Open andresriancho opened 9 years ago
Might be a good idea to branch it.
I actually wrote a version for MSSQL, which I eventually never released...
Maybe I'll be able to find it and release it in the current batch.
On Mon, Aug 31, 2015 at 2:42 PM, Andres Riancho notifications@github.com wrote:
At the moment wavsep is mysql-only, as a web application scanner I would like to see it evolve to a multi-DB application so that I can test (blind) SQL injection detection capabilities for SQL Server, Oracle, pgsql, etc.
— Reply to this email directly or view it on GitHub https://github.com/sectooladdict/wavsep/issues/3.
Not sure if the best for all would be to have a wavsep-mysql , wavsep-pgsql, etc. (in different branches). Maybe the best is to:
/sql/mysql/
directory containing all the tests for mysql, /sql/pgsql/
for pgsql, etc. or,/sql/
directory with all the SQL stuff and have a /sql/switch.jsp
script that will change the DBMS used by all the scripts in /sql/
But other users might disagree
Doing it otherwise will require some core changes (class replication / etc), doable, but much more changes.
The switch option however - sounds MUCH better. noted.
On Mon, Aug 31, 2015 at 3:40 PM, Andres Riancho notifications@github.com wrote:
Not sure if the best for all would be to have a wavsep-mysql , wavsep-pgsql, etc. (in different branches). Maybe the best is to:
- Have a /sql/mysql/ directory containing all the tests for mysql, /sql/pgsql/ for pgsql, etc. or,
- Have a /sql/ directory with all the SQL stuff and have a /sql/switch.jsp script that will change the DBMS used by all the scripts in /sql/
But other users might disagree
— Reply to this email directly or view it on GitHub https://github.com/sectooladdict/wavsep/issues/3#issuecomment-136360728.
At the moment wavsep is mysql-only, as a web application scanner I would like to see it evolve to a multi-DB application so that I can test (blind) SQL injection detection capabilities for SQL Server, Oracle, pgsql, etc.