Re: Open Source Database Auditing

From: Joxean Koret (joxeankoret@yahoo.es)
Date: Thu May 10 2007 - 14:02:36 EDT


Hi Bobby,

On jue, 2007-05-10 at 15:58 +0000, holstein.robert@bls.gov wrote:
> Hey all.
>
> I'm looking for open source database vulnerability assessment and penetration testing tools. Tips and techniques, and any related documentation would also be helpful. This is specific to Oracle9i-10G, but I would welcome input for any other DB's as well.
>

You have many interesting tools listed here:

http://www.petefinnigan.com/tools.htm

You can also take a look to the Inguma project
(http://sourceforge.net/projects/inguma) which is Open Source and
written in python and, if you're looking for exploits, in Milw0rm. There
are a couple of Oracle 9i and 10g exploits.

---
Regards,
Joxean Koret
> We have commercial tools on-site but are not licensed to assess devices outside our IP range.
> 
> Thanks in advance! 
> Bobby 
> 
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
> 
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
> 
> http://www.cenzic.com/c/2020
> ------------------------------------------------------------------------
> 

                
______________________________________________
LLama Gratis a cualquier PC del Mundo.
Llamadas a fijos y msviles desde 1 cintimo por minuto.
http://es.voice.yahoo.com




This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:47 EDT