Skip to content
/ Injectionmap_v2 Public

Open source Penetration Testing Software for automatic Injection attacks, Exploiting every query injection flaws and taking over of database servers. Blind SQL, NoSQL, SQL, Blind GQL, GQL, Command, LDAP, Traversal, JNDI, JDBC, Esi, El, Etc. Clear mapping.

sqlmap.org

License

View license
37 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

byt3n33dl3/Injectionmap_v2

BranchesTags

Repository files navigation

Injectionmap_v2

Introducing Injectionmap_v2

Injectionmap_v2 is an advanced open-source penetration testing tool that automates the detection and exploitation of various types of vulnerabilities in web applications. Building on the capabilities from SQLMap Project, Injectionmap_v2 expands its scope to include not only SQL injection but also Blind SQL, NoSQL, Command, LDAP, Directory Traversal, and other Injection Attack techniques.

Python3 and C/ Master Based

Features

  • Comprehensive Injection Support: Detects and exploits SQL, Blind SQL, NoSQL, Command, LDAP, Directory Traversal, and other injection vulnerabilities.
  • Wide DBMS Support: Compatible with MySQL, Oracle, PostgreSQL, Microsoft SQL Server, SQLite, MongoDB, and many more.
  • Automated Testing: Automates the process of finding and exploiting injection vulnerabilities.
  • Advanced Techniques: Uses a variety of techniques including boolean-based blind, time-based blind, error-based, UNION query-based, stacked queries, and more.
  • Payloads and Tampering: Includes numerous payloads and tamper scripts to bypass security mechanisms.
  • Database Fingerprinting: Identifies the specific version and features of the targeted DBMS.
  • Data Extraction: Extracts data such as database schema, tables, columns, and sensitive data.
  • Command Execution: Executes arbitrary commands on the database server if privileges allow.
  • Integration: Can be integrated with other tools and scripts for enhanced security testing.

Installation

Clone the repository:

git clone https://github.com/byt3n33dl3/Injectionmap_v2.git
cd Injectionmap_v2

Install the required dependencies:

pip install -r requirements.txt

Usage

Injectionmap_v2 is designed to be easy to use with a command line interface, below are some example commands:

To perform a basic SQL injection test:

python3 injectionmap -u "http://example.com/vulnerable.php?id=1"

To get a list of basic options and switches use:

python3 injectionmap -h
python3 injectionmap -hh

To get a list of all options and switches use:

python3 Injectionmap_v2 -hh

You can find a sample run here!.

Another injections attack modules:

  • Blind SQL Injection
  • NoSQL Injection
  • GQL Injection
  • Command Injection
  • LDAP Injection
  • Directory Traversal

Contribution

Contributions are welcome! Please submit a pull request or open an issue to discuss any changes you would like to make. License. This project is licensed under the Injectionmap_v2 General Public License. See the LICENSE file for details. Contact

Code contributors of Injectionmap_v2:

Thanks to

  • SQLMapproject
  • GangstaCrew
  • The Designer

For more informations

Visit our GitHub Organization , or contact us at byt3n33dl3@proton.me

About

Open source Penetration Testing Software for automatic Injection attacks, Exploiting every query injection flaws and taking over of database servers. Blind SQL, NoSQL, SQL, Blind GQL, GQL, Command, LDAP, Traversal, JNDI, JDBC, Esi, El, Etc. Clear mapping.

sqlmap.org

Topics

linux ldap nosql injection automatic manipulation database-access sqlmap injection-attacks trust-attack

Resources

Readme

License

View license
Activity

Stars

37 stars

Watchers

1 watching

Forks

4 forks
Report repository

Releases 3

Airmal Faxina Latest
Oct 27, 2024
+ 2 releases

Packages

No packages published

Contributors 8

Languages