Friday, December 9, 2011

NTO SQL Invader Released

NTO SQL Invader gives the ability to quickly and easily exploit or demonstrate SQL Injection vulnerabilities in Web applications. With a few simple clicks, you will be able to exploit a vulnerability to view the list of records,tables and user accounts of the back-end database.

Easy to use - The tool’s GUI interface enables you to simply paste the injectable request found by a DAST tool or feed a detailed request straignt from an application scan report. You can then control how much information is harvested.

Clearly presents evidence - Unlike tools that provide all data via command line, NTO SQL Invader provides the data in a organized manner that is useful for both executive meetings as well as technical analysis and remediation.

Enables easy transport of logging data - All of the data harvested from NTO SQL Invader can be saved into a CSV file so the reports can be included as penetration evidence as part of a presentation or POC.


No comments: