Database Scanning Tools
From SAMATE
Database Scanners are a specialized tool used specifically to identify vulnerabilities in database applications. In addition to performing some external functions like password cracking, the tools also examine the internal configuration of the database for possible exploitable vulnerabilities.
Database scanning tools discover vulnerabilities through the following functions:
check/verify:
- passwords
- default account vulnerabilities
- logon hours violations
- account permissions
- role permissions
- unauthorized object owners
- remote login and servers
- system table permissions
- extended stored procedures
- cross database ownership chining
- authentication
- login attacks
- stale login ids
- security of admin accounts
- excessive admin actions
- passwords
- password aging
- auditing trail
- auditing configuration
- buffer overflows in user name
- buffer overflows in database link