Skip to content

connorjaydunn/SQLiF

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
screenshots
screenshots
 
 
src
src
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
sqlif.py
sqlif.py
 
 

Repository files navigation

SQLiF

SQLiF (SQL injection Finder) is an open-source penetration testing tool designed to automate the detection of SQL injection vulnerabilities. SQLiF only detects vulnerabilities, it will not exploit them.

Features

  • GET & POST Form SQLi Vulnerability Testing
  • Error-Based SQLi
  • Time-Based SQLi
  • Cookie-Based SQLi
  • Header-Based SQLi
  • Recursive Scanning
  • Targeted Scanning
  • Detection For Many Popular DBMS (MySQL, PostgreSQL, Microsoft SQL Server, and more)
  • Dork-Based Scanning

Screenshots

Installation

1. Clone the repository:

git clone https://github.com/connorjaydunn/SQLiF.git

2. Install dependencies:

cd SQLiF
pip install -r requirements.txt

Usage

To view all available options and parameters, run:

python sqlif.py -h

Examples

Targeted scan with cookie and header-based injection:

python sqlif.py -t "https://127.0.0.1/blog.php?id=23" --cookies-scan --headers-scan

Google search results scan (start index 20 and 30 results total) using 3 threads and recursive scanning.

python sqlif.py -q "inurl:login.php" -s 20 -n 30 --threads=3 --crawl

DISCLAIMER

The developer is not responsible for any illegal use, including unauthorised attacks on websites or databases. By using this software, you agree to use it responsibly and legally, and you assume full responsibility for any consequences that may arise.

About

SQL injection vulnerability scanner

Resources

Readme

License

MIT license
Activity

Stars

24 stars

Watchers

1 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages