So Dave Aitel and I collaborated on a little hooking script inside of ImmunityDebugger coupled with an XML-RPC server.

What it does is hooks SQLOLEDB calls at the application layer, retrieves the SQL query from memory and ships it off to the RPC server for analysis.

It's a fairly different way for examining web apps, and frankly was a lot of fun doing. The full posting that Dave made is at the Immuntiy Forum here

If you have any questions, request for new platform support or patches, drop it in the ID forum or email Dave or I.

https://www.openrce.org/blog/view/917/Grey_Box_Web_Application_Testing_With_Immunity_Debugger