- SQL Injection functions
- Filter Evasion - Database-Specific String Escape (CHAR & CHR). Conversion of strings to quoted strings, conversion of spaces to comment tags or new lines
- Filter Evasion (MySQL-Specific) - String Concatenation, Percent Obfuscation & Integer Representation (eg: '26' becomes 'ceil(pi()*pi())*(!!!pi()+true)+ceil(@@version)', a technique presented by Johannes Dahse).
- UNION Statement Maker
- Quick insertion of common injections covering DB2, Informix, Ingres, MySQL, MSSQL, Oracle & PostgreSQL
- File Inclusion functions
- One-Click Log Poisoning
- Quick Shell Upload code generator
- PHP String Escape (chr)
- Cross-Site Scripting (XSS) functions
- Various handy alert statements for testing for XSS vulnerabilities.
- Hash functions
- MD5 Hash Crackers - Built-in (offline) and online MD5 hash crackers
- Hash Generators - MD5, SHA-1, SHA-2 (224, 256, 384 & 512), GOST, HAVAL (various), MD2, MD4, RIPEMD (128, 160, 256 & 320), Salsa10, Salsa20, Snefru (128 & 256), Tiger (various) & WHIRLPOOL
- URL Encoder/Decoder
- Hex Encoder/Decoder - Converts a string or integer to hexadecimal or vice-versa (multiple output formats supported).
- Base64 Encoder/Decoder
- CharCode Converter - Converts a string to charcodes (eg: 'abc' becomes '97,98,99') or vice-versa.
- IP Obfuscator - Converts an IP to dword, hex or octal.
- HTML functions
- HTML Escape/Unescape
- HTML Entity Encoder/Decoder - Decimal and hexadecimal HTML entity encoders & decoders
- Text Manipulation functions - Uppercase, Lowercase, Swap Case, Title Case, Reverse, Shuffle, Strip Slashes, Strip Spaces, Add Slashes, Char Separator
- CRC Calculators - CRC16, CRC32, CRC32b, and more.
- Classical Ciphers - ROT13 & ROT[N]
- Checksum Calculators - Adler-32 & Fletcher
- Buffer Overflow String Creator
- Random String & Number Generation functions
- URL Splitter
- Useful Strings - Math, character sets and more.
Version: 1.0 (Included with Sandcat) / License: Freeware
|Syhunt Code Extension Pack|
More details about it can be found here. This is a tool that can be used to harden government and education websites and open source web applications against web application security attacks.
SQL Injection Detection
Version: 5.0 / License: Enterprise (must be ordered at Syhunt)
|Syhunt Dynamic Extension Pack|
|Tor Extension for Sandcat|