Directory
Database Scanners
Databases are often overlooked when it comes to security, providing a weak link to the wannabe attacker. A Database Administrator (DBA) may not have security at the forefront of their minds as they go about their business, in fact they often introduce vulnerabilities from inappropriate roles within roles or privilege runaway. These products are designed to identify vulnerabilities and inappropriate configuration within databases giving providing both the DBA and Security Officer peace of mind about the security of their database.
Checkout this Oracle9i Security Checklist (pdf)
Loads more freeware MS SQL tools here
NeXpose
Visit the Product Site
NeXpose is an enterprise-level vulnerability assessment and risk management product that identifies security weaknesses in a network computing environment. It offers a comprehensive, one-stop solution for data gathering, reporting and remediation, elimina ...
AuditPro Enterprise
Visit the Product SiteAuditPro® is a comprehensive enterprise security assessment solution featuring critical asset identification, policy compliance, risk analysis, real time vulnerability views, enhanced reporting capability, graphical progress analysis and more. Supporting ...
Oscanner
Visit the Product SiteOscanner is an Oracle assessment framework developed in Java. It has a plugin-based architecture and comes with a couple of plugins that currently do: - Sid Enumeration - Passwords tests (common & dictionary) - Enumerate Oracle version - Enumerate a ...
AppSentry for Oracle
Visit the Product SiteAppSentry for Oracle detects security risks and vulnerabilities within the Oracle Database and associated application. With over 100 audits and checks specifically written for the Oracle Database, AppSentry automates and streamlines the identification of ...
AppDetective
Visit the Product SiteNetwork-based penetration testing and security audit scanner that locates and assesses the security strength of applications within your network. AppDetective is armed with a revolutionary new security analysis methodology, and extensive knowledge base of ...
Symantec Enterprise Security Manager Database Module
Visit the Product SiteThe provided modules and policies protect Oracle and DB2 databases from known security vulnerabilities. The policies introduce new, database-specific executables and content, including modules to check password strength, patches, and unneeded services. Ba ...
SQLdict
Visit the Product SiteSQLdict is a dictionary attack tool for SQL Server. It lets you test if the accounts are strong enough to resist an attack or not.
NGSSQLCrack
Visit the Product SiteWeak passwords can render even the most secure systems vulnerable, but with NGSSoftware's innovative NGSSQLCrack you can guard against weak passwords that make your network susceptible to attack. This clever password cracking utility for Microsoft SQL ser ...
Database vulnerability scanner
Visit the Product Site
DBAPPSecurity Database vulnerability scanner(DB-Scan)is a database security assessment tool based on deep analysis of database typical security vulnerabilities and the popular attack techniques. DBScan can scan potential vulnerabilities and discover weak ...