This tool is designed to automate the testing of SQL Injection vulnerabilities against a deployed instance of WAVSEP (Web Application Vulnerability Scanner Evaluation Project). It offers a systematic approach to assess different types of SQL injection techniques by sending requests to various endpoints and analyzing the responses. Features
- Dynamic URL Input: Users can manually enter a URL to test or choose "random" to automatically select a URL from a pre-defined list.
- URL Validation: Ensures that the entered or selected URL is well-formed and reachable.
- Detection Techniques:
- Basic SQL Injection: Tests for simple tautologies in SQL queries.
- Union-Based SQL Injection: Checks if the SQL UNION operator can be used to append additional results to the query, indicating potential vulnerability.
- Blind SQL Injection: Employed when union-based methods are ineffective, testing for changes in responses to infer SQL query structure.
Ensure Python 3.x is installed on your system. You can install it from Python's official site. Dependencies
Before running the scripts, install the necessary Python libraries:
pip install -r requirements.txtTo start the testing process, navigate to the project directory and run:
python main.pyYou will be prompted to enter a URL or type "random" to select a URL from the pre-defined list.
- URL Input: Input a specific URL or type "random" to use a URL from the provided list (urls.txt).
- URL Format Check: Verifies the syntactical correctness of the input URL.
- Reachability Check: Confirms that the URL is accessible.
- Input Tag Detection: Scans the HTML content of the URL for input fields where payloads can be injected. If no input tags are found, the program exits.
- SQL Injection Testing:
- Basic SQLI: Tests tautological inputs in the SQL queries.
- Union-Based SQLI: Attempts to use the UNION SQL operator to detect visible query alterations in the response.
- Blind SQLI: Uses time delays and other indirect methods to infer the presence of SQL injection vulnerabilities when direct methods fail.
- main.py: Initiates the testing process.
- functions.py: Helper functions for various operations.
- url_manager.py: Manages URL input and validation.
- urls.txt: Contains a list of test URLs (from WAVSEP).
Ethical Use Only: This tool is intended for security research and testing purposes on environments that you have explicit authorization to test. It is designed to aid in the development and understanding of SQL injection vulnerabilities within controlled settings.
Prohibited Usage: Under no circumstances should this tool be used against public or third-party websites without explicit permission from the site owner. Unauthorized use of this tool to perform security testing on websites you do not own or have permission to test can result in legal consequences, IP bans, or other punitive measures taken by the affected parties.
Liability: The creators and contributors of this tool assume no liability for any misuse of the software or any damages that may occur from its use in unauthorized contexts. It is the user's responsibility to adhere to all applicable local, state, national, and international laws regarding cybersecurity practices.
Caution: Always ensure that your testing is ethical and lawful. If in doubt, seek explicit consent before proceeding.