Scrawlr is the latest tool to come out of HP’s Web Security Research Group. It was built in response to the massive number of SQL injection attacks happening on the web this year. Most of these vulnerable sites are found through googling, so Scrawlr works the same way. Point it at your web server and it will crawl all of the pages and evaluate the URL parameters to see if they’re vulnerable to verbose injection. It reports the SQL server and table names if it comes across anything.

It only supports 1500 pages right now and can’t do authentication or blind injection. It’s still a free tool and a great way to identify if your site is vulnerable to automated tools finding you website via search engines.

Features of Scrawlr

– Identify Verbose SQL Injection vulnerabilities in URL parameters
– Can be configured to use a Proxy to access the web site
– Will identify the type of SQL server in use
– Will extract table names (verbose only) to guarantee no false positives

And well there is also list of limitations:

– Will only crawl up to 1500 pages
– Does not support sites requiring authentication
– Does not perform Blind SQL injection
– Cannot retrieve database contents
– Does not support JavaScript or flash parsing
– Will not test forms for SQL Injection (POST Parameters)

A guide to uninstall HP Scrawlr from your computer:

You can find below details on how to remove HP Scrawlr for Windows. It is developed by Hewlett Packard, Inc.. Go over here where you can find out more on Hewlett Packard, Inc.. HP Scrawlr is frequently installed in the C:\Program Files\HP\Scrawlr folder, depending on the user’s choice. The full command line for uninstalling HP Scrawlr is MsiExec.exe /X{065C4136-6B49-4EDB-8915-F9E91312B1A5}. Keep in mind that if you will type this command in Start / Run Note you might be prompted for administrator rights. The application’s main executable file occupies 452.63 KB (463496 bytes) on disk and is named Scrawlr.exe.

HP Scrawlr contains of the executables below. They occupy 452.63 KB (463496 bytes) on disk

• Scrawlr.exe (452.63 KB)

This info is about HP Scrawlr version 1.0.133.4 alone. Click on the links below for other HP Scrawlr versions:
A way to remove HP Scrawlr from your computer with Advanced Uninstaller PRO

HP Scrawlr is a program marketed by the software company Hewlett Packard, Inc.. Frequently, computer users decide to uninstall it. This can be hard because deleting this manually requires some experience related to Windows internal functioning. The best SIMPLE way to uninstall HP Scrawlr is to use Advanced Uninstaller PRO. Take the following steps on how to do this:

1. If you don’t have Advanced Uninstaller PRO on your Windows system, install it. This is a good step because Advanced Uninstaller PRO is a very potent uninstaller and general utility to maximize the performance of your Windows system.

• navigate to Download Link
• download the setup by clicking on the green DOWNLOAD button
• set up Advanced Uninstaller PRO

2. Run Advanced Uninstaller PRO. It’s recommended to take some time to get familiar with the program’s design and number of tools available. Advanced Uninstaller PRO is a powerful package of tools.

3. Press the General Tools button

4. Click on the Uninstall Programs button

5. All the programs installed on your computer will be shown to you

6. Scroll the list of programs until you locate HP Scrawlr or simply activate the Search field and type in “HP Scrawlr”. If it is installed on your PC the HP Scrawlr program will be found automatically. When you select HP Scrawlr in the list of apps, the following data about the application is shown to you:

• Star rating (in the left lower corner). This tells you the opinion other users have about HP Scrawlr, ranging from “Highly recommended” to “Very dangerous”.
• Reviews by other users – Press the Read reviews button.
• Technical information about the app you want to uninstall, by clicking on the Properties button.

7. Click the Uninstall button. A confirmation window will come up. Confirm the removal by pressing Uninstall. Advanced Uninstaller PRO will automatically uninstall HP Scrawlr.

8. After uninstalling HP Scrawlr, Advanced Uninstaller PRO will offer to run an additional cleanup. Click Next to proceed with the cleanup. All the items of HP Scrawlr which have been left behind will be detected and you will be able to delete them. By removing HP Scrawlr with Advanced Uninstaller PRO, you are assured that no registry entries, files or directories are left behind on your disk.

Your system will remain clean, speedy and able to run without errors or problems.

HP Scrawlr is a software program developed by Hewlett-Packard. The most common release is 1.0.133.4, with over 98% of all installations currently using this version. The primary executable is named Scrawlr.exe. The setup package generally installs about 19 files and is usually about 3.52 MB (3,692,748 bytes). Relative to the overall usage of users who have this installed on their PCs, most are running Windows 7 (SP1) and Windows 8. While about 31% of users of HP Scrawlr come from the United States, it is also popular in Brazil and MA.

HP Scrawlr on cloud For AWS

Major Features of HP Scrawlr

• • Identify Verbose SQL Injection vulnerabilities in URL parameters

• • Can be configured to use a Proxy to access the web site

• • Will identify the type of SQL server in use

• • Will extract table names (verbose only) to guarantee no false positives

• Installation Instructions For Windows

Installation Instructions For Windows

Note: How to find PublicDNS in AWS

Step 1) RDP  Connection: To connect to the deployed instance, Please follow Instructions to Connect to Windows  instance on AWS Cloud

1) Connect to the virtual machine using following RDP credentials:

• Hostname: PublicDNS  / IP of machine
• Port : 3389

Username: To connect to the operating system, use RDP and the username is Administrator.
Password: Please Click here to know how to get password .

Step 2) Click the Windows “Start” button and select “All Programs” and then point to HP Scrawlr 

Step 3) Other Information:

1.Default installation path: will be in your root folder “C:\Program Files (x86)\HP\Scrawlr\”
2.Default ports:

• Windows Machines:  RDP Port – 3389
• Http: 80
• Https: 443

Configure custom inbound and outbound rules using this link

Installation Step by Step Screenshots