SQLMap is the most popular SQL Injection vulnerability scanner out there and is fully open-source! SQLMap is available on GitHub

github.com

GitHub – sqlmapproject/sqlmap: Automatic SQL injection and database takeover tool

Automatic SQL injection and database takeover tool – GitHub – sqlmapproject/sqlmap: Automatic SQL injection and database takeover tool

Ghauri is an advanced tool that helps you automate the detection and exploitation of SQL Injection vulnerabilities! Ghauri is also open-source and available on GitHub!

github.com

GitHub – r0oth3x49/ghauri: An advanced cross-platform tool that automates the process of detecting…

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws – GitHub –

SQLiv is capable of google dorking a specific target, crawling it and scanning multiple URLs for SQL Injections! Although the repo is archived, the tool is still available on Github

github.com

GitHub – the-robot/sqliv: massive SQL injection vulnerability scanner

massive SQL injection vulnerability scanner. Contribute to the-robot/sqliv development by creating an account on GitHub.

Blisqy is designed to find time-based blind SQL injection vulnerabilities in HTTP headers Currently, it is only capable of exploiting MySQL and MariaDB backend servers Blisqy is available on GitHub as well:

github.com

GitHub – JohnTroony/Blisqy: Version 0.2 – Exploit Time-based blind-SQL injection in HTTP-Headers…

Version 0.2 – Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB). – GitHub – JohnTroony/Blisqy: Version 0.2 – Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/Maria…

Also, don’t forget to check by hand as these tools can give false negatives 😉

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.