• Diniz Martins


SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of switches including database fingerprinting, over data fetching from the database, accessing the underlying file system, and executing commands on the operating system via out-of-band connections.


git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev

NOTE: SQLMap works out of the box with Python version 2.6, 2.7 and 3.x on any platform.

How to use?

To get a list of basic options and switches use:

python sqlmap.py -h

To get a list of all options and switches use:

python sqlmap.py -hh

Example of commands used when I found a vulnerable website:


Recent Posts

See All

WSL | NMAP not work!

Ever since the release of the Windows Subsystem for Linux, a years long unfulfilled hope of using Nmap in this environment still lingers. You can install Nmap (sudo apt-install nmap) in Bash but when

Scrcpy | Display Android Devices

This application is a free and open-source screen mirroring application that allows control of an Android device from a Windows, macOS, or Linux desktop computer. The software is developed by Genymobi