Safe3SI is one of the most powerful and easy usage penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
- Full support for http, https website.
- Full support for Basic, Digest, NTLM http authentications.
- Full support for GET, Post, Cookie sql injection.
- Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, SQLite, Firebird, Sybase and SAP MaxDB database management systems.
- Full support for four SQL injection techniques: blind, error-based, UNION query and force guess.
- Powerful AI engine to automatic recognite injection type, database type, sql injection best way.
- Support to enumerate databases, tables, columns and data.
- Support to read,list and write any file from the database server underlying file system when the database software is MySQL or Microsoft SQL Server.
- Support to execute arbitrary commands and retrieve their standard output on the database server underlying operating system when the database software is Oracle or Microsoft SQL Server.
- Support to ip domain query,web path guess,md5 crack etc.
- Support for sql injection scan.