Hi List- I am looking into SQL Inject vulnerabilities. I am attempting to determine if the current scripts will determine the following;
1). Will I be able to scan URL's as opposed to IP's to be able to scan virtual websites? 2). Will I be able to crawl the complete site as opposed to the top level page only? 3). Will it populate all form fields with test injection data? 4). Will the results which come back provide sufficient information to determine a positive/negative result? In initial review of the current scripts, I believe they fall short of my requirements. Please correct me if I am wrong. Or open this thread for further discussion on how I could modify the existing scripts to fulfill my requirements. Thank you, Drew Flickema
