- Saved searches
- Use saved searches to filter your results more quickly
- License
- hackyguru/SQLiScan
- Name already in use
- Sign In Required
- Launching GitHub Desktop
- Launching GitHub Desktop
- Launching Xcode
- Launching Visual Studio Code
- Latest commit
- Git stats
- Files
- README.md
- Saved searches
- Use saved searches to filter your results more quickly
- License
- bambish/ScanQLi
- Name already in use
- Sign In Required
- Launching GitHub Desktop
- Launching GitHub Desktop
- Launching Xcode
- Launching Visual Studio Code
- Latest commit
- Git stats
- Files
- README.md
- About
Saved searches
Use saved searches to filter your results more quickly
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.
A python based tool for finding SQL vulnerable sites.
License
hackyguru/SQLiScan
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Sign In Required
Please sign in to use Codespaces.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching Xcode
If nothing happens, download Xcode and try again.
Launching Visual Studio Code
Your codespace will open once ready.
There was a problem preparing your codespace, please try again.
Latest commit
Git stats
Files
Failed to load latest commit information.
README.md
An open-source SQL injection Scanner.
This tool is developed only for educational purposes. The developer is not responsible if you use this tool for any illegal activities.
The python script examines the header responses from the search results of google and based on the response , the tool classifies the vulnerable and non-vulnerable sites.
- Automatically find vulnerable sites using Google Dorks.
- Automatic filtering of irrelevant sites.
- Text file with vulnerable site list can be obtained.
- Automatic VPN Detection.
- Can be useful for mass defacement attacks.
- Useful for bug bounties.
- Easy to use.
- Light weight.
- User friendly.
Run these commands to use SQLi
To use the SQLiScan type the following commands in Termux:
pkg install git pkg install python git clone https://github.com/hackyguru/SQLiScan cd SQLiScan pip install -r requirements.txt python3 SQLiScan.py
To use the scanner type the following commands in Linux/Bash terminal:
git clone https://github.com/hackyguru/SQLiScan cd SQLiScan pip install -r requirements.txt python3 SQLiScan.py
I will be probably adding a GUI for this project in the near future in SQLiScan 2.0. Please hang on until that 😀 I hope it works well in CLI.
You can hit me up anytime 😀
Saved searches
Use saved searches to filter your results more quickly
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.
SQLi scanner to detect SQL vulns
License
bambish/ScanQLi
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Sign In Required
Please sign in to use Codespaces.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching Xcode
If nothing happens, download Xcode and try again.
Launching Visual Studio Code
Your codespace will open once ready.
There was a problem preparing your codespace, please try again.
Latest commit
Git stats
Files
Failed to load latest commit information.
README.md
ScanQLi is a simple SQL injection scanner with somes additionals features. This tool can’t exploit the SQLi, it just detect them.
- Classic
- Blind
- Time based
- GBK (soon)
- Recursive scan (follow all hrefs of the scanned web site)
- Cookies integration
- Adjustable wait delay between requests
- Ignore given URLs
1. Install git tool.
apt update apt install git
2. Clone the repo.
git clone https://github.com/bambish/ScanQLi
3. Install python required libs
apt install python-pip cd ScanQLi pip install -r requirements.txt
For Python 3 please install python3-pip and use pip3 .
python scanqli -u [URL] [OPTIONS]
Simple URL scan with output file:
python scanqli.py -u 'http://127.0.0.1/test/?p=news' -o output.log
Recursive URL scanning with cookies:
python scanqli.py -u 'https://127.0.0.1/test/' -r -c ''
ScanQLi was created to perform pentest or others legal stuffs (like bug bounty). Using ScanQLi against web site without authorization is forbidden.
I’m not responsible of your usage of ScanQLi. At your own risk.
About
SQLi scanner to detect SQL vulns