Feature request: Multi-DBMS application
Opened this issue · 3 comments
At the moment wavsep is mysql-only, as a web application scanner I would like to see it evolve to a multi-DB application so that I can test (blind) SQL injection detection capabilities for SQL Server, Oracle, pgsql, etc.
Might be a good idea to branch it.
I actually wrote a version for MSSQL, which I eventually never released...
Maybe I'll be able to find it and release it in the current batch.
On Mon, Aug 31, 2015 at 2:42 PM, Andres Riancho notifications@github.com
wrote:
At the moment wavsep is mysql-only, as a web application scanner I would
like to see it evolve to a multi-DB application so that I can test (blind)
SQL injection detection capabilities for SQL Server, Oracle, pgsql, etc.—
Reply to this email directly or view it on GitHub
#3.
Not sure if the best for all would be to have a wavsep-mysql , wavsep-pgsql, etc. (in different branches). Maybe the best is to:
- Have a
/sql/mysql/directory containing all the tests for mysql,/sql/pgsql/for pgsql, etc. or, - Have a
/sql/directory with all the SQL stuff and have a/sql/switch.jspscript that will change the DBMS used by all the scripts in/sql/
But other users might disagree
Doing it otherwise will require some core changes (class replication /
etc), doable, but much more changes.
The switch option however - sounds MUCH better. noted.
On Mon, Aug 31, 2015 at 3:40 PM, Andres Riancho notifications@github.com
wrote:
Not sure if the best for all would be to have a wavsep-mysql ,
wavsep-pgsql, etc. (in different branches). Maybe the best is to:
- Have a /sql/mysql/ directory containing all the tests for mysql,
/sql/pgsql/ for pgsql, etc. or,- Have a /sql/ directory with all the SQL stuff and have a
/sql/switch.jsp script that will change the DBMS used by all the
scripts in /sql/But other users might disagree
—
Reply to this email directly or view it on GitHub
#3 (comment).