jSQL Injection: Java application for automatic SQL database injection

jSQL Injection

jSQL Injection is a lightweight application used to find database information from a distant server. It is free, open-source, and cross-platform (Windows, Linux, Mac OS X).

jSQL Injection

It is also part of the official penetration testing distribution Kali Linux and is included in other distributions like Pentest BoxParrot Security OSArchStrike, or BlackArch Linux.

This software is developed using great open-source libraries like SpringSpock, and Hibernate, and it uses the platform Travis CI for continuous integration.

Each program update is tested with Java versions 8 through 13 in the cloud, against various MySQL, PostgreSQL, and H2 databases. Source code is open to pull requests and to any contribution to multi-threading, devops, unit and integration tests, and optimization.


  • Automatic injection of 23 kinds of databases: Access, CockroachDB, CUBRID, DB2, Derby, Firebird, H2, Hana, HSQLDB, Informix, Ingres, MaxDB, Mckoi, MySQL{MariaDb}, Neo4j, NuoDB, Oracle, PostgreSQL, SQLite, SQL Server, Sybase, Teradata and Vertica
  • Multiple injection strategies: Normal, Error, Blind and Time
  • SQL Engine to study and optimize SQL expressions
  • Injection of multiple targets
  • Search for administration pages
  • Creation and visualization of Web shell and SQL shell
  • Read and write files on the host using injection
  • Bruteforce of password’s hash
  • Code and decode a string


Install Java 8, then download the latest release of jSQL Injection and double-click on the file to launch the software.
You can also type java -jar jsql-injection-v0.81.jar in your terminal to start the program.
If you are using Kali Linux then get the latest release using commands apt update then apt full-upgrade



Copyright (C) 2016  

Source: https://github.com/ron190/