软件简介

sqlinject-finder是一个简单的python脚本，它可以查找pcap数据包中的GET和POST数据，寻找可能存在和可疑的SQL
注入点。SQL注入检测规则可以非常容易的添加。输出能够被整齐的打印在命令行中或者以制表符分隔的方式打印。sqlinject-finder的输出包
括以下几项：

• The suspicious IP address
• The attacked webpage
• The parameter and value used
• The frame number of the packet within the pcap (can be used to find exactly where the packet is in Wireshark)
• The reason why the request was flagged