NT OBJECTives, an application security vendor based in Irvine, California, has released a new tool that not only scans for SQL Injection vulnerabilities, but also exploits them with just a few extra clicks.
The tool, NTO SQL Invader, works as a stand-alone tool, but when used in combination with NT OBJECTives’ other products can take advantage of additional reporting abilities. While not the only SQL Injection scanner / exploitation tool available, the interface is clean and easy to follow, which can offer IT teams and security auditors the ability to not only say there is a problem, but show solid proof as well.
“Accurate vulnerability identification is a crucial and challenging task but it is only half the battle,” says Dan Kuykendall, co-CEO and CTO of NT OBJECTives.
“We wanted to support organizations in their analysis and remediation efforts by providing an easy to use tool that enables penetration testers to demonstrate how these vulnerabilities can be exploited. We felt it was important to provide a free and useful tool to our customers and to the entire community.”
While we can hype the tool and its ease of use all day long, it’s better to see for yourself.
NT OBJECTives has a quick three minute demo video showing the basics of the tool, which for most testers and security analysts highlights everything needed to get up and running.