Categories: Kali Linux

ScanQLi – To Detect SQL Vulns

ScanQLi is a simple SQL injection scanner with somes additional features. This tool can’t exploit the SQLi, it just detect them. Tested on Debian 9.
ScanQLi is a SQLi scanner to detect SQL vulns.

Features

  • Classic
  • Blind
  • Time based
  • GBK (soon)
  • Recursive scan (follow all hrefs of the scanned web site)
  • Cookies integration
  • Adjustable wait delay between requests
  • Ignore given URLs

Prerequisites

Install git tool

apt update
apt install git

Clone the repo.

git clone https://github.com/bambish/ScanQLi

Install python required libs

apt install python-pip
cd ScanQLi

pip install -r requirements.txt

For python3 please install python3-pip and use pip3

Also Read : ParamPamPam : Tool For Brute Discover Parameters

Usage

./scanqli -u [URL] [OPTIONS]

Examples

Simple URL scan with output file

python scanqli.py -u ‘http://127.0.0.1/test/?p=news’ -o output.log

Recursive URL scanning with cookies

python scanqli.py -u ‘https://127.0.0.1/test/’ -r -c ‘{“PHPSESSID”:”4bn7uro8qq62ol4o667bejbqo3″ , “Session”:”Mzo6YWMwZGRmOWU2NWQ1N2I2YTU2YjI0NTMzODZjZDVkYjU=”}’

R K

Recent Posts

Upgrade to Ubuntu 20.04 LTS: Prepare, Update, and Confirm

Ubuntu 20.04 LTS (code name Focal Fossa) was released on April 23, 2020. It is a…

48 minutes ago

Install Google Chrome on Ubuntu 20.04: Download and Setup Guide

Google Chrome is the most widely used web browser in the world. It is fast, secure,…

1 hour ago

Install Java on Ubuntu 20.04: OpenJDK 11, JDK 8, and JAVA_HOME

Java is one of the most widely used programming languages in the world. It runs on…

1 hour ago

Install Ubuntu on Raspberry Pi: Flash, Configure, and Boot

Raspberry Pi is the most popular single-board computer ever made. It is small, affordable, and surprisingly…

1 hour ago

Install pip on Ubuntu 20.04: Python 3, Python 2, and Usage Guide

pip is Python's package manager. It lets you search, download, and install packages from the Python Package…

1 hour ago

Install MySQL on Ubuntu 20.04: Setup, Security, and Root Access

MySQL is the most popular open-source relational database management system. It is fast, reliable, and a…

1 day ago