SQLMap Database Penetration Testing
SQLMap Database Penetration Testing
Purpose
Provide systematic methodologies for automated SQL injection detection and exploitation using SQLMap. This skill covers database enumeration, table and column discovery, data extraction, multiple target specification methods, and advanced exploitation techniques for MySQL, PostgreSQL, MSSQL, Oracle, and other database management systems.
Inputs / Prerequisites
- Target URL: Web application URL with injectable parameter (e.g.,
?id=1) - SQLMap Installation: Pre-installed on Kali Linux or downloaded from GitHub
- Verified Injection Point: URL parameter confirmed or suspected to be SQL injectable
- Request File (Optional): Burp Suite captured HTTP request for POST-based injection
- Authorization: Written permission for penetration testing activities
Outputs / Deliverables
- Database Enumeration: List of all databases on the target server
- Table Structure: Complete table names within target database
- Column Mapping: Column names and data types for each table
More from hainamchung/agent-assistant
spring-boot-engineer
Use when building Spring Boot 3.x applications, microservices, or reactive Java applications. Invoke for Spring Data JPA, Spring Security 6, WebFlux, Spring Cloud integration.
17embedded-systems
Use when developing firmware for microcontrollers, implementing RTOS applications, or optimizing power consumption. Invoke for STM32, ESP32, FreeRTOS, bare-metal, power optimization, real-time systems.
13expo-app-design
Build beautiful cross-platform mobile apps with Expo Router, NativeWind, and React Native.
13vulnerability-scanner
Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.
12copywriting
>
11cpp-pro
Write idiomatic C++ code with modern features, RAII, smart pointers, and STL algorithms. Handles templates, move semantics, and performance optimization.
11