Hack Tool Repository

Categories Platforms Tools List Links News

By Name | By Date | By Popularity

By Name | By Date | By Popularity | Platform overview

By Name | By Date | By Popularity | By Rating

By Name | By Date | By Popularity | By Category

By Group | By Name | By Date | By Popularity

By Date | By Popularity

Database sorted by name

Web	www.hacktoolrepository.com

All tools related to database vulnerabilities and editing

Berkeley DB

Oracle Berkeley DB is a family of open source, embeddable databases that allows developers to incorporate within their applications a fast, scalable, transactional database engine with industrial grade reliability and availability.

Site: http://www.oracle.com/database/berkeley-db/in
Hits: 31537

db2utils

db2utils is a small collection of db2 utilities. It currently features three different tools db2disco, db2fakesrv and db2getprofile.db2disco is used to discover hosts running db2 on the network. It sends an UDP discovery packet either to the broadcast address or to a specific host and collects information regarding the hostname and db2 version.db2fakesrv responds to discovery packets with a forged hostname and version. The tool was initially written to test the discovery program.db2getprofile fe...

Site: http://www.cqure.net/wp/db2utils/
Hits: 31329

Oracle Auditing Tools

The Oracle Auditing Tools is a toolkit that could be used to audit security within Oracle database servers. The OAT use CREATE LIBRARY to be able to access the WinExec function in the kernel32.dll in Windows or the system call in libc on Un*x. Having access to this function makes it possible to execute anything on the server with the same security context as the user who started the Oracle Service. So basicaly all accounts with default passwords, or easy guessable password, having this privelege...

Site: http://www.cqure.net/wp/test/
Hits: 31467
Comments: 1

OScanner

Oscanner is an Oracle assessment framework developed in Java. It has a plugin-based architecture and comes with a couple of plugins that currently do:

- Sid Enumeration
- Passwords tests (common & dictionary)
- Enumerate Oracle version
- Enumerate account roles
- Enumerate account privileges
- Enumerate account hashes
- Enumerate audit information
- Enumerate password policies
- Enumerate database links

The results are given in a graphical java tree.

Site: http://www.cqure.net/wp/oscanner/
Hits: 31030
Comments: 1

Scully

Scully is a client interface to MSSQL and MySQL database servers. No more need for MSSQL/MySQL client libraries to be installed and no more need to setup an ODBC connection either. Simply add IP/Hostname, username, password, port and database name and SQL away. Scully also performs password brute forcing for MySQL and MSSQL.

Site: http://www.sensepost.com/research/scully/
Hits: 30778

SQL Auditing Tools

SQLAT is a suite of tools which could be usefull for pentesting a MS SQL Server. The tools are still in development but tend to be quite stable.

The tools do dictionary attacks, upload files, read registry and dump the SAM. They do this by wrapping extended stored procedures. There is also a tool for doing a minimal analysis of a SQL Server with output as HTML. You need to be ‘sa’ to run some of the tools, but this usually isn’t a problem.

Site: http://www.cqure.net/wp/sql-auditing-tools/
Hits: 635
Comments: 1