Posts Tagged ‘freeware’

Posted on July 1, 2008 - by snipe

Identify and Fix SQL Injection Vulnerabilities in Web Applications

Scrawlr is a free software for scanning SQL injection vulnerabilities on your web applications, developed by HP Web Security Research Group in coordination with Microsoft Security Response Center.

Scrawlr crawls a website while simultaneously analyzing the parameters of each individual web page for SQL Injection vulnerabilities.

After the scanning process, if it can find vulnerabilities, it will display your database table names as a proof of the possible SQL injection vulnerabilities.

From the HP Scrawlr website:

Technical details for Scrawlr

• Identify Verbose SQL Injection vulnerabilities in URL parameters
• Can be configured to use a Proxy to access the web site
• Will identify the type of SQL server in use
• Will extract table names (verbose only) to guarantee no false positives

Scrawlr does have some limitations versus our professional solutions and our fully functional SQL Injector tool

• Will only crawls up to 1500 pages
• Does not support sites requiring authentication
• Does not perform Blind SQL injection
• Cannot retrieve database contents
• Does not support JavaScript or flash parsing
• Will not test forms for SQL Injection (POST Parameters)

There are some limitations, as noted in the above bulleted list, however this is certainly a good start to help web developers find and correct vulnerabilities in their applications. Download Scrawlr now - Windows Only.

Posted on June 22, 2008 - by snipe

Lego Digital Designer Builds Your Lego Masterpiece

Freeware application Lego Digital Designer is a virtual Lego kit for your Windows or Mac desktop. Once installed, you can either use LDD to build your own masterpiece from scratch or—if you’re lacking patience—you can get a head start by using one of their starter models. With over 763 brick types to choose from, your LDD-design will have reached well beyond the limits of your normal lego kit. Once you’ve built the perfect prototype, you can upload the results to the Lego web site to order a custom kit with every brick you’ll need included! Lego Digital Designer is freeware, Windows and Mac only.