SQLInjectionFinder.exe (2010)

Rating: No reviews yet
Downloads: 7248
Released: May 14, 2008
Updated: Jun 8, 2010 by GCTech
Dev status: Stable Help Icon

Recommended Download

Application SQLInjectionFinder.exe
application, 1192K, uploaded Jun 8, 2010 - 4421 downloads

Other Available Downloads

Example Sample .CSV Output File
example, 13K, uploaded May 15, 2008 - 1295 downloads
Example Sqlinject.jpg
example, 100K, uploaded May 16, 2008 - 1532 downloads

Release Notes

SQLInjectionFinder.exe (v2010)
Tool to help determine .asp pages targeted by SQL Injection attacks

Usage:
1. Launch SQLInjectionFinder.exe on the IIS machine where the suspected SQL Injection occurred.
2. The tool looks for the location of the IIS Logs (as it may or may not be in system32\Logfiles)
3. It then navigates through each subfolder and parses each IIS log... looking for “CAST(“ statements
4. If suspicious entries are found, CSV output files are created at the following location:
   %Systemdrive%\CSSSEC_SQLInJectFinder\DATA

Reviews for this release

No reviews yet for this release.