BSQL Hacker – Advanced SQL Injection Framework / Tool

Posted by c4pr1c3 on August 22, 2008

BSQL Hacker is an automated SQL Injection Framework / Tool designed to

exploit SQL injection vulnerabilities virtually in any database.

It ships with Automated Attack modules which allows to dump whole database:

  • SQL Server


  • MySQL (experimental)

Attack Templates :

  • MS Access

  • MySQL


  • PostgreSQL

  • MS SQL Server

Also you can write your own attack template for any other database as

well (see the manual for details). New attack templates and exploits

for specific web application can be shared via Exploit Repository.

BSQL Hacker aims for experienced users as well as beginners who want

to automate SQL Injections (especially Blind SQL Injections).

It supports :

  • Blind SQL Injection (Boolean Injection)

  • Full Blind SQL Injection (Time Based)

  • Deep Blind SQL Injection (a new way to exploit BSQLIs, explained

in here :

  • Error Based SQL Injection

It allows metasploit alike exploit repository to share and update

exploits and attack tempate.

Download, Screenshots, Source Code and More Information :

Injection Wizard Video: