Ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws.
Ghauri is designed to simplify SQL injection testing. Key features include:
- Support for boolean-based, error-based, and time-based injection techniques.
- Compatibility with MySQL, Microsoft SQL Server, Postgres, and Oracle databases.
- Versatile injection across GET/POST, headers, cookies, multipart form data, JSON, and SOAP/XML.
- Proxy support, request parsing from files, and data extraction limiting.
- Additional features include resuming phases, skipping URL encoding, verifying extracted characters, handling redirects, and a SQL shell.
