I just recently picked up a DB fuzzer from darkc0de. It basically just scans the site and lists whatever DB info you tell it to. It's a really handy tool, but I don't really think you should rely on it, or any other programs for that matter.
You need to be patient and learn why the things that you're trying aren't working and learn other methods so that you can try those as well. Try thinking as if you're the guy who coded that page...try to predict how he coded it so that you can have a better understanding of it. Once you understand it, and understand how to exploit the vulnerability (whether it be SQL Injection or whatever), you should be fine.
You guys are loadz of help.. dont know what i would do without u
BTW without taking your advice i tried the fuzzer stuff and in my view how it works is like a brute force tool ? rather it has a world list ? correct me if im wrong. anyways the best tool i got was GUESSING till now
i found the tables and fields of the second website and was even able to crack it the only problem is i cant find the login page tried teh intelliTamper but it searched upto and http authentication page and got stuck there . also i tried it with my own websites and coudnt find the login page. What am i doing wrong with the thing ?
ATM i tried GUESSING.. SiteMap Tools and tring to find tools but .. no luck