SQLMC (SQL Injection Massive Checker) is a tool designed to scan a domain for SQL injection vulnerabilities. It crawls the given URL up to a specified depth, checks each link for SQL injection vulnerabilities, and reports its findings.
Replace http://example.com with the URL you want to scan and 3 with the desired depth of the scan. You can also specify an output file using the -o or --output flag followed by the desired filename.
The tool will then perform the scan and display the results.
Features
- Scans a domain for SQL injection vulnerabilities
- Crawls the given URL up to a specified depth
- Checks each link for SQL injection vulnerabilities
- Reports vulnerabilities along with server information and depth
Installation
- Install the required dependencies:
bash pip3 install sqlmc
Usage
Runsqlmc with the following command-line arguments:-u, --url: The URL to scan (required)-d, --depth: The depth to scan (required)-o, --output: The output file to save the results
sqlmc -u http://example.com -d 2Replace http://example.com with the URL you want to scan and 3 with the desired depth of the scan. You can also specify an output file using the -o or --output flag followed by the desired filename.
The tool will then perform the scan and display the results.
ToDo
- Check for multiple GET params
- Better injection checker trigger methods
Credits
- Developed by Miguel Álvarez