sqlmap

Overview

sqlmap automates SQL injection detection and exploitation. It supports all major databases (MySQL, PostgreSQL, MSSQL, Oracle, SQLite), all injection techniques (boolean-blind, time-blind, error-based, UNION, stacked queries), and can extract entire databases, read/write files on the server, and execute OS commands through SQL injection.

Instructions

Step 1: Basic Detection

# Test a URL parameter for SQL injection
sqlmap -u "https://target.example.com/products?id=1" --batch
# --batch: use defaults for all prompts (non-interactive)

# Test POST parameters
sqlmap -u "https://target.example.com/login" \
  --data="username=admin&password=test" \
  --batch

Related skills

sqlmap

sqlmap

Overview

Instructions

Step 1: Basic Detection

More from terminalskills/skills

api-tester

instagram-marketing

directus

coolify

agent-memory

reddit-insights