The Expert's SQLMap Guide

A comprehensive guide to full-site penetration testing with SQLMap

Welcome to the comprehensive SQLMap guide. This documentation provides detailed instructions on using SQLMap, one of the most powerful and versatile SQL injection tools available for penetration testing.

SQLMap is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws. It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of options for database fingerprinting, data fetching from the database, accessing the underlying file system, and executing commands on the operating system.

Why Use SQLMap?

  • Automation: Automates the process of detecting and exploiting SQL injection vulnerabilities
  • Comprehensive: Supports multiple database management systems
  • Versatile: Offers various injection techniques and evasion methods
  • Powerful: Provides extensive options for database enumeration and data extraction
  • Free and Open Source: Available to everyone with an active community

Getting Started with SQLMap

1
Install SQLMap

SQLMap comes pre-installed in many security-focused Linux distributions like Kali Linux. For other systems, you can install it from GitHub:

git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
2
Verify Installation

Test your installation by running:

python sqlmap.py --version

This should display the current version of SQLMap.

3
Run Your First Scan

Try a basic scan against a test URL:

python sqlmap.py -u "http://testsite.com/page.php?id=1" --batch

The --batch parameter accepts default answers to all questions.

Guide Structure

This guide is organized into several sections:

  1. Core Operations and Targeting: Basic syntax, targeting methods, and request customization
  2. Vulnerability Detection and Analysis: Controlling test intensity, specifying injection techniques
  3. Database Enumeration and Data Extraction: Exploring database structure and extracting data
  4. Advanced Exploitation Techniques: OS command execution, privilege escalation
  5. Evasion and Bypass Techniques: WAF detection and bypass methods

Each section provides detailed explanations, command examples, and real-world use cases to help you master SQLMap for ethical penetration testing.

Let's begin with understanding the core operations and targeting methods in SQLMap.