📑 Table of Contents
Sqlmap
Original authorDaniele Bellucci[1]
LicenseGNU General Public License, version 2
Websitesqlmap.org
Repository

sqlmap is a software utility for automated discovering of SQL injection vulnerabilities in web applications.[2][3]

Usage

edit

The tool was used in the 2015 data breach of TalkTalk.[4] In 2016, the Illinois Board of Election was breached using the tool, combined with Acunetix and DirBuster.[5]

References

edit
  1. ^ "History". GitHub. Retrieved 2023-06-24.
  2. ^ Clarke, Justin (2012). SQL injection attacks and defense. Waltham, MA: Elsevier. p. 282. ISBN 978-1-59749-963-7.
  3. ^ Perry, Brandon (2017). Gray hat C#: a hacker's guide to creating and automating security tools (First printing ed.). San Francisco: No Starch Press. ISBN 978-1-59327-759-8.
  4. ^ Bowcott, Owen; correspondent, Owen Bowcott Legal affairs (2016-11-15). "Boy who hacked TalkTalk website was 'showing off to mates'". The Guardian. ISSN 0261-3077. Retrieved 2023-06-05. {{cite news}}: |last2= has generic name (help)
  5. ^ Francisco, Iain Thomson in San. "FBI: Look out – hackers are breaking into US election board systems". The Register. Retrieved 2023-06-05.
edit


Stub icon

This security software article is a stub. You can help Wikipedia by adding missing information.

📚 Artikel Terkait di Wikipedia

Kali Linux

wireless network auditing, and Nessus (trial version). Kali also includes sqlmap for automated SQL injection testing and OWASP ZAP for dynamic web application

BackBox

Social Engineering Toolkit Ettercap Scapy Wireshark Kismet Aircrack Ophcrack Sqlmap John The Ripper "Team/Developers". "BackBox Linux 9 released!". BackBox

List of free and open-source software packages

engineering framework Snort (software) – network intrusion detection system sqlmap – automated SQL injection and database takeover tool Suricata (software)

WooYun

while maintaining his innocence, explaining the access as caused by the sqlmap program. On the evening of July 19, 2016, someone broke the news that all

Positive Hack Days

(exploiting radio noise, password protection, telecom security, usage of sqlmap) and business (internet banking security, data leakage in government, seeking

2015 TalkTalk data breach

aliases "Fearful" and "Glubz" (now known to be Elliott Gunton) used the SQLmap programme to probe TalkTalk webpages and identify vulnerabilities. 15–21

Comparison of server-side web frameworks

components No Push-pull Yes Data access objects (DAO), active record pattern, SQLMap data mapper PHPUnit, SimpleTest, Selenium No Yes XML-based, similar to ASP

List of security assessment tools

computer security, network management Free OpenVAS GPL Nikto Web Scanner GPL SQLmap Wireshark Riverbed Technology (sponsor) desktop application GPL2 Network