On adding jSQL Injection

[ron190]

Hi,

I'm re-posting an addition request for jSQL Injection as you invited to (spoiler and bias: I'm the creator of jSQL).
Github: https://github.com/ron190/jsql-injection

The tool is similar to sqlmap but there are differences about design and features, differences are:

- 23 databases supported by jSQL, 12 by sqlmap,
- Recent graph and nosql databases supported by jSQL like Neo4j,
- User oriented GUI (like Burp, W3af, Wireshark...), no bunches of CLI's switches to remember,
- Therefore opened to beginners too,
- No Python, written in Java like Burp,
- Injection algorithms are different,
- SQL syntax is directly accessible to study and to live modifications, no internal design understanding and programming skill required,
- What's happening under the hood is visible, like SQL queries and HTTP requests,
- Visualization of files, admin pages and shells in tabs,
- ...

Users like to use both tools together because the approach is different.

Regards,
ron190

[ostendali]

you are claiming that your tool is much better than the solid sqlmap.

The main reason we wouldn't include is because of similarities but if you can prove your tools is better we surely consider it of course.

We will try it ourselves as well internally apart from your test.

Thanks

[ron190]

Hum, my post is about the differences between the tools, not on jsql being better than sqlmap, I'm not mental :)

The tools are simply different, only you can judge if Backbox can have a use of it. If it's useless for Backbox users' base, I'm completely fine with it.