 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: Havij| Names | Havij | |
| Category | Tools | |
| Type | Info stealer, Exfiltration | |
| Description | (Check Point) Havij, an automatic SQL Injection tool, is distributed by ITSecTeam, an Iranian security company. The name Havij means “carrot”, which is the tool’s icon. The tool is designed with a user-friendly GUI that makes it easy for an operator to retrieve the desired data. Such ease of use may be the reason behind the transition from attacks deployed by code-writing hackers to those by non-technical users. | |
| Information | <https://blog.checkpoint.com/2015/05/14/analysis-havij-sql-injection-tool/> | |
| MITRE ATT&CK | <https://attack.mitre.org/software/S0224/> | |
| AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:havij> | |
Last change to this tool card: 08 May 2020
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Magic Hound, APT 35, Cobalt Illusion, Charming Kitten |  | 2012-Aug 2024  |  | ||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |