== Individuals == Santiago Accurso for reporting a bug David Alvarez for reporting a bug Sergio Alves for reporting a bug Chip Andrews for his excellent work maintaining the SQL Server versions database at SQLSecurity.com and permission to implement the update feature taking data from his site Smith Andy for suggesting a feature Otavio Augusto for reporting a minor bug Simon Baker for reporting some bugs Emiliano Bazaes for reporting a minor bug Daniele Bellucci for starting sqlmap project and developing it between July and August 2006 Anthony Boynes for reporting a bug Velky Brat for suggesting a minor enhancement to the bisection algorithm Jack Butler for providing me with the sqlmap site favicon Ulisses Castro for reporting a bug Roberto Castrogiovanni for reporting a minor bug Cesar Cerrudo for his Windows access token kidnapping tool Churrasco included in sqlmap tree as a contrib library and used to run the stand-alone payload stager on the target Windows machine as SYSTEM user if the user wants to perform a privilege escalation attack, http://www.argeniss.com/research/TokenKidnapping.pdf Karl Chen for providing with the multithreading patch for the inference algorithm Y P Chien for reporting a minor bug Pierre Chifflier and Mark Hymers for uploading and accepting the sqlmap Debian package to the official Debian project repository Andreas Constantinides for reporting a minor bug Andre Costa for reporting a minor bug for suggesting a minor enhancement Ulises U. Cune for reporting a bug Alessandro Curio for reporting a minor bug Alessio Dalla Piazza for reporting a minor bug Stefano Di Paola for suggesting good features Mosk Dmitri for reporting a minor bug Carey Evans for his fcrypt module that allows crypt(3) support on Windows platforms Adam Faheem for reporting a few bugs James Fisher for providing me with two very good feature requests for his great tool too brute force directories and files names on web/application servers, Dir Buster, http://tinyurl.com/dirbuster Jim Forster for reporting a bug Rong-En Fan for commiting the sqlmap 0.5 port to the official FreeBSD project repository Giorgio Fedon for suggesting a speed improvement for bisection algorithm for reporting a bug when running against Microsoft SQL Server 2005 Kasper Fons for reporting several bugs Jose Fonseca for his Gprof2Dot utility for converting profiler output to dot graph(s) and for his XDot utility to render nicely dot graph(s), both included in sqlmap tree inside extra folder. These libraries are used for sqlmap development purposes only http://code.google.com/p/jrfonseca/wiki/Gprof2Dot http://code.google.com/p/jrfonseca/wiki/XDot Alan Franzoni for helping me out with Python subprocess library Daniel G. Gamonal for reporting a minor bug Marcos Mateos Garcia for reporting a minor bug Ivan Giacomelli for reporting a bug for suggesting a minor enhancement for reviewing the documentation Nico Golde for reporting a couple of bugs Oliver Gruskovnjak for reporting a bug for providing me with a minor patch Davide Guerri for suggesting an enhancement Dan Guido for promoting sqlmap in the context of the Penetration Testing and Vulnerability Analysis class at the Polytechnic University of New York, http://isisblogs.poly.edu/courses/pentest/ David Guimaraes for reporting several bugs for suggesting an enhancement Chris Hall for coding the prettyprint.py library Tate Hansen for donating to sqlmap development Mario Heiderich Christian Matthies Lars H. Strojny for their great tool PHPIDS included in sqlmap tree as a set of rules for testing payloads against IDS detection, http://php-ids.org Kristian Erik Hermansen for reporting a bug for donating to sqlmap development Jorge Hoya for suggesting a minor enhancement Will Holcomb for his MultipartPostHandler class to handle multipart POST forms and permission to include it within sqlmap source code Daniel Huckmann for reporting a couple of bugs Daliev Ilya for reporting a bug Prashant Jadhav for reporting a bug Dirk Jagdmann for reporting a typo in the documentation Luke Jahnke for reporting a bug when running against MySQL < 5.0 David Klein for reporting a minor code improvement Sven Klemm for reporting two minor bugs with PostgreSQL Anant Kochhar for providing me with feedback on the user's manual Alexander Kornbrust for reporting a couple of bugs Krzysztof Kotowicz for reporting a minor bug Nicolas Krassas for reporting a bug Alex Landa for providing a patch adding support for XML output Guido Landi for reporting a couple of bugs for the great technical discussions for Microsoft SQL Server 2000 and Microsoft SQL Server 2005 'sp_replwritetovarbin' stored procedure heap-based buffer overflow (MS09-004) exploit development for presenting with me at SOURCE Conference 2009 in Barcelona (Spain) on September 21, 2009 and at CONfidence 2009 in Warsaw (Poland) on November 20, 2009 Lee Lawson for reporting a minor bug John J. Lee & others for developing the clientform Python library used by sqlmap to parse forms when --forms switch is specified Nico Leidecker for providing me with feedback on a few features for reporting a couple of bugs for his great tool icmpsh included in sqlmap tree to get a command prompt via an out-of-band tunnel over ICMP, http://leidecker.info/downloads/icmpsh.zip Gabriel Lima for reporting a couple of bugs Svyatoslav Lisin for suggesting a minor feature Mark Lowe for reporting a couple of bugs Truong Duc Luong for reporting a minor bug Pavol Luptak for reporting a bug when injecting on a POST data parameter Michael Majchrowicz for extensively beta-testing sqlmap on various MySQL DBMS for providing really appreciated feedback for suggesting a lot of ideas and features Ferruh Mavituna for providing me with ideas on the implementation of a couple of new features David McNab for his XMLObject module that allows XML files to be operated on like Python objects Spencer J. McIntyre for reporting a minor bug Enrico Milanese for reporting a bugs when using (-a) a single line User-Agent file for providing me with some ideas for the PHP backdoor Anton Mogilin for reporting a few bugs Anastasios Monachos for providing some useful data for suggesting a feature Kirill Morozov for reporting a bug for suggesting a feature Alejo Murillo Moya for reporting a minor bug for suggesting a few features Yonny Mutai for reporting a minor bug Roberto Nemirovsky for pointing me out some enhancements Simone Onofri for patching the PHP web backdoor to make it work properly also on Windows Shaohua Pan for reporting several bugs for suggesting a few features Antonio Parata for providing me with some ideas for the PHP backdoor Adrian Pastor for donating to sqlmap development Chris Patten for reporting a bug in the blind SQL injection bisection algorithm Zack Payton for reporting a minor bug Mark Pilgrim for porting chardet package (Universal Encoding Detector) to Python Steve Pinkham for suggesting a feature for providing a new sql injection vector (MSSQL time based) for donating to sqlmap development Adam Pridgen for suggesting some features Ole Rasmussen for reporting a bug for suggesting a feature Alberto Revelli for inspiring me to write sqlmap user's manual in SGML for his great Microsoft SQL Server take over tool, sqlninja, http://sqlninja.sourceforge.net Andres Riancho for beta-testing sqlmap for reporting a bug and suggesting some features for including sqlmap in his great web application audit and attack framework, w3af, http://w3af.sourceforge.net for suggesting a way for handling DNS caching Antonio Riva for reporting a bug when running with python 2.5 Ethan Robish for reporting a bug Andrea Rossi for reporting a minor bug for suggesting a feature Richard Safran for donating the sqlmap.org domain control Tomoyuki Sakurai for submitting to the FreeBSD project the sqlmap 0.5 port Pedro Jacques Santos Santiago for reporting several bugs Marek Sarvas for reporting several bugs Philippe A. R. Schaeffer for reporting a minor bug Jorge Santos for reporting a minor bug Sven Schluter for providing with a patch for waiting a number of seconds between each HTTP request Ryan Sears for suggesting a couple of enhancements for donating to sqlmap development Uemit Seren for reporting a minor adjustment when running with python 2.6 Ahmed Shawky for reporting a major bug with improper handling of parameter values for reporting a bug Brian Shura for reporting a bug Sumit Siddharth for providing me with ideas on the implementation of a couple of features Andre Silva for reporting a bug M Simkin for suggesting a feature Konrads Smelkovs for reporting a few bugs in --sql-shell and --sql-query on Microsoft SQL Server Michael D. Stenner for his keepalive module that allows handling of persistent HTTP 1.1 keep-alive connections Marek Stiefenhofer for reporting a bug Jason Swan for reporting a bug when enumerating columns on Microsoft SQL Server for suggesting a couple of improvements Chilik Tamir for providing a patch for initial support SOAP requests Alessandro Tanasi for extensively beta-testing sqlmap for suggesting many features and reporting some bugs for reviewing the documentation Andres Tarasco for providing me with good feedback Kazim Bugra Tombul for reporting a minor bug Efrain Torres for helping me out to improve the Metasploit Framework 3 sqlmap auxiliary module and for commiting it on the Metasploit official subversion repository for his great Metasploit WMAP Framework Sandro Tosi for helping to create sqlmap Debian package correctly Vitaly Turenko for reporting a bug Augusto Urbieta for reporting a minor bug Bedirhan Urgun for reporting a few bugs for suggesting some features and improvements for benchmarking sqlmap in the context of his SQL injection benchmark project, OWASP SQLiBench, http://code.google.com/p/sqlibench Kyprianos Vasilopoulos for reporting a couple of minor bugs Carlos Gabriel Vergara for suggesting couple of good features Anthony Zboralski for providing me with detailed feedback for reporting a few minor bugs for donating to sqlmap development Thierry Zoller for reporting a couple of major bugs -insane- for reporting a minor bug abc abc for reporting a minor bug Brandon E. for reporting a bug black zero for reporting a minor bug buawig for reporting considerable amount of bugs Bugtrace for reporting several bugs dragoun dash for reporting a minor bug fufuh for reporting a bug when running on Windows james for reporting a bug m4l1c3 for reporting considerable amount of bugs mariano for reporting a bug mitchell for reporting a bug nightman for reporting several bugs pacman730 for reporting a bug Phat R. for reporting a minor bug Joe "Pragmatk" for reporting a few bugs ragos for reporting a minor bug shiftzwei for reporting a couple of bugs Stuffe for reporting a minor bug and a feature request Sylphid for suggesting some features syssecurity.info for reporting a minor bug ToR for reporting considerable amount of bugs for suggesting a feature ultramegaman for reporting a minor bug wanglei for reporting a minor bug warninggp for reporting a few minor bugs x for reporting a bug == Organizations == Black Hat team for the opportunity to present my research titled 'Advanced SQL injection to operating system full control' at Black Hat Europe 2009 Briefings on April 16, 2009 in Amsterdam (NL). I unveiled and demonstrated some of the sqlmap 0.7 release candidate version new features during my presentation Homepage: http://goo.gl/BKfs7 Slides: http://goo.gl/Dh65t White paper: http://goo.gl/spX3N SOURCE Conference team for the opportunity to present my research titled 'Expanding the control over the operating system from the database' at SOURCE Conference 2009 on September 21, 2009 in Barcelona (ES). I unveiled and demonstrated some of the sqlmap 0.8 release candidate version new features during my presentation Homepage: http://goo.gl/IeXV4 Slides: http://goo.gl/OKnfj AthCon Conference team for the opportunity to present my research titled 'Got database access? Own the network!' at AthCon Conference 2010 on June 3, 2010 in Athens (GR). I unveiled and demonstrated some of the sqlmap 0.8 version features during my presentation Homepage: Slides: http://goo.gl/QMfjO Metasploit Framework development team for their powerful tool Metasploit Framework 3, used by sqlmap, among others things, to create the shellcode and establish an out-of-band connection between sqlmap and the database server, http://www.metasploit.com/framework OWASP Board for sponsoring part of the sqlmap development in the context of OWASP Spring of Code 2007