SQL Inject Me
SQL Inject Me is a lightweight browser extension for Firefox that can test web resources for vulnerabilities to SQL injections in a non-intrusive manner. It does not, in any way, modify the databases, nor does it tamper with their security.
For those unfamiliar with the term, SQL injection is a type of attack that targets databases and websites, allowing a hacker to manipulate content, including dumping tables and wiping resources altogether.
In what prevention measures are concerned, there are several software options that can create a shield against such attacks and verify databases for vulnerabilities. SQL Inject Me is part of the latter category and can make you aware of potential breaches before they turn into a real jeopardy.
The extension can be accommodated inside the browser by a simple drag and drop onto an open window and requires a restart for the changes to take effect. It works silently, by sending representative strings through your HTML forms and assesses if your website is prone to SQL injection attacks by reading error messages triggered by this query.
The behavior of the add-on can be configured from the Options window, where you can set the total number of attacks to be performed, as well as to manage the list of SQL injection strings. The list is already populated with the most popular approaches, but it can be enriched with your own records. You can also import data from a local XML file, if that’s more comfortable.
In conclusion, SQL Inject Me is an out-of-the-box extension that can arrange for SQL injection tests to be carried out in an elegant manner. It can determine if your databases or websites are likely to be taken down by an attacker, urging you to make the necessary security adjustments.