"Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end.Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered."
It's current feature list:

* Upload mode is not limited to files of 64k bytes anymore
* Uploading files is also *massively* faster
* Proxy support
* Support for token kidnapping (thanks Cesar!)
* Lots of other minor improvements

Download SQLNinja version 0.2.5 here.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.