SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of switches including database fingerprinting, over data fetching from the database, accessing the underlying file system, and executing commands on the operating system via out-of-band connections.
Installation
You can download the latest tarball by clicking here or latest zipball by clicking here.
Preferably, you can download sqlmap by cloning the Git repository:
git clone –depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
sqlmap works out of the box with Python version 2.6, 2.7 and 3.x on any platform.
Usage
To get a list of basic options and switches use:
python sqlmap.py -h
To get a list of all options and switches use:
python sqlmap.py -hh
You can find a sample run here. To get an overview of sqlmap capabilities, a list of supported features, and a description of all options and switches, along with examples, you are advised to consult the user’s manual.
Links
Starship is a powerful, minimal, and highly customizable cross-shell prompt designed to enhance the terminal…
Lemmy is an innovative, open-source platform designed for link aggregation and discussion, providing a decentralized…
The latest release of ImHex v1.37.0 introduces a host of exciting features and improvements, enhancing…
Ghauri is a cutting-edge, cross-platform tool designed to automate the detection and exploitation of SQL…
Writing tools have become indispensable for individuals looking to enhance their writing efficiency, accuracy, and…
PatchWerk is a proof-of-concept (PoC) tool designed to clean NTDLL syscall stubs by patching syscall…