Automatic SQL injection and database takeover tool
Go to file
2013-04-15 16:29:08 +02:00
doc Update of doc/THANKS 2013-03-20 10:34:48 +01:00
extra Minor language fix 2013-03-26 14:11:17 +01:00
lib Disable sqlalchemy warnings if applicable 2013-04-15 16:29:08 +02:00
plugins Minor bug fix for an Issue #361 (removal of that ugly garbage clean warning message after sqlmap ends) 2013-04-15 16:18:40 +02:00
procs Fix for an Issue #333 2013-01-11 14:09:30 +01:00
shell making PHP stager smaller by 100 chars 2012-06-21 10:46:45 +00:00
tamper Another update for an Issue #352 and couple of fixes 2013-03-13 21:57:09 +01:00
thirdparty reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter 2013-02-14 11:32:17 +00:00
txt Revert of previous commit (substrings are checked too) 2013-03-05 18:26:47 +01:00
udf cleanup to README files 2012-07-17 00:32:32 +01:00
waf Update for consistency (all other enums are using _ in between words) 2013-03-20 11:10:24 +01:00
xml Revert back of SQLite3 time-based payload as of regression test failing 2013-04-10 11:10:19 +02:00
.gitattributes Minor update 2012-12-27 15:14:40 +01:00
.gitignore Trivial update 2012-12-26 17:15:59 +01:00
CONTRIBUTING.md Create CONTRIBUTING.md 2012-12-06 02:53:03 -08:00
README.md Update README.md 2013-04-08 11:41:59 +03:00
sqlmap.conf Minor style update 2013-04-06 01:56:23 +02:00
sqlmap.py reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter 2013-02-14 11:32:17 +00:00
sqlmapapi.py reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter 2013-02-14 11:32:17 +00:00

sqlmap

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

Installing

You can download the latest sqlmap code by clicking here.

Preferably, you can download sqlmap by cloning the Git repository:

git clone https://github.com/sqlmapproject/sqlmap.git sqlmap-dev

sqlmap should work out of the box with Python version 2.6.x or 2.7.x on any platform.

Usage

To get a list of basic options and switches use:

python sqlmap.py -h

To get a list of all options and switches use:

python sqlmap.py -hh

You can find a sample run here. To get an overview of sqlmap capabilities, brief description of all options and switches, along with examples, you are advised to consult the user's manual.