Research and Development

Updated version of the Blind SQL Injection Brute Forcer from It work against PostgreSQL, MySQL, MSSQL and Oracle and supports custom SQL queries.

Key features

This is a modified version of ‘’. This Perl script allows extraction of data from Blind SQL Injections. It accepts custom SQL queries as a command line  parameter and it works for both integer and string based injections.

Databases supported:

  • MS-SQL
  • MySQl
  • Postgres
  • Oracle


The tool supports 2 attack modes(-type switch):

Type 0:- Blind SQL Injection based on true and false conditions returned by back-end server
Type 1:- Blind SQL Injection based on true and error(e.g syntax error) returned by back-end server.


$ ./ -url -method post -match true -database 0 -sql "select top 1 name from sysobjects where xtype='U'"

Request to be added to the Portcullis Labs newsletter

We will email you whenever a new tool, or post is added to the site.

Your Name (required)

Your Email (required)