SQLi SQL Injection
sqlmap - Automatic SQL injection and database takeover tool
NoSQLMap - Automated NoSQL database enumeration and web application exploitation tool.
SQLiScanner - Automatic SQL injection with Charles and sqlmap api
SleuthQL - Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
mssqlproxy - mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse
sqli-hunter - SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
waybackSqliScanner - Gather urls from wayback machine then test each GET parameter for sql injection.
ESC - Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features.
mssqli-duet - SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
burp-to-sqlmap - Performing SQLInjection test on Burp Suite Bulk Requests using SQLMap
BurpSQLTruncSanner - Messy BurpSuite plugin for SQL Truncation vulnerabilities.
andor - Blind SQL Injection Tool with Golang
Blinder - A python library to automate time-based blind SQL injection
sqliv - massive SQL injection vulnerability scanner
nosqli - NoSql Injection CLI tool, for finding vulnerable websites using MongoDB
Last updated