SQL Invader Download

Easily exploit or demonstrate SQL injection vulnerabilities

SQL Invader is a GUI-based free tool that allows testers to easily and quickly exploit a SQL Injection vulnerability, get a proof of concept with database visibility and export results into a csv file. With just a few clicks, you will be able to view the list of records, tables and user accounts on the back-end database.

SQL Invader works as a standalone solution or in conjunction with AppSpider and enables you to:

  •  Paste the injectable request straight from an application scan report
  •  Control how much information is harvested.
  •  View data in an organized manner using tree control and data grids.
  •  Leverage logging data in CSV file

SQLInvader is:

Easy To Use - The tool’s GUI interface enables you to simply paste the injectable request found by a DAST tool or feed a detailed request straight from an application scan report. You can then control how much information is harvested.

Clearly Presents Evidence - Unlike tools that provide all data via command line, SQL Invader provides the data in a organized manner that is useful for both executive meetings as well as technical analysis and remediation.

Enables Easy Transport of Logging Data - All of the data harvested from SQL Invader can be saved into a CSV file so the reports can be included as penetration evidence as part of a presentation or POC.


Fill out the form below to download SQL Invader