Miroslav Stampar edited this page Apr 7, 2017 · 13 revisions

sqlmap wiki pages

User's manual


  • FAQ - Frequently Asked Questions
  • Presentations - Materials from sqlmap team presented at conferences
  • Screenshots - Collection of screenshots demonstrating some of features
  • Third party libraries - Detailed information about third-party libraries and tools used by sqlmap
Clone this wiki locally



  • Jan 2, stable version 1.1 released.


  • 2000th Issue closed.
  • Feb 27, stable version 1.0 released.


  • Oct 14, Miroslav presents sqlmap - why (not how) it works? (slides) at Navaja Negra & ConectaCon 2015 in Albacete, Spain.



  • Sep 19, Miroslav presents Heuristic methods used in sqlmap (slides) at FSEC 2013 in Varazdin, Croatia.
  • May 23, Miroslav presents sqlmap - Under the Hood (slides) at PHDays 2013 in Moscow, Russia.


  • June 26, sqlmap development is relocated on GitHub. A new homepage is deployed. The issue tracker goes public. The Subversion repository is dismissed as is the project hosting on SourceForge.
  • May 31, Miroslav presents his research DNS exfiltration using sqlmap (slides) with accompanying whitepaper Data Retrieval over DNS in SQL Injection Attacks at PHDays 2012 in Moscow, Russia.


  • December, Throughout the year dozen of new features have been developed and hundreds of bugs have been fixed.
  • September 23, Miroslav presents It all starts with the ' (SQL injection from attacker's point of view) (slides) talking about methods attackers use in SQL injection attacks at FSec - FOI Security Symposium in Varazdin, Croatia.
  • June 23, Miroslav presents sqlmap - security development in Python (slides) talking about sqlmap internals at EuroPython 2011 in Firenze, Italy.
  • April 10, Bernardo and Miroslav release sqlmap 0.9 featuring a totally rewritten and powerful SQL injection detection engine, the possibility to connect directly to a database server, support for time-based blind SQL injection and error-based SQL injection, support for four new database management systems and much more.


  • December, Bernardo and Miroslav have enhanced sqlmap a lot during the whole year and prepare to release sqlmap 0.9 within the first quarter of 2011.
  • June 3, Bernardo presents a talk titled Got database access? Own the network! at AthCon 2010 in Athens (Greece).
  • March 14, Bernardo and Miroslav release stable version of sqlmap 0.8 featuring many features. Amongst these, support to enumerate and dump all databases' tables containing user provided column(s), stabilization and enhancements to the takeover functionalities, updated integration with Metasploit 3.3.3 and a lot of minor features and bug fixes.
  • March, sqlmap demo videos have been published.
  • January, Bernardo is invited to present at AthCon conference in Greece on June 2010.


  • December 18, Miroslav Stampar replies to the call for developers. Along with Bernardo, he actively develops sqlmap from version 0.8 release candidate 2.
  • December 12, Bernardo writes to the mailing list a post titled sqlmap state of art - 3 years later highlighting the goals achieved during these first three years of the project and launches a call for developers.
  • December 4, sqlmap-devel mailing list has been merged into sqlmap-users mailing list.
  • November 20, Bernardo and Guido present again their research on stealth database server takeover at CONfidence 2009 in Warsaw, Poland.
  • September 26, sqlmap version 0.8 release candidate 1 goes public on the subversion repository, with all the attack vectors unveiled at SOURCE Barcelona 2009 Conference. These include an enhanced version of the Microsoft SQL Server buffer overflow exploit to automatically bypass DEP memory protection, support to establish the out-of-band connection with the database server by executing in-memory the Metasploit shellcode via UDF sys_bineval() (anti-forensics technique), support to access the Windows registry hives and support to inject custom user-defined functions.
  • September 21, Bernardo and Guido Landi present their research (slides) at SOURCE Conference 2009 in Barcelona, Spain.
  • August, Bernardo is accepted as a speaker at two others IT security conferences, SOURCE Barcelona 2009 and CONfidence 2009 Warsaw. This new research is titled Expanding the control over the operating system from the database.
  • July 25, stable version of sqlmap 0.7 is out!
  • June 27, Bernardo presents an updated version of his SQL injection: Not only AND 1=1 slides at 2nd Digital Security Forum in Lisbon, Portugal.
  • June 2, sqlmap version 0.6.4 has made its way to the official Ubuntu repository too.
  • May, Bernardo presents again his research on operating system takeover via SQL injection at OWASP AppSec Europe 2009 in Warsaw, Poland and at EUSecWest 2009 in London, UK.
  • May 8, sqlmap version 0.6.4 has been officially accepted in Debian repository. Details on this blog post.
  • April 22, sqlmap version 0.7 release candidate 1 goes public, with all the attack vectors unveiled at Black Hat Europe 2009 Conference. These include execution of arbitrary commands on the underlying operating system, full integration with Metasploit to establish an out-of-band TCP connection, first publicly available exploit for Microsoft Security Bulletin MS09-004 against Microsoft SQL Server 2000 and 2005 and others attacks to takeover the database server as a whole, not only the data from the database.
  • April 16, Bernardo presents his research (slides, whitepaper) at Black Hat Europe 2009 in Amsterdam, The Netherlands. The feedback from the audience is good and there has been some media coverage too.
  • March 5, Bernardo presents for the first time some of the sqlmap recent features and upcoming enhancements at an international event, Front Range OWASP Conference 2009 in Denver, USA. The presentation is titled SQL injection: Not only AND 1=1.
  • February 24, Bernardo is accepted as a speaker at Black Hat Europe 2009 with a presentation titled Advanced SQL injection exploitation to operating system full control.
  • February 3, sqlmap 0.6.4 is the last point release for 0.6: taking advantage of the stacked queries test implemented in 0.6.3, sqlmap can now be used to execute any arbitrary SQL statement, not only SELECT anymore. Also, many features have been stabilized, tweaked and improved in terms of speed in this release.
  • January 9, Bernardo presents SQL injection exploitation internals at a private event in London, UK.


  • December 18, sqlmap 0.6.3 is released featuring support to retrieve targets from Burp and WebScarab proxies log files, support to test for stacked queries and time-based blind SQL injection, rough fingerprint of the web server and web application technologies in use and more options to customize the HTTP requests and enumerate more information from the database.
  • November 2, sqlmap version 0.6.2 is a "bug fixes" release only.
  • October 20, sqlmap first point release, 0.6.1, goes public. This includes minor bug fixes and the first contact between the tool and Metasploit: an auxiliary module to launch sqlmap from within Metasploit Framework. The subversion development repository goes public again.
  • September 1, nearly one year after the previous release, sqlmap 0.6 comes to life featuring a complete code refactoring, support to execute arbitrary SQL SELECT statements, more options to enumerate and dump specific information are added, brand new installation packages for Debian, Red Hat, Windows and much more.
  • August, two public mailing lists are created on SourceForge.
  • January, sqlmap subversion development repository is moved away from SourceForge and goes private for a while.


  • November 4, release 0.5 marks the end of the OWASP Spring of Code 2007 contest participation. Bernardo has accomplished all the proposed objects which include also initial support for Oracle, enhanced support for UNION query SQL injection and support to test and exploit SQL injections in HTTP Cookie and User-Agent headers.
  • June 15, Bernardo releases version 0.4 as a result of the first OWASP Spring of Code 2007 milestone. This release features, amongst others, improvements to the DBMS fingerprint engine, support to calculate the estimated time of arrival, options to enumerate specific data from the database server and brand new logging system.
  • April, even though sqlmap was not and is not an OWASP project, it gets accepted, amongst many other open source projects to OWASP Spring of Code 2007.
  • March 30, Bernardo applies to OWASP Spring of Code 2007.
  • January 20, sqlmap version 0.3 is released, featuring initial support for Microsoft SQL Server, support to test and exploit UNION query SQL injections and injection points in POST parameters.


  • December 13, Bernardo releases version 0.2 with major enhancements to the DBMS fingerprint functionalities and replacement of the old inference algorithm with the bisection algorithm.
  • September, Daniele leaves the project, Bernardo Damele A. G. takes it over.
  • August, Daniele adds initial support for PostgreSQL and releases version 0.1.
  • July 25, Daniele Bellucci registers the sqlmap project on SourceForge and develops it on the SourceForge subversion repository. The skeleton is implemented and limited support for MySQL added.