top of page

SQLMap

Writer's picture: Diniz MartinsDiniz Martins

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of switches including database fingerprinting, over data fetching from the database, accessing the underlying file system, and executing commands on the operating system via out-of-band connections.


Install:

git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev

NOTE: SQLMap works out of the box with Python version 2.6, 2.7 and 3.x on any platform.


How to use?

To get a list of basic options and switches use:

python sqlmap.py -h

To get a list of all options and switches use:

python sqlmap.py -hh

Example of commands used when I found a vulnerable website:



29 views0 comments

Recent Posts

See All

IPSec vs. TLS

When it comes to securing data over networks, IPSec (Internet Protocol Security) and TLS (Transport Layer Security) are two of the most...

VyOS Basic Configuration

VyOS is an open-source network operating system that provides software-based network routing, firewall, and VPN services. It is designed...

Yorumlar


Programming and IT solutions guide on STENGE.info blog
Cybersecurity and Networking tutorials on STENGE.info
IT infrastructure solutions and technology tutorials
STENGE.info logo - Tech Blog for IT Solutions and Tutorials
bottom of page