Wednesday 8 June 2016

Mole: Automatic SQL Injection Exploitation Tool

Mole: Automatic SQL Injection Exploitation Tool

Mole is an automatic SQL Injection exploitation tool which is developed by Nasel. It is only by offering a susceptible URL as well as a valid string on the site and it can identify the injection as well as exploit it.

Either by using the union technique or a technique which is based on the boolean query. The Mole uses a command based interface which allowing the user to point out the action that he wants to perform simply. 

Recently it supports the MySQL, SQL Server, and Oracle databases. Even the CLI also offers auto-completion on both commands as well as command arguments that making the user type as less as possible.


GNU General Public License version 3.0 (GPLv3)

  • It supports for injections by using Mysql, Postgres, SQL Server and Oracle databases.
  • It has automatic SQL injection exploitation by using union technique.
  • It also consists the automatic blind SQL injection exploitation.
  • Exploits SQL Injections in GET/POST/Cookie parameters.
  • It also supports for query filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily.
  • Exploits SQL Injections that return binary data.
  • Powerful command interpreter to simplify its usage.
  • It is developed in Python 3.
  • It has command line interface and even different types of commands targets the different actions.



Post a Comment

Note: only a member of this blog may post a comment.

Toggle Footer