sqlmap

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. It comes with a broad range of features, from database fingerprinting to fetching data from the DB and even accessing the underlying file system and executing OS commands via out-of-band connections. The authors recommend using the development release from their Subversion repository. For downloads and more information, visit the sqlmap homepage.

Popularity
#30, new!
Latest release
  • 0.9
  • April 11, 2011 (11 years, 5 months ago)
Links
Rating
★★★★½ (9)
★★★★★
78% ★★★★
11% ★★★
11% ★★
0%
0%
Outdated/incomplete?

Comments

★★★★★ Toni Almeida

this is for sure a great SQLi tool. it's extremely powerful, easy to use and free!

★★★★★ Artemix

A very useful tool when you need to test your website security! Very useful and stable!

★★★ sniperhax

Yeah sqlmap is great if you're not doing anything blind. then it's a son of a bitch and God forbid you ask that dude over at git hub because he's a prick and doesn't tend to be particularly helpful. my results with it have been meh.

no rating Hassaan

sqlmap is very awesome tool. I used it so many times for SQLi and dump databases!

★★★★ TM KHAN

We have used sqlmap for our oscommerce based online store. The tool really helped us to find sql injections and figure out the root issues.

★★★★★ craft nation

**********good tool i crash alot of sites LOL!!!**************

★★★★★ gastontoth

This is my tool of choice when I have to exploit SQL injection. It works perfectly in different scenarios. I strongly recommend it.

no rating gastontoth newer comment by this user ↑

This is my tool of choice when I have to exploit SQL injection. It works perfectly in different scenarios. I strongly recommend it.

★★★★★ xem

Great tool. Also my first choice for testins sql injection.

★★★★★ Bing van Anrooij

Really great tool. In cases when I need to exploit a SQL injection vulnerable page this is always my first choice.

★★★★★ Schelm

sqlmap is an incredible tool. As soon as I spot a potential SQL injection vulnerability, I run sqlmap. It figures out so many things all by itself, which impresses me the most and I dumped several databases with it in pentests already.

Comments disabled

Feed for updates.

Home