Saturday, July 26, 2014

SQLMAP - Automatic SQL Injection Pentest tool


Sqlmap Description

The tool is instructed to identify possible SQL injections and exploit them by enumerating and dumping entries of all databases' tables containing one or more of the columns specified by the user. sqlmap always stores dumped entries in a local CSV file upon successful dump. The technique used to dump this data from the back-end database software is the default, boolean-based blind SQL injection.

It is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. It comes with a broad range of features lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

download sqlmap : here

See the Official sqlmap video demonstration


Post a Comment