cross-platform sqlmap GUI aimed to mobile devices
Python Shell
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
chik_res some changes for iOS version Apr 9, 2014
ioslibs working buildozer spec Nov 16, 2014
screens failed to resize an image :) Oct 10, 2013
android.txt first commit. Still very unstable but working version Oct 8, 2013 updated build script Dec 13, 2013 changed URL dialog Dec 13, 2013
buildozer.spec working buildozer spec Nov 16, 2014 some changes for iOS version Apr 9, 2014 some changes for iOS version Apr 9, 2014 working buildozer spec Nov 16, 2014
icon.png updated screenshots and build script. Oct 10, 2013 some changes for iOS version Apr 9, 2014


sqlmapchik is a cross-platform sqlmap GUI for popular sqlmap tool. It is primarily aimed to be used on mobile devices (currently Android is supported).


main menu target mainlog settings

Installation (easy)

The easiest way to install sqlmapchik on Android device is to download it from Google Play. Note that Google Play version may not include the latest available sqlmap version.

Installation (hacky)

To run sqlmapchik on desktop machine or to build a cutting-edge version of APK:

  1. git-clone sqlmapchik repository
  2. cd to sqlmapchik directory
  3. git-clone sqlmap (make sure that sqlmap containing folder is called sqlmap)
  4. install kivy (1.8.0 is OK)
  5. you should be able to run sqlmapchik with python

To run sqlmapchik on Android you have two options:

  1. build an APK using these instructions. There is a script that may help. Don't forget to comment the following lines in blacklist.txt in your python-for-android distribution folder:

    # unittest/*
    # sqlite3/*
    # lib-dynload/
    # lib-dynload/
    # lib-dynload/
  2. use a nice Kivy Launcher. In this case you just need to copy the project directory to /sdcard/kivy/ on your mobile device.

Unsupported features

Project is currently in beta (I suppose it will always be as sqlmap is constantly evolving :). At this point, not all of sqlmap features are supported. Here is what doesn't work for sure:

  • sqlmap API
  • profiling
  • log colorizing
  • beeping :)
  • user-defined function injection
  • updating
  • metasploit integration

Other features should work. If you find an issue (I bet you will:), don't hesitate to report it on Github, by email, Twitter, pidgin mail etc.