jsql-injection – Java based Automatic SQL Injection Tool

Today about all programing languages support the working with databses, This makes in penetration test you will need to have several tool to pentest targeted platform. If you want to pentest Java based platform you can consider jSQL. jSQL Injection is a small open source cross-platform application that can be used to run Java based SQL injection attack this is during pentesting JAVA based platform. Version 0.4 features:

  • GET, POST, header, cookie methods
  • Normal, error based, blind, time based algorithms
  • Automatic best algorithm selection
  • Multi-thread control (start/pause/resume/stop)
  • Progression bars
  • Shows URL calls
  • Simple evasion
  • Proxy setting
  • Distant file reading
  • Webshell deposit
  • Terminal for webshell commands
  • Configuration backup
  • Update checker
  • Admin page checker
  • Brute forcer (md5 mysql…)
  • Coder (encode decode base64 hex md5…)
  • Supports MySQL


Running injection requires the URL of a local or distant server, and the name of parameter to inject. You can download the tool from this link: https://code.google.com/p/jsql-injection/

Notify of
Inline Feedbacks
View all comments