Feature request: Multi-DBMS application

[andresriancho]

At the moment wavsep is mysql-only, as a web application scanner I would like to see it evolve to a multi-DB application so that I can test (blind) SQL injection detection capabilities for SQL Server, Oracle, pgsql, etc.

[sectooladdict]

Might be a good idea to branch it.

I actually wrote a version for MSSQL, which I eventually never released...

Maybe I'll be able to find it and release it in the current batch.

On Mon, Aug 31, 2015 at 2:42 PM, Andres Riancho notifications@github.com
wrote:

At the moment wavsep is mysql-only, as a web application scanner I would
like to see it evolve to a multi-DB application so that I can test (blind)
SQL injection detection capabilities for SQL Server, Oracle, pgsql, etc.

—
Reply to this email directly or view it on GitHub
#3.

[andresriancho]

Not sure if the best for all would be to have a wavsep-mysql , wavsep-pgsql, etc. (in different branches). Maybe the best is to:

• Have a /sql/mysql/ directory containing all the tests for mysql, /sql/pgsql/ for pgsql, etc. or,
• Have a /sql/ directory with all the SQL stuff and have a /sql/switch.jsp script that will change the DBMS used by all the scripts in /sql/

But other users might disagree

[sectooladdict]

Doing it otherwise will require some core changes (class replication /
etc), doable, but much more changes.

The switch option however - sounds MUCH better. noted.

On Mon, Aug 31, 2015 at 3:40 PM, Andres Riancho notifications@github.com
wrote:

Not sure if the best for all would be to have a wavsep-mysql ,
wavsep-pgsql, etc. (in different branches). Maybe the best is to:

• Have a /sql/mysql/ directory containing all the tests for mysql,
  /sql/pgsql/ for pgsql, etc. or,
• Have a /sql/ directory with all the SQL stuff and have a
  /sql/switch.jsp script that will change the DBMS used by all the
  scripts in /sql/

But other users might disagree

—
Reply to this email directly or view it on GitHub
#3 (comment).