• Diniz Martins


SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of switches including database fingerprinting, over data fetching from the database, accessing the underlying file system, and executing commands on the operating system via out-of-band connections.


git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev

NOTE: SQLMap works out of the box with Python version 2.6, 2.7 and 3.x on any platform.

How to use?

To get a list of basic options and switches use:

python sqlmap.py -h

To get a list of all options and switches use:

python sqlmap.py -hh

Example of commands used when I found a vulnerable website:


Recent Posts

See All

D-TECT | Pentest the Modern Web

D-TECT is a penetration testing tool that can be used for information gathering and finding vulnerabilities in web applications. The types of vulnerabilities that can be detected of D-TECT tool includ

Downloads - #1

Here you have some amazing Windows files to celebrate the first year of STENGE.info. Enjoy it! ➟ HJSplit - Program that can split a file of any type and size into smaller parts. It can also join these

WSL | NMAP not work!

Ever since the release of the Windows Subsystem for Linux, a years long unfulfilled hope of using Nmap in this environment still lingers. You can install Nmap (sudo apt-install nmap) in Bash but when