GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → xer0days → SQLi-Query-Tampering

xer0days / SQLi-Query-Tampering

Licence: Apache-2.0 license
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

sqlibug-bountypentestingbugbountyevasionbughuntingburp-pluginburpsuitepayload-generatorsqlinjectionburp-extensionsburpsuite-propentesting-tools

Projects that are alternatives of or similar to SQLi-Query-Tampering

Minesweeper
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+31.71%)
Mutual labels:  bugbounty, burp-plugin, burpsuite, burp-extensions
Burpbounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (+734.15%)
Mutual labels:  bug-bounty, bugbounty, burpsuite, burp-extensions
burp-token-rewrite
Burp extension for automated handling of CSRF tokens
Stars: ✭ 15 (-87.8%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Cstc
CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
Stars: ✭ 91 (-26.02%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
burp-wildcard
Burp extension intended to compact Burp extension tabs by hijacking them to own tab.
Stars: ✭ 119 (-3.25%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
vaf
Vaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+139.02%)
Mutual labels:  bug-bounty, bugbounty, burpsuite
Burpsuite Collections
BurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+778.86%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
burp-suite-utils
Utilities for creating Burp Suite Extensions.
Stars: ✭ 19 (-84.55%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Knife
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
Stars: ✭ 626 (+408.94%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Headless Burp
Automate security tests using Burp Suite.
Stars: ✭ 192 (+56.1%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
frida setup
One-click installer for Frida and Burp certs for SSL Pinning bypass
Stars: ✭ 47 (-61.79%)
Mutual labels:  bug-bounty, bugbounty, pentesting-tools
Burp Suite Error Message Checks
Burp Suite extension to passively scan for applications revealing server error messages
Stars: ✭ 45 (-63.41%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Burp Suite Software Version Checks
Burp extension to passively scan for applications revealing software version numbers
Stars: ✭ 29 (-76.42%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
flarequench
Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.
Stars: ✭ 44 (-64.23%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Hackbar
HackBar plugin for Burpsuite
Stars: ✭ 917 (+645.53%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Swurg
Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 94 (-23.58%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Aes Killer
Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
Stars: ✭ 446 (+262.6%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Recaptcha
reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
Stars: ✭ 596 (+384.55%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Burp Molly Pack
Security checks pack for Burp Suite
Stars: ✭ 123 (+0%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Jasmin-Ransomware
Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Stars: ✭ 84 (-31.71%)
Mutual labels:  bugbounty, burpsuite, pentesting-tools
View All Similar Projects ➔

SQLi Query Tampering

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder.

Advantages and Benefits

Sqlmap is a great automated tool for SQL vulnerabilities but it can be a little noisy when you perform pentesting or bug hunting! One of the cool part of Sqlmap is Tampering. Tampering gives us some functions/techniques to evade filters and WAF's.

SQLi Query Tampering gives you the flexibility of manual testing with many powerful evasion techniques. This extension has two part:

  1. Generator:
    • You are able to add your customized payloads
    • All evasion techniques grouped by DBMS type
    • Tampered payloads can be used as a Generator in Intruder or saved to clipboard/file

  1. Processor:
    • You have the ability to choose on of the tamper techniques as your processor
    • The processor can be added as a Payload Processor
    • You can add your payloads and tamper them based on the selected technique. Write one payload per line.

The list of Evasion Techniques:

apostrophemask, apostrophenullencode, appendnullbyte, between, bluecoat, chardoubleencode, charencode, charunicodeencode, charunicodeescape, commalesslimit, commalessmid, commentbeforeparentheses, concat2concatws, equaltolike, escapequotes, greatest, halfversionedmorekeywords, hex2char, htmlencode, ifnull2casewhenisnull, ifnull2ifisnull, informationschemacomment, least, lowercase, modsecurityversioned, modsecurityzeroversioned, multiplespaces, overlongutf8, overlongutf8more, percentage, plus2concat, plus2fnconcat, randomcase, randomcomments, sp_password, space2comment, space2dash, space2hash, space2morecomment, space2morehash, space2mssqlblank, space2mssqlhash, space2mysqlblank, space2mysqldash, space2plus, space2randomblank, symboliclogical, unionalltounion, unmagicquotes, uppercase, versionedkeywords, versionedmorekeywords, 0eunion, misunion, schemasplit, binary, dunion, equaltorlike

Requirements:

Manual installation:

  1. Extender -> Options
  2. Click Select file under Python environment
  3. Choose jython-standalone-2.5.jar
  4. Extender -> Extensions
  5. Click Add
  6. Change Extension Type to Python
  7. Choose sqli_query_tampering.py
  8. Done!

Usage notes:

  • All Tampered Queries (in Generator/Processor) returned in URL-Encoded
  • You can add a decode rule in Payload Processing section if you need URL-decoded payloads

Bug and Feature Request

Feel free to submit issues and enhancement requests.

Contributing

We appreciate all forms of contribution. When contributing to this repository, please first discuss the change you wish to make via issue, email, or any other method with the owners of this repository before making a change. Contribution can include adding new feature,tampering technique based on your experience/articles/sqlmap repo, making typo corrections and much more. In general, we follow the "fork-and-pull" Git workflow.

  1. Fork the repo on GitHub
  2. Clone the project to your own machine
  3. Commit changes to your own branch
  4. Check and Test your changes. You could use http://testphp.vulnweb.com/artists.php?artist=1 url as target and make sure the extension works properly.
  5. Push your work back up to your fork
  6. Submit a Pull request so that we can review your changes

NOTE: Be sure to merge the latest from "upstream" before making a pull request!

Changelog:

1.3:

  • Add Options tab:
    • Payloads Directory
    • Restore Defaults
  • Fix some issues in UI and Tamper module

1.2:

  • Add tamper technique:
    • equaltorlike: Replaces all occurrences of operator equal (=) with RLIKE counterpart
  • Add Load button in User-Defined Payloads section.
  • Auto saves the Tamper Techniques, User-Defined Payloads and Processor Technique configuration.

1.1:

  • Add tamper techniques:
    • 0eunion: Replaces instances of <int> UNION with <int>e0UNION
    • misunion: Replaces instances of UNION with -.1UNION
    • schemasplit: Replaces instances of DBName.TableName with DBName 9.e.TableName
    • binary: Injects keyword binary where possible
    • dunion: Replaces instances of <int> UNION with <int>DUNION

1.0:

  • Release
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].