top of page
Search

SQLMap

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of switches including database fingerprinting, over data fetching from the database, accessing the underlying file system, and executing commands on the operating system via out-of-band connections.


Install:

git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev

NOTE: SQLMap works out of the box with Python version 2.6, 2.7 and 3.x on any platform.


How to use?

To get a list of basic options and switches use:

python sqlmap.py -h

To get a list of all options and switches use:

python sqlmap.py -hh

Example of commands used when I found a vulnerable website:



27 views0 comments

Recent Posts

See All

MacOS | Recording a Packet Trace

A packet trace is a record of traffic traveling across the network. It’s useful for investigating complex network problems related to both correctness and performance. Once you start a packet trace on

DNS Guard

Absolutely everything is connected to the internet these days, from TV to smart light bulbs, from mobile devices to smart cars. Given those ads and ad trackers are everywhere on the Internet, a browse

Cyber Security Interview, Q&A

Can you explain the difference between symmetric and asymmetric encryption? When would you use one over the other? Answer: Symmetric encryption uses a single key to both encrypt and decrypt data, whil

bottom of page