Links

sqlcheck.py

You got your SQLi in my PCAP!

About

  • Python script that reads in a list of reserved SQL keywords and scans a provided input to determine whether or not a SQL keyword is present.
  • Useful for PCAP analysis to determine the validity of SQLi security events.

Postmortem

  • Wrote this little diddy back in my SOC days. Shame I didn't think to also upload the required word list. Maybe I thought a simple list of SQL reserved words and symbols counted as proprietary info?