sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
sqlmap should work out of the box with [Python](http://www.python.org/download/) version 2.6.x or 2.7.x.
Usage
---
To get a list of basic options use:
python sqlmap.py -h
To get a list of all options use:
python sqlmap.py -hh
To get an overview of sqlmap capabilities, brief description of all options and switches, along with examples, you are advised to consult the [user's manual](https://github.com/sqlmapproject/sqlmap/wiki).