sqlmap – SecTools Top Network Security Tools

<!DOCTYPE html> <html lang="en"> <head> <title>sqlmap – SecTools Top Network Security Tools</title> <meta name="description" content="Reviews, ratings, and information about sqlmap: vulnerability exploitation tools, web vulnerability scanners, "> <link rel="alternate" type="application/rss+xml" href="/tool/sqlmap/feed/"> <meta name="viewport" content="width=device-width,initial-scale=1"> <meta name="theme-color" content="#2A0D45"> <link rel="preload" as="image" href="/images/sitelogo.png" imagesizes="168px" imagesrcset="/images/sitelogo.png, /images/sitelogo-2x.png 2x"> <link rel="preload" as="image" href="/shared/images/nst-icons.svg"> <link rel="stylesheet" href="/shared/css/nst.css?v=2"> <script async src="/shared/js/nst.js?v=2"></script> <link rel="stylesheet" href="/shared/css/nst-foot.css?v=2" media="print" onload="this.media='all'"> <link rel="stylesheet" href="/site.css">  <link rel="preload" href="https://www.google-analytics.com/analytics.js" as="script"> <script> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-11009417-1', 'auto'); ga('send', 'pageview'); </script>  <META NAME="ROBOTS" CONTENT="NOARCHIVE"> <link rel="shortcut icon" href="/shared/images/tiny-eyeicon.png" type="image/png"> </head> <body><div id="nst-wrapper"> <div id="menu"> <div class="blur"> <header id="nst-head"> <a id="menu-open" href="#menu" aria-label="Open menu"> <img width="44" height="44" alt="" aria-hidden="true" src="/shared/images/nst-icons.svg#menu"> </a> <a id="menu-close" href="#" aria-label="Close menu"> <img width="44" height="44" alt="" aria-hidden="true" src="/shared/images/nst-icons.svg#close"> </a> <a id="nst-logo" href="/" aria-label="Home page"> <img alt="Home page logo" srcset="/images/sitelogo.png, /images/sitelogo-2x.png 2x" src="/images/sitelogo.png" onerror="this.onerror=null;this.srcset=this.src" height=90 width=168></a> <nav id="nst-gnav"> <a class="nlink" href="https://nmap.org/">Nmap.org</a> <a class="nlink" href="https://npcap.com/">Npcap.com</a> <a class="nlink" href="https://seclists.org/">Seclists.org</a> <a class="nlink" href="https://sectools.org">Sectools.org</a> <a class="nlink" href="https://insecure.org/">Insecure.org</a> </nav> <form class="nst-search" id="nst-head-search" action="/search/"> <input class="nst-search-q" name="q" type="search" placeholder="Site Search"> <button class="nst-search-button" title="Search"> <img style="width:100%;aspect-ratio:1/1;" alt="" aria-hidden="true" src="/shared/images/nst-icons.svg#search"> </button> </form> </header> </div> </div> <main id="nst-content"> <nav> <div id="nav"> <ul> <li><a href="/">Home</a></li> <li><a href="/about/">About/Help</a></li> <li><a href="/contrib/">Suggest a new tool</a></li> <li><form action="/search/" method="get"><input type="text" name="q" size="10"><input type="submit" value="Search"></form></li> </ul> </div> </nav> <h1 class="toolhead">sqlmap</h1> <ul class="inline-tags-container"> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="http://sqlmap.sourceforge.net/"><img src="/flags/home-icon.png" title="Homepage" alt="Home icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/new/"><img src="/flags/new_30x30.gif" title="New in latest survey." alt="New!" border="0"></a></li> <li><a href="/tag/free/"><img src="/flags/free_30x30.png" title="All official versions are free of charge" alt=""Free" price tag icon" border="0"></a></li> <li><a href="/tag/linux/"><img src="/flags/linuxpenguinlogo_30x30.gif" title="Works natively on Linux." alt="Linux penguin icon" border="0"></a></li> <li><a href="/tag/os-x/"><img src="/flags/osx-30x30.png" title="Works natively on Apple Mac OS X." alt="OS X icon" border="0"></a></li> <li><a href="/tag/windows/"><img src="/flags/winlogo_30x30.gif" title="Works natively on Microsoft Windows." alt="Windows icon" border="0"></a></li> <li><a href="/tag/command-line/"><img src="/flags/term-30x30.png" title="Features a command-line interface." alt="Terminal window icon" border="0"></a></li> <li><a href="/tag/source/"><img src="/flags/magnifying-glass-19x30.png" title="Source code available for inspection." alt="Magnifying glass icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/sploits/" title="Vulnerability exploitation tools">sploits</a></li> <li><a href="/tag/web-scanners/" title="Web vulnerability scanners">web-scanners</a></li> </ul> </li> </ul> <p> <div class="logo" style="float:left"><img src="/logos/sqlmap-80x93.png" alt="sqlmap logo"></div> sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. It comes with a broad range of features, from database fingerprinting to fetching data from the DB and even accessing the underlying file system and executing OS commands via out-of-band connections. The authors recommend using the development release from their Subversion repository. For downloads and more information, <a href="http://sqlmap.sourceforge.net/">visit the sqlmap homepage</a>. </p> <div id="infobox"> <dl> <dt>Popularity</dt> <dd>#30, <a href="/tag/new/" class="rank-new" title="New in latest survey">new!</a></dd> <dt>Latest release</ttd> <dd><ul class="inline"> <li>0.9</li> <li>April 11, 2011 (13 years, 10 months ago)</li> </ul> </dd> <dt>Links</dt> <dd><ul class="inline"> <li> <a href="http://sqlmap.sourceforge.net/">Homepage/Download</a></li> </ul> </dd> <dt>Rating</ttd> <dd>★★★★½ (9) <div class="histogram"> <span class="stars">★★★★★</span> <div class="histogram-bg"><div class="histogram-bar" style="width:78%"></div></div> <span class="percent">78%</span> <span class="stars">★★★★</span> <div class="histogram-bg"><div class="histogram-bar" style="width:11%"></div></div> <span class="percent">11%</span> <span class="stars">★★★</span> <div class="histogram-bg"><div class="histogram-bar" style="width:11%"></div></div> <span class="percent">11%</span> <span class="stars">★★</span> <div class="histogram-bg"><div class="histogram-bar" style="width:0%"></div></div> <span class="percent">0%</span> <span class="stars">★</span> <div class="histogram-bg"><div class="histogram-bar" style="width:0%"></div></div> <span class="percent">0%</span> </div> </dd> </dl> <a href="/tool/sqlmap/contrib/" class="update-link">Outdated/incomplete?</a> </div> <h2>Comments</h2> <dl id="comments"> <dt id="c715"> <span style="float:right; min-width:5em; margin-left:1em"> ★★★★★ </span> <span style="float:right"><a href="#c715" class="permalink">April 30, 2015</a></span> <a href="http://enc0dedreams.blogspot.com/" rel="nofollow">Toni Almeida</a> </dt> <dd> <p> this is for sure a great SQLi tool. it's extremely powerful, easy to use and free! </p> </dd> <dt id="c682"> <span style="float:right; min-width:5em; margin-left:1em"> ★★★★★ </span> <span style="float:right"><a href="#c682" class="permalink">Dec. 24, 2014</a></span> <a href="http://www.artemix.olympe.in/" rel="nofollow">Artemix</a> </dt> <dd> <p> A very useful tool when you need to test your website security! Very useful and stable! </p> </dd> <dt id="c609"> <span style="float:right; min-width:5em; margin-left:1em"> ★★★ </span> <span style="float:right"><a href="#c609" class="permalink">May 22, 2014</a></span> <a href="http://twitter.com/anons4animals" rel="nofollow">sniperhax</a> </dt> <dd> <p> Yeah sqlmap is great if you're not doing anything blind. then it's a son of a bitch and God forbid you ask that dude over at git hub because he's a prick and doesn't tend to be particularly helpful. my results with it have been meh. </p> </dd> <dt id="c595"> <span style="float:right; min-width:5em; margin-left:1em"> no rating </span> <span style="float:right"><a href="#c595" class="permalink">April 24, 2014</a></span> <a href="http://www.google.com/" rel="nofollow">Hassaan</a> </dt> <dd> <p> sqlmap is very awesome tool. I used it so many times for SQLi and dump databases! </p> </dd> <dt id="c584"> <span style="float:right; min-width:5em; margin-left:1em"> ★★★★ </span> <span style="float:right"><a href="#c584" class="permalink">March 4, 2014</a></span> <a href="http://www.fashno.com/" rel="nofollow">TM KHAN</a> </dt> <dd> <p> We have used sqlmap for our oscommerce based online store. The tool really helped us to find sql injections and figure out the root issues. </p> </dd> <dt id="c557"> <span style="float:right; min-width:5em; margin-left:1em"> ★★★★★ </span> <span style="float:right"><a href="#c557" class="permalink">Oct. 27, 2013</a></span> <a href="http://craftnation.usa/" rel="nofollow">craft nation</a> </dt> <dd> <p> **********good tool i crash alot of sites LOL!!!************** </p> </dd> <dt id="c541"> <span style="float:right; min-width:5em; margin-left:1em"> ★★★★★ </span> <span style="float:right"><a href="#c541" class="permalink">Aug. 21, 2013</a></span> <a href="http://patagoniasec.com.ar/" rel="nofollow">gastontoth</a> </dt> <dd> <p> This is my tool of choice when I have to exploit SQL injection. It works perfectly in different scenarios. I strongly recommend it. </p> </dd> <dt id="c540"> <span style="float:right; min-width:5em; margin-left:1em"> no rating </span> <span style="float:right"><a href="#c540" class="permalink">Aug. 21, 2013</a></span> <a href="http://patagoniasec.com.ar/" rel="nofollow">gastontoth</a> <a href="#c541" style="margin-left:1em; font-size:smaller">newer comment by this user ↑</a> </dt> <dd> <p> This is my tool of choice when I have to exploit SQL injection. It works perfectly in different scenarios. I strongly recommend it. </p> </dd> <dt id="c393"> <span style="float:right; min-width:5em; margin-left:1em"> ★★★★★ </span> <span style="float:right"><a href="#c393" class="permalink">June 11, 2012</a></span> <a href="http://google.com/" rel="nofollow">xem</a> </dt> <dd> <p> Great tool. Also my first choice for testins sql injection. </p> </dd> <dt id="c385"> <span style="float:right; min-width:5em; margin-left:1em"> ★★★★★ </span> <span style="float:right"><a href="#c385" class="permalink">May 27, 2012</a></span> <a href="http://www.none.com/" rel="nofollow">Bing van Anrooij</a> </dt> <dd> <p> Really great tool. In cases when I need to exploit a SQL injection vulnerable page this is always my first choice. </p> </dd> <dt id="c175"> <span style="float:right; min-width:5em; margin-left:1em"> ★★★★★ </span> <span style="float:right"><a href="#c175" class="permalink">Dec. 9, 2011</a></span> <a href="http://www.google.com/" rel="nofollow">Schelm</a> </dt> <dd> <p> sqlmap is an incredible tool. As soon as I spot a potential SQL injection vulnerability, I run sqlmap. It figures out so many things all by itself, which impresses me the most and I dumped several databases with it in pentests already. </p> </dd> </dl> <h2>Comments disabled</h2> <p> <a href="/tool/sqlmap/feed/">Feed for updates.</a> </p> <p> <a href="/">Home</a> </p> </main> <footer id="nst-foot"> <form class="nst-search" id="nst-foot-search" action="/search/"> <input class="nst-search-q" name="q" type="search" placeholder="Site Search"> <button class="nst-search-button" title="Search"> <img style="width:100%;aspect-ratio:1/1;" alt="" aria-hidden="true" src="/shared/images/nst-icons.svg#search"> </button> </form> <div class="flexlists"> <div class="fl-unit"> <h2><a class="nlink" href="https://nmap.org/">Nmap Security Scanner</a></h2> <ul> <li><a class="nlink" href="https://nmap.org/book/man.html">Ref Guide</a> <li><a class="nlink" href="https://nmap.org/book/install.html">Install Guide</a> <li><a class="nlink" href="https://nmap.org/docs.html">Docs</a> <li><a class="nlink" href="https://nmap.org/download.html">Download</a> <li><a class="nlink" href="https://nmap.org/oem/">Nmap OEM</a> </ul> </div> <div class="fl-unit"> <h2><a class="nlink" href="https://npcap.com/">Npcap packet capture</a></h2> <ul> <li><a class="nlink" href="https://npcap.com/guide/">User's Guide</a> <li><a class="nlink" href="https://npcap.com/guide/npcap-devguide.html#npcap-api">API docs</a> <li><a class="nlink" href="https://npcap.com/#download">Download</a> <li><a class="nlink" href="https://npcap.com/oem/">Npcap OEM</a> </ul> </div> <div class="fl-unit"> <h2><a class="nlink" href="https://seclists.org/">Security Lists</a></h2> <ul> <li><a class="nlink" href="https://seclists.org/nmap-announce/">Nmap Announce</a> <li><a class="nlink" href="https://seclists.org/nmap-dev/">Nmap Dev</a> <li><a class="nlink" href="https://seclists.org/fulldisclosure/">Full Disclosure</a> <li><a class="nlink" href="https://seclists.org/oss-sec/">Open Source Security</a> <li><a class="nlink" href="https://seclists.org/dataloss/">BreachExchange</a> </ul> </div> <div class="fl-unit"> <h2><a class="nlink" href="https://sectools.org">Security Tools</a></h2> <ul> <li><a class="nlink" href="https://sectools.org/tag/vuln-scanners/">Vuln scanners</a> <li><a class="nlink" href="https://sectools.org/tag/pass-audit/">Password audit</a> <li><a class="nlink" href="https://sectools.org/tag/web-scanners/">Web scanners</a> <li><a class="nlink" href="https://sectools.org/tag/wireless/">Wireless</a> <li><a class="nlink" href="https://sectools.org/tag/sploits/">Exploitation</a> </ul> </div> <div class="fl-unit"> <h2><a class="nlink" href="https://insecure.org/">About</a></h2> <ul> <li><a class="nlink" href="https://insecure.org/fyodor/">About/Contact</a> <li><a class="nlink" href="https://insecure.org/privacy.html">Privacy</a> <li><a class="nlink" href="https://insecure.org/advertising.html">Advertising</a> <li><a class="nlink" href="https://nmap.org/npsl/">Nmap Public Source License</a> </ul> </div> <div class="fl-unit social-links"> <a class="nlink" href="https://twitter.com/nmap" title="Visit us on Twitter"> <img width="32" height="32" src="/shared/images/nst-icons.svg#twitter" alt="" aria-hidden="true"> </a> <a class="nlink" href="https://facebook.com/nmap" title="Visit us on Facebook"> <img width="32" height="32" src="/shared/images/nst-icons.svg#facebook" alt="" aria-hidden="true"> </a> <a class="nlink" href="https://github.com/nmap/" title="Visit us on Github"> <img width="32" height="32" src="/shared/images/nst-icons.svg#github" alt="" aria-hidden="true"> </a> <a class="nlink" href="https://reddit.com/r/nmap/" title="Discuss Nmap on Reddit"> <img width="32" height="32" src="/shared/images/nst-icons.svg#reddit" alt="" aria-hidden="true"> </a> </div> </div> </footer> </div> </body> </html>

CINXE.COM

sqlmap – SecTools Top Network Security Tools