Dream.In.Code > Programming Help > Industry News

Welcome to Dream.In.Code
	Become an Expert! Join 150,105 Programmers for FREE! Get instant access to thousands of experts, tutorials, code snippets, and more! There are 1,865 people online right now. Registration is fast and FREE... Join Now! Chat LIVE With a Expert

Scrawlr - Finds SQL Injection Vulnerabilities

Reply to this topic

Start new topic

Scrawlr - Finds SQL Injection Vulnerabilities

snoj	27 Jun, 2008 - 05:46 AM Post #1
Fell off the face of the earth Joined: 31 Mar, 2003 Posts: 3,325 Thanked: 9 times Dream Kudos: 750 My Contributions	It's a pretty neat tool. So far I've used it on a couple of my projects and it hasn't found any injection points! The best part is, there should be no 1500 page limit! https://download.spidynamics.com/Products/scrawlr/ [Admin Edit: Scrawlr will crawl a website while simultaneously analyzing the parameters of each individual web page for SQL Injection vulnerabilities. ]
	This Post Was Helpful!


Register for Free to Make These Ads Go Away!

skyhawk133	RE: Scrawlr - Finds SQL Injection Vulnerabilities 27 Jun, 2008 - 05:52 AM Post #2
Head DIC Head Joined: 17 Mar, 2001 Posts: 15,277 Thanked: 61 times Dream Kudos: 1650 Expert In: Web Development My Contributions	I'm actually working on a presentation on XSS and SQL Injection and came across Scrawlr and ran it on a bunch of sites. Didn't find any vulnerabilities though. Kind of disappointing actually. I wanted to see it work. I crawled 36,000 pages on DIC... so yeh, the 1,500 limit is non-existent.
	This Post Was Helpful!

joeyadms	RE: Scrawlr - Finds SQL Injection Vulnerabilities 27 Jun, 2008 - 06:18 AM Post #3
D.I.C Head Joined: 4 May, 2008 Posts: 162 Thanked: 8 times Dream Kudos: 600 Expert In: PHP, Web Security My Contributions	Theres a couple of really great tools out there. I used to be primarily a security auditor, and have used BeEF a lot. Exploit-Me is also a neat firefox plugin for SQL/XSS tests.
	This Post Was Helpful!

PsychoCoder	RE: Scrawlr - Finds SQL Injection Vulnerabilities 27 Jun, 2008 - 06:24 AM Post #4
using DIC.Core; Joined: 26 Jul, 2007 Posts: 9,483 Thanked: 161 times Dream Kudos: 9075 Expert In: VB, VB.Net, C#, SQL, ASP, ASP.Net, Web Development, HTML, CSS, Win32 API, Javascript, mySQL, J#, Boo.Net My Contributions	Thank you guys so much for this tool. I crawled the web application that I am currently rewriting (the beta version that is up is in classic ASP, we're rewriting it in ASP.NET w/C#) and it found some issues. I've been telling the owner that the current architecture is a SQL Injection waiting to happen and no one would listen, now I have the proof. Thanks! PS: Those who know what the site is please don't be messing around lol, I'm trying to fix it lol
	This Post Was Helpful!

ZachR	RE: Scrawlr - Finds SQL Injection Vulnerabilities 27 Jun, 2008 - 03:31 PM Post #5
D.I.C Head Joined: 15 Jun, 2008 Posts: 124 Thanked: 2 times Dream Kudos: 150 My Contributions	This is a great tool, thanks for the post. There are a few draw backs though, but its great for finding basic vulnerabilities that could one day bring your site down.
	This Post Was Helpful!

Fast Reply

Reply to this topic

Start new topic

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Time is now: 1/9/09 12:48AM

Invision Power Board v2.1.7 © 2009 IPS, Inc.

Licensed to: MediaGroup1

Advertising | Terms of Use | Privacy Policy | About Us | Site Map

Forum Index: Programming Help | C and C++ | Visual Basic | Java | VB.NET | C# | ASP.NET | PHP | ColdFusion | Perl and Python | Ruby | Databases | Other Languages | Game Programming | Software Development | Computer Science | Industry News | Programming Tutorials | C++ Tutorials | Visual Basic Tutorials | Java Tutorials | VB.NET Tutorials | C# Tutorials | Linux Tutorials | PHP Tutorials | ColdFusion Tutorials | Windows Tutorials | HTML/JavaScript Tutorials | CSS Tutorials | Flash Tutorials | Web Promotion Tutorials | Photoshop Tutorials | Software Development Tutorials | Database Tutorials | Other Language Tutorials | ASP.NET Tutorials |

Copyright 2001-2008 MediaGroup1 LLC, All Rights Reserved
A MediaGroup1 LLC Production - Version 6.0.2.1.36
Server: secure2

Search^Updated!w00t

Over 509,000 Pages! Advanced Forum Search

Be Social

Live Help!

Tutorials

Programming

Web Development

Reference Sheets

Code Snippets

DIC Chatroom

Join our IRC Chat

Bye Bye Ads

Monthly Drawing

Top Contributors

Top 10 Kudos This Month