A SQL injection scanner is an automated tool used to verify the vulnerability of websites and web apps for potential SQL injection attacks. During a SQL injection attack, the hacker attempts to illegally retrieve stored database information like usernames, passwords, etc. SQL injection scanners test the websites and web apps to check whether they are prone to SQL injection attacks.
SQL injection is probably the most prevalent web app hacking technique that attempts to pass SQL commands via a web application to cause undesired results. Automated web vulnerability scanners are considered the ideal choice for checking SQL injection vulnerabilities in websites and web apps. This helps the web admin to instantly fix the code to protect the websites or web apps from any potential SQL injection attacks. SQL injection scanners’ simple, automated methods save time and effort.
SQL injection attacks include visible and blind attacks. There are many scanners available in the market, which check for potential visible and blind injection attacks. IBM's AppScan, Cenzic's Hailstorm and HP's WebInspect are some examples.
The following are some open-source SQL injection scanners, amongst many others:
Share this Term
Do you work in the tech industry? Help us learn more about why the gender gap still exists in tech by taking this quick survey! Survey respondents will also be entered to win a $100 Amazon Gift Card!
