Discover Yahoo! With Your Friends

Explore news, videos, and much more based on what your friends are reading and watching. Publish your own activity and retain full control.

To get started, first

YOUR FRIENDS' ACTIVITY

    NT OBJECTives Releases Free SQL Invader Tool

    PRWeb – Thu, Dec 8, 2011

    NTO SQL Invader Provides Pen Testers and Developers the Ability to Quickly and Easily Exploit and Demonstrate SQL Injection Vulnerabilities in Web Applications

    Irvine, CA (PRWEB) December 08, 2011

    NT OBJECTives, a provider of automated, comprehensive and accurate Web Application security software, services and SaaS, today announced the availability of NTO SQL Invader, a free tool which provides pen testers and developers the ability to quickly and easily exploit and demonstrate SQL Injection vulnerabilities in Web applications.


    Most organizations understand that SQL Injection vulnerabilities put their sensitive data at risk and it has been the dominant method used in this year’s high-profile web application attacks; with millions of sites attacked in 2011.

    Despite the fact that SQL Injection is well documented and there are tools to discover the vulnerabilities, it has been very difficult to determine if the vulnerability can actually be exploited because most existing SQL Injection testing tools are executed from a command line, lack an intuitive user interface or are no longer supported. Without the ability to clearly demonstrate the exploitability of a vulnerability, remediation efforts are often delayed and friction between security and development teams surfaces. NTO SQL Invader allows pen testers and developers to quickly and easily leverage a vulnerability to view the list of records, tables and user accounts on the back-end database.

    With a few simple clicks in NTO SQL Invader, a user can exploit a web application vulnerability that was discovered manually or from a Dynamic Application Security Testing (DAST) tool like NTOSpider. NTO SQL Invader works as a stand-alone tool and also includes integration with NTOSpider’s reporting technology to assist pen testers and developers in quickly identifying and validating discovered vulnerabilities. While reviewing and confirming results from NTOSpider, users can leverage NTO SQL Invader to provide a polished, real-world proof-of-concept for the discovered SQL Injection vulnerabilities.


    "Accurate vulnerability identification is a crucial and challenging task but it is only half the battle,” says Dan Kuykendall, co-CEO and Chief Technology Officer of NT OBJECTives. “We wanted to support organizations in their analysis and remediation efforts by providing an easy to use tool that enables penetration testers to demonstrate how these vulnerabilities can be exploited. We felt it was important to provide a free and useful tool to our customers and to the entire community.”

    Product Benefits Overview:


    Ease of use and validation – NTO SQL Invader’s GUI interface enables users to simply paste the injectable request found by the DAST tool into NTO SQL Invader and then select “Start Detecting Injection” to identify the injectable parameter/input. Users can also feed a more detailed request straight into NTO SQL Invader from NTOSpider’s report or BurpSuite. Once the injection is identified, the user is in control of how much information is harvested, all from the simple to use GUI interface.

    Clear Presentation Evidence – NTO SQL Invader provides the evidence required to demonstrate that the vulnerability truly exists in a polished method that can be leveraged in both executive meetings and remediation discussions. NTO SQL Invader users execute are able to clearly shows the acquisition of data from the back-end database in a way that makes it easy for both technical and business viewers to understand. Sometimes it just takes a compelling screenshot or video to silence the skeptics on the validity of a vulnerability. While the command line tools are effective, they do not present polished, organized or clear information in a presentation setting.

    Transportable logging data – All of the data harvested from NTO SQL Invader can be saved into a CSV file so the reports can be included as penetration evidence as part of a presentation or POC.

    About NT OBJECTives


    NT OBJECTives, Inc brings together an innovative collection of experts in information security to provide a comprehensive suite of technologies and services to solve today’s toughest application


    security challenges. NTO solutions are well-known as the most comprehensive and accurate Web Application security solutions available. NT OBJECTIVES is privately held with headquarters in Irvine, CA. For more information on NTO SQL Invader or to view the product video visit http://whttp://www.ntobjectives.com/sqlinvader

    ###

    Kari Walker
    NT OBJECTives
    703.928.9996
    Email Information


     

    There are no comments yet

    [ [ [['Connery is an experienced stuntman', 2]], 'http://yhoo.it/KeQd0p', '[Slideshow: See photos taken on the way down]', ' ', '630', ' ', ' ', ], [ [['Connery is an experienced stuntman', 7]], ' http://yhoo.it/KpUoHO', '[Slideshow: Death-defying daredevils]', ' ', '630', ' ', ' ', ], [ [['know that we have confidence in', 3]], 'http://yhoo.it/LqYjAX ', '[Related: The Secret Service guide to Cartagena]', ' ', '630', ' ', ' ', ], [ [['We picked up this other dog and', 5]], 'http://yhoo.it/JUSxvi', '[Related: 8 common dog fears, how to calm them]', ' ', '630', ' ', ' ', ], [ [['accused of running a fake hepatitis B', 5]], 'http://bit.ly/JnoJYN', '[Related: Did WH share raid details with filmmakers?]', ' ', '630', ' ', ' ', ], [ [['accused of running a fake hepatitis B', 3]], 'http://bit.ly/KoKiqJ', '[Factbox: AQAP, al-Qaeda in Yemen]', ' ', '630', ' ', ' ', ], [ [['have my contacts on or glasses', 3]], 'http://abcn.ws/KTE5AZ', '[Related: Should the murder charge be dropped?]', ' ', '630', ' ', ' ', ], [ [['have made this nation great as Sarah Palin', 5]], 'http://yhoo.it/JD7nlD', '[Related: Bristol Palin reality show debuts June 19]', ' ', '630', ' ', ' ', ], [ [['have made this nation great as Sarah Palin', 1]], 'http://bit.ly/JRPFRO', '[Related: McCain adviser who vetted Palin weighs in on VP race]', ' ', '630', ' ', ' ', ], [ [['A JetBlue flight from New York to Las Vegas', 3]], 'http://yhoo.it/GV9zpj', '[Related: View photos of the JetBlue plane in Amarillo]', ' ', '630', ' ', ' ', ], [ [['the 28-year-old neighborhood watchman who shot and killed', 15]], 'http://news.yahoo.com/photos/white-house-stays-out-of-teen-s-killing-slideshow/', 'Click image to see more photos', 'http://l.yimg.com/cv/ip/ap/default/120411/martinzimmermen.jpg', '630', ' ', 'AP', ], [ [['Titanic', 7]], 'http://news.yahoo.com/titanic-anniversary/', ' ', 'http://l.yimg.com/a/p/us/news/editorial/b/4e/b4e5ad9f00b5dfeeec2226d53e173569.jpeg', '550', ' ', ' ', ], [ [['He was in shock and still strapped to his seat', 6]], 'http://news.yahoo.com/photos/navy-jet-crashes-in-virginia-slideshow/', 'Click image to see more photos', 'http://l.yimg.com/cv/ip/ap/default/120406/jet_ap.jpg', '630', ' ', 'AP', ], [ [['xxxxxxxxxxxx', 11]], 'http://news.yahoo.com/photos/russian-grannies-win-bid-to-sing-at-eurovision-1331223625-slideshow/', 'Click image to see more photos', 'http://l.yimg.com/a/p/us/news/editorial/1/56/156d92f2760dcd3e75bcd649a8b85fcf.jpeg', '500', ' ', 'AP', ] ]
    [ [ [['did not go as far his colleague', 8]], '29438204', '0' ], [ [[' the 28-year-old neighborhood watchman who shot and killed', 4]], '28924649', '0' ], [ [['because I know God protects me', 14], ['Brian Snow was at a nearby credit union', 5]], '28811216', '0' ], [ [['The state news agency RIA-Novosti quoted Rosaviatsiya', 6]], '28805461', '0' ], [ [['measure all but certain to fail in the face of bipartisan', 4]], '28771014', '0' ], [ [['matter what you do in this case', 5]], '28759848', '0' ], [ [['presume laws are constitutional', 7]], '28747556', '0' ], [ [['has destroyed 15 to 25 houses', 7]], '28744868', '0' ], [ [['short answer is yes', 7]], '28746030', '0' ], [ [['opportunity to tell the real story', 7]], '28731764', '0' ], [ [['entirely respectable way to put off the searing constitutional controversy', 7]], '28723797', '0' ], [ [['point of my campaign is that big ideas matter', 9]], '28712293', '0' ], [ [['As the standoff dragged into a second day', 7]], '28687424', '0' ], [ [['French police stepped up the search', 17]], '28667224', '0' ], [ [['Seeking to elevate his candidacy back to a general', 8]], '28660934', '0' ], [ [['The tragic story of Trayvon Martin', 4]], '28647343', '0' ], [ [['Karzai will get a chance soon to express', 8]], '28630306', '0' ], [ [['powerful storms stretching', 8]], '28493546', '0' ], [ [['basic norm that death is private', 6]], '28413590', '0' ], [ [['songwriter also saw a surge in sales for her debut album', 6]], '28413590', '1', 'Watch music videos from Whitney Houston ', 'on Yahoo! Music', 'http://music.yahoo.com' ], [ [['keyword', 99999999999999999999999]], 'videoID', '1', 'overwrite-pre-description', 'overwrite-link-string', 'overwrite-link-url' ] ]

    News For You

    Loading...