|
Sql
tools
audit.sql - Quick little script to check all of your user accounts
for weak passwords if you have created a dictionary file somewhere on
your server.
Connecting to MySQL databases with Cdict.zip - Dictionary file to be used for password strength testing.
. Create a table called 'dict' with one field (varchar(128) should do
since that's the maximum size of a standard security password in SQL 7)
called 'word' and then do a 'BULK INSERT dict from 'c:\myfile.txt'. You
may need to use special switches on the BULK INSERT depending on your
text file - check BOL if you need help.
dSQLSRVD - dOMNAR's SQL Server SysComments Decryptor - has been
designed to assist developers and administrators of SQL Server 7 and
2000 with examining stored procedures, triggers, views and user-defined
functions, in order to gain better insight into 3rd party applications
and their database functionality. Such a task is often necessary when
integrating a new system with a company's existing systems, or when
optimizing a database server's performance.
encryptALL.sql - Stored procedure to encrypt all stored procedures
in current database (except itself). Can be used for developers who want
to protect source code.
loginalert.sql - Script to create an operator and three custom
alerts to track when the administrator or 'sa' users login into the SQL
Server.
mcpscripts.zip - Script files from my June 2000 MCP Magazine article
on constructing your own log-based Intrusion Detection System.
MSSQLRecovery (shareware) - MSSQLRecovery is a data recovery program
for Microsoft SQL Server databases. MSSQLRecovery has a powerful
recovery engine designed to retrieve data from most damaged databases.
Easy setup procedure and intuitive user interface allows to recover
vital information in a few clicks.
SQL - Introduction to Structured Query Language - the online book
Sql Dict - Brute-force SQL Server password utility. Good for
auditing SQL Server passwords in your organization. Don't use this power
for evil.
Sql security - sql security related news, files
sql7-lib.txt - Ruleset for the Snort intrusion detection system to
identify attacks against SQL Server.
SQLAT - SQLAT is a suite of tools that could be useful for
penetration testing a MS SQL Server. The tools are still in development
but tend to be quite stable.
sqlbf - SQL Server password brute forcing tool by xaphan.
Source
sqlping - SQLPing can be used to discover detailed information about
the connectivity of SQL Server 2000 installations without authentication
of any kind. Great tool to track down rogue SQL Server 2000 boxes on
your networks or on the Internet.
Source.
sqlpoke.zip - Used to scan a range of IP addresses for SQL Servers
and then execute a predefined script. Could be used to track down SQL
Servers in your own organization and ensure they stay locked down.
xp crypt - extended stored procedure to encrypt/decrypt/hash data
from within SQL Server.
 |
|
