Session and Performance Management

Learn how to optimize SQLMap performance and manage sessions effectively

SQLMap provides several options to manage sessions and optimize performance during testing.

Using --batch for Non-Interactive Sessions

When running SQLMap, you'll often be prompted to answer questions. For automated testing, use the --batch flag:

sqlmap -u "http://www.example.com/vuln.php?id=1" --batch

This flag runs SQLMap in non-interactive mode, automatically answering "yes" to all prompts. This is useful for:

SQLMap is multi-threaded and can perform multiple tasks simultaneously. Increase the number of threads to speed up testing:

sqlmap -u "http://www.example.com/vuln.php?id=1" --threads 5

Higher thread counts can significantly reduce testing time, especially when:

To avoid overloading the target server or triggering intrusion detection systems, use the --delay flag to add a delay between requests:

sqlmap -u "http://www.example.com/vuln.php?id=1" --delay 1

This adds a 1-second delay between requests, which can help:

For anonymity or to bypass network restrictions, route your traffic through a proxy:

sqlmap -u "http://www.example.com/vuln.php?id=1" --proxy "http://127.0.0.1:8080"

This is useful for:

For maximum anonymity, route your traffic through the Tor network:

sqlmap -u "http://www.example.com/vuln.php?id=1" --tor

This routes all SQLMap traffic through the Tor network, providing: