SQLi Scanner- To Detect SQL Injection Vulnerability
ScanQLi is an easy SQL injection scanner with some further options.
This software cannot exploit the SQLi, it simply detect them. Examined on Debian 9
Options
- Basic
- Blind
- Time based mostly
- GBK (quickly)
- Recursive scan (observe all hrefs of the scanned website online)
- Cookies integration
- Adjustable wait delay between requests
- Ignore given URLs
Stipulations
1. Set up git software
apt replace
apt set up git
2. Clone the repo.
git clone https://github.com/bambish/ScanQLi
3. Set up python required libs
apt set up python-pip
cd ScanQLi
pip set up -r necessities.txt
For python3 please set up python3-pip and use pip3
Utilization
./scanqli -u [URL] [OPTIONS]
Examples
Easy url scan with output file
python scanqli.py -u ‘http://127.0.0.1/check/?p=information’ -o output.log
Recursive URL scanning with cookies
python scanqli.py -u ‘https://127.0.0.1/check/’ -r -c ‘{“PHPSESSID”:”4bn7uro8qq62ol4o667bejbqo3″ , “Session”:”Mzo6YWMwZGRmOWU2
