• Diniz Martins

SQLMap

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of switches including database fingerprinting, over data fetching from the database, accessing the underlying file system, and executing commands on the operating system via out-of-band connections.


Install:

git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev

NOTE: SQLMap works out of the box with Python version 2.6, 2.7 and 3.x on any platform.


How to use?

To get a list of basic options and switches use:

python sqlmap.py -h

To get a list of all options and switches use:

python sqlmap.py -hh

Example of commands used when I found a vulnerable website:



29 views

Recent Posts

See All

D-TECT | Pentest the Modern Web

D-TECT is a penetration testing tool that can be used for information gathering and finding vulnerabilities in web applications. The types of vulnerabilities that can be detected of D-TECT tool includ

Downloads - #1

Here you have some amazing Windows files to celebrate the first year of STENGE.info. Enjoy it! ➟ HJSplit - Program that can split a file of any type and size into smaller parts. It can also join these

WSL | NMAP not work!

Ever since the release of the Windows Subsystem for Linux, a years long unfulfilled hope of using Nmap in this environment still lingers. You can install Nmap (sudo apt-install nmap) in Bash but when