Marathon Tool

Project Description

Marathon Tool is a POC for using heavy queries to perform a Time-Based Blind SQL Injection attack. This tool is still work in progress but is right now in a very good alpha version to extract information from web applications using Microsoft SQL Server, Microsoft Access, MySQL or Oracle Databases.

Application Supported features:

Database Schema extraction from SQL Server, Oracle and MySQL
Data extraction from Microsoft Access 97/2000/2003/2007 databases
Parameter Injection using HTTP GET or POST
SSL support
HTTP proxy connection available
Authentication methods: Anonymous, Basic, Digest and NTLM
Variable and value insertion in cookies (Does not support dynamic values)
Configuration available an flexible for injections
Configurable Log

Common Help Topics

Configuration

Reference Links

http://technet.microsoft.com/en-us/library/cc512676.aspx

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
src		src
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

src

src

.gitignore

.gitignore

LICENSE

LICENSE

README.md

README.md

Repository files navigation

Marathon Tool

Project Description

Application Supported features:

Common Help Topics

Reference Links

About

Releases

Packages

Languages

License

Telefonica/marathontool

Folders and files

Latest commit

History

Repository files navigation

Marathon Tool

Project Description

Application Supported features:

Common Help Topics

Reference Links

About

Resources

License

Security policy

Stars

Watchers

Forks

Languages