Web-Based SQLMap: Generate Commands, Test SQL Injections

by ddos · Published · Updated

SQLMap Command Generator is a web-based application designed to assist penetration testers and security enthusiasts in generating SQLMap commands with various options for testing SQL injection vulnerabilities. It provides an easy-to-use interface where users can configure various parameters, such as target URL, Google dork, POST data, connection options, detection levels, and techniques for SQL injection.

Features

  • Target Configuration: Define target URL or Google dork.
  • Connection Options: Configure proxy, random user-agent, and use Tor network.
  • Detection Options: Set the test level, risk, and verbosity.
  • Injection Techniques: Select from multiple SQL injection techniques, including boolean-based, error-based, union-based, and more.
  • Enumeration Options: Choose data to extract from the database (e.g., tables, columns, passwords).
  • Advanced Options: Configure additional attack options like OS shell, OS pwn, and batch mode.

Available Options

  • Target URL: Input the target URL to be tested (e.g., http://example.com/vuln.php?id=1).
  • Google Dork: Use a Google dork to find vulnerable pages (e.g., inurl:".php?id=1").
  • POST Data: Provide any POST data parameters.
  • Cookie: Provide any cookies needed for the session.

Install & Use

Tags: SQLMapSQLMap commands