advanced-sql-injection-scanner
iricartb
Ivan Ricart Borges - Test for didactic purposes of web pages vulnerables to SQL injection using dbo database user with xp_cmdshell execution permissions. Using patterns from Internet search engines to extract potentially vulnerable web addresses and test them by changing the GET parameters using invalid Transact-SQL conversion function to cause through unhandled errors by IIS web server to show critical information. If certain features are given and using advanced injection techniques a malicious attacker could gain control of the entire system by executing shell commands in the SQL database engine.
Growth over time
11 data points · 2021-08-01 → 2025-06-01How do you feel about this project?
Ask AI about advanced-sql-injection-scanner
Question copied to clipboardWhat is the iricartb/advanced-sql-injection-scanner GitHub project? Description: "Ivan Ricart Borges - Test for didactic purposes of web pages vulnerables to SQL injection using dbo database user with xp_cmdshell execution permissions. Using patterns from Internet search engines to extract potentially vulnerable web addresses and test them by changing the GET parameters using invalid Transact-SQL conversion function to cause through unhandled errors by IIS web server to show critical information. If certain features are given and using advanced injection techniques a malicious attacker could gain control of the entire system by executing shell commands in the SQL database engine.". Written in C#. Explain what it does, its main use cases, key features, and who would benefit from using it.
Question is copied to clipboard — paste it after the AI opens.
How to clone advanced-sql-injection-scanner
Clone via HTTPS
Clone via SSH
Download ZIP
Download master.zipFound an issue?
Report bugs or request features on the advanced-sql-injection-scanner issue tracker:
Open GitHub Issues