Open-source tool that automates SQL injection detection for authorized security testing
Other
- Python
- C
- Shell

About sqlmap
sqlmap is an open-source security testing tool that automates detecting SQL injection flaws in web applications you are authorized to test. It targets web applications and their database backends, automating assessment work that would otherwise be done by hand.
A powerful detection engine pairs with a broad set of switches for database fingerprinting, retrieving data, and gauging the impact an exposed injection point could have, so teams can understand and fix the underlying flaw. It runs on Python 2.7 and 3.x on any platform.
Command line options cover everything from basic scans to advanced tuning for thorough assessments. It works out of the box once downloaded, and a detailed user's manual documents every option, switch, and supported feature.
Key features
- Automates detection of SQL injection flaws
- Database fingerprinting and data retrieval for assessments
- Gauges the impact of an exposed injection point
- Detailed user manual documenting every switch
- Command-line options for basic and advanced use
Details
- First released
- 2012
- License
- GPL-2.0
- Platforms
- Windows · macOS · Linux
- Language
- Python 2.7 / 3.x
- Deployment
- offline-first
- Targets
- SQL injection flaws
