[Previous entry: "10.2.0.3 for Linux and Windows is out"] [Next entry: "Pete Finnigan's Oracle Security Masterclass UKOUG 2006 available"]
A free PL/SQL fuzzing tool released
December 7th, 2006 by PeteA free PL/SQL fuzzing tool written in python has just been released on the Full Disclosure list and bugtraq lists. The post titled "Oracle PL/SQL Fuzzing Tool" describes a python tool released under the GPL that will form part of a bigger Oracle specific vulnerability assessment tool that the author will release. The post includes the python script.
I have not tested it as I dont have python installed on my laptop. I will test it. The tool looks fairly simple and should be easy to extend. Quite obviously it should not be run on a production database as it can cause crashes and potentially change data. You need a database account with at least CREATE SESSION and connect info to use it.
I have added the tool to my "Oracle security tools page"
