Update : MSSQLScan v0.8.4

There are lots of updates and one of then is MSSQLScan v0.8.4 .

This tool focus on MSSQL database. Audit your databse and find the missing security links before someone else dose.

A small multi-threaded tool that scans for Microsoft SQL Servers. The tool does it’s discovery by using UDP and returns a list of all detected instances with there respective protocols and ports.

How to use MSSQLScan

MSSQLScan -t <target_ip> [options]

Options:
-t <target> – target ip address(es)
-l <targetfile> – file with target ip adresses
-s <src> – source ip address
-T <threads> – maximum threads (default 50)
-v – verbose logging
-w <timeout> – timeout for replies (default 500 ms)
-o <file> – output to file

Sample

MSSQLScan -t 172.16.1-2.* -o results.txt

MSSQLScan is writtten in Java so it is operating system independent. So you can easly extract its source code.

Download MSSQLScan Here

Related Posts

• October 28, 2009 -- Scrawlr – Tool for finding SQL Injection
• September 4, 2009 -- mysqloit – A SQL Injection takeover tool
• March 15, 2010 -- UPDATE: sqlmap 0.8 Final!
• February 4, 2010 -- UPDATE: CAT.NET 2.0 – Beta!
• January 29, 2010 -- SecuBat – A Modular Web Vulnerability Scanner!
• January 27, 2010 -- WITOOL: A web SQL Injection Tool!
• January 15, 2010 -- mySQLenum – Automatic blind sql injection tool
• December 16, 2009 -- Microsoft Code Analysis Tool .NET – A Binary Code Analysis Tool!
• November 26, 2009 -- Pangolin – Automatic SQL injection penetration testing tool

Tagged as: database security, MSSQLScan, SQL Injection, Vulnerability Scanner