com/?tk33n29effhtq0j
Posted in: 
0 komentar:
Posting Komentar