Skip to main content

Automatic SQL injection and database takeover tool

Project description

Build Status Python 2.6|2.7|3.x License Twitter

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

Screenshots

Screenshot

You can visit the collection of screenshots demonstrating some of features on the wiki.

Installation

You can use pip to install and/or upgrade the sqlmap to latest (monthly) tagged version with:

pip install --upgrade sqlmap

Alternatively, you can download the latest tarball by clicking here or latest zipball by clicking here.

If you prefer fetching daily updates, you can download sqlmap by cloning the Git repository:

git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev

sqlmap works out of the box with Python version 2.6, 2.7 and 3.x on any platform.

Usage

To get a list of basic options and switches use:

sqlmap -h

To get a list of all options and switches use:

sqlmap -hh

You can find a sample run here. To get an overview of sqlmap capabilities, list of supported features and description of all options and switches, along with examples, you are advised to consult the user’s manual.

Project details


Release history Release notifications | RSS feed

This version

1.4.7

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sqlmap-1.4.7.tar.gz (6.8 MB view details)

Uploaded Source

File details

Details for the file sqlmap-1.4.7.tar.gz.

File metadata

  • Download URL: sqlmap-1.4.7.tar.gz
  • Upload date:
  • Size: 6.8 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: Python-urllib/2.7

File hashes

Hashes for sqlmap-1.4.7.tar.gz
Algorithm Hash digest
SHA256 46486177a65aed67bacffe99b9614bb4357cd30795d00ee83e8674655bde2601
MD5 66c8b22f0cc00cdaa2fce1f7a0ea9f4a
BLAKE2b-256 0c91b9a1c5be682dbbe85fb2006b7c20a49344af8fa95693ee8f8f82206a8ee1

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page