SQL Injection Scanner

What Does SQL Injection Scanner Mean?

A SQL injection scanner is an automated tool used to verify the vulnerability of websites and web apps for potential SQL injection attacks. During a SQL injection attack, the hacker attempts to illegally retrieve stored database information like usernames, passwords, etc. SQL injection scanners test the websites and web apps to check whether they are prone to SQL injection attacks.


Techopedia Explains SQL Injection Scanner

SQL injection is probably the most prevalent web app hacking technique that attempts to pass SQL commands via a web application to cause undesired results. Automated web vulnerability scanners are considered the ideal choice for checking SQL injection vulnerabilities in websites and web apps. This helps the web admin to instantly fix the code to protect the websites or web apps from any potential SQL injection attacks. SQL injection scanners’ simple, automated methods save time and effort.

SQL injection attacks include visible and blind attacks. There are many scanners available in the market, which check for potential visible and blind injection attacks. IBM’s AppScan, Cenzic’s Hailstorm and HP’s WebInspect are some examples.

The following are some open-source SQL injection scanners, amongst many others:

  • SQLIer
  • SQL Injection Brute-forcer
  • BobCat
  • SQLMap
  • Absinthe
  • SQL Power Injector
  • SQL Injection Pen-testing Tool
  • Blind SQL Injection Perl Tool
  • SQLNinja

Related Terms

Margaret Rouse
Technology Expert

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.