Home Web Application Security waybackSqliScanner – Tool to Gather URLs from Wayback Machine Then Test For SQL Injection

waybackSqliScanner – Tool to Gather URLs from Wayback Machine Then Test For SQL Injection

June 15, 2023 Leave a Comment
WaybackSQLiScanner automatically gather urls from wayback machine then test each GET parameter for sql injection

SQL injection vulnerabilities are among the most common and critical security issues that web applications face. To aid security researchers and developers in identifying SQL injection vulnerabilities more effectively, tools like WaybackSQLiScanner have emerged. WaybackSQLiScanner leverages the power of the Wayback Machine to discover historical versions of a website and automate the process of SQL injection discovery. With WaybackSQLiScanner you can automate identifying SQL injection vulnerabilities.

WaybackSQLiScanner

WaybackSQLiScanner is an open-source tool that combines the power of the Wayback Machine with SQL injection detection techniques. It aims to simplify the process of identifying SQL injection vulnerabilities by analyzing historical snapshots of a website available on the Wayback Machine.

WaybackSQLiScanner automatically gather urls from wayback machine then test each GET parameter for sql injection. Or if you want to just crawl all urls from wayback machine you can use Waybackurls.

Key Features and Functionality

  1. Wayback Machine Integration: WaybackSQLiScanner leverages the Wayback Machine’s vast archive of web pages to retrieve historical versions of a target website. By analyzing these versions, it seeks to identify potential SQL injection vulnerabilities that may have existed in the past.
  2. SQL Injection Detection: The tool employs various techniques to detect SQL injection vulnerabilities within the retrieved website snapshots. It analyzes the URL parameters, form fields, and other user input points to identify potential points of vulnerability.
  3. Payload Generation: WaybackSQLiScanner provides a range of SQL injection payloads that it injects into the retrieved web pages. These payloads are designed to trigger SQL errors or produce unexpected behavior, indicating the presence of SQL injection vulnerabilities.
  4. Flexible Configuration: The tool allows researchers to configure different aspects of the scanning process, such as the depth of the Wayback Machine search, the payload set to use, and the level of verbosity for logging and reporting.
  5. Reporting and Collaboration: WaybackSQLiScanner generates comprehensive reports containing information about identified SQL injection vulnerabilities, affected URLs, and payload details. These reports facilitate collaboration with developers and aid in the timely remediation of the discovered vulnerabilities.
See also  EyeWitness – Tool To Take Screenshots of Websites, Provide Server Header Info

Installation

$ git clone https://github.com/ghostlulzhacks/waybackSqliScanner.git $ cd waybackSqliScanner

Usage

$ python main.py example.com

Download waybackSqliScanner

You May Also Like

OpenRedireX – Open Redirect Scanner and Fuzzer Tool

Bypass 403 – Simple Script For Bypassing 403 Forbidden Response

Burpgpt –  Integrate OpenAI GPT with Burp Suite to Discover Highly Bespoke Vulnerabilities

Commix – Automated OS Command Injection Exploitation Tool

FFUF – Fast Web Fuzzing Tool

ParamSpider – Website Parameter Scraping Tool

Leave a Reply

Your email address will not be published. Required fields are marked *

16 + 14 =

Exit mobile version