Today, we are presenting our own Cyber Intelligence suite HOCSQLI.
An Automatic (SQL Injection) vulnerability scanner along with the complete demonstration tutorial.
What is in HOCSQLI Automatic SQL injection Vulnerability Scanner?
HOCSQLI is an easy way for penetration tester and bug bounty hunters to test SQL Injection vulnerability in the website. It can crawling and scan all the links as well.
Note: This HOCSQLI scanner wouldn’t require you to install any Library. It automatically detects, installs, and run the required files for you.
It’s main features are:
- It can scan A target anonymously using TOR
- Multi-threaded crawling
- Auto-detect method GET/POST
- Set cookie
- Set Random User agents
So lets start..
Requirements:
- Kali Linux OS > HOC SQLI (Download here)
How to install manually?
Open the Terminal and type the following codes
>git clone https://github.com/hackersonlineclub/HOCSQLI.git >cd HOCSQLI/ >sudo python3 hocsqli.py
Output results are as follows –
First step is to select Press 1 for scan without TOR or Press 2 for scan with TOR and hit enter
The second step is to select Press 1 for Quick scan it will scan only the given URL or Press 2 for Intensive scan it will scan all the links on a page (using crawl) is to enter the target website(If using intensive scan) or URL and hit enter.
Here our target is testphp.vulnweb.com/artist.php?artist=1
Intensive scan (scan all the URL in the website) with TOR
Press 2 for use HOCSQLI with TOR
Press 2 for Intensive scan it will scan all the links on a page (using crawl) is to enter the target website or URL and hit enter.
If you want to set cookies or random user agent press Y and then enter the Cookie details, else press N or n.
Here our target is testphp.vulnweb.com
Results:-
Also See: HOCIG Information Gathering Suite
