Link Search Menu Expand Document


Detect and exploit SQL injection flaws. More information:

  • Run sqlmap against a single target URL:

python -u "{{}}"

  • Send data in a POST request (--data implies POST request):

python -u "{{}}" --data="{{id=1}}"

  • Change the parameter delimiter (& is the default):

python -u "{{}}" --data="{{query=foobar;id=1}}" --param-del="{{;}}"

  • Select a random User-Agent from ./txt/user-agents.txt and use it:

python -u "{{}}" --random-agent

  • Provide user credentials for HTTP protocol authentication:

python -u "{{}}" --auth-type {{Basic}} --auth-cred "{{testuser:testpass}}"