3 个仓库
Tools for extracting metadata and content from database management systems.
Distinguishing note: Focuses on the extraction of database structure and content for security assessment.
Explore 3 awesome GitHub repositories matching data & databases · Database Enumerators. Refine with filters or upvote what's useful.
This project is an automated security testing suite designed to detect and exploit database vulnerabilities. It functions as a command-line utility that streamlines the identification, verification, and exploitation of web application flaws by automating the injection of malicious payloads into input parameters. The tool provides a comprehensive framework for database enumeration, allowing users to extract schema information, user data, and system configurations from identified injection points. What distinguishes this tool is its sophisticated engine for dynamic payload adaptation and heuris
Extracts users, tables, columns, and data from database management systems to verify access.
Pacu is an exploitation framework designed for auditing and testing the security of Amazon Web Services environments. It serves as a cloud penetration testing tool and resource enumerator used to identify misconfigurations, map attack surfaces, and execute privilege escalation paths. The framework provides specialized capabilities for post-exploitation and red team operations, including establishing persistence through identity and access management backdooring. It distinguishes itself with a plugin-based module system that allows for the development of custom tasks and the orchestration of A
Stores retrieved environment information in a local database to reduce API calls and track state across sessions.
Ghauri 是一个自动化 SQL 注入扫描和利用工具,旨在检测易受攻击的数据库并从中提取数据。它作为数据库数据渗出框架,识别安全漏洞并检索系统横幅、主机名和数据库模式。 该工具识别跨多个输入向量(包括 HTTP 标头、Cookie、JSON、SOAP 和 XML)的布尔型、报错型、时间盲注和堆叠查询漏洞。它提供自动化数据库渗出能力,并处理批量目标列表以识别跨多个环境的漏洞。 该系统通过代理路由和用户代理随机化包含网络流量混淆功能,以绕过安全限制。它还管理会话状态持久性,以允许恢复中断的数据提取过程,并提供限制检索记录数量的控制选项。
Retrieves system banners, hostnames, current users, and full database schemas including table entries.