Skip to content
/ Injectionmap_v2 Public

automatic Injection attacks. Blind SQL, NoSQL, SQL, Blind GQL, GQL, Command, LDAP, Traversal, JNDI, JDBC, Esi, El, etc. Clear mapping

sqlmap.org

License

View license
25 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

pxcs/Injectionmap_v2

BranchesTags

Repository files navigation

Injectionmap_v2

Introduction

Injectionmap_v2 is an advanced open-source penetration testing tool that automates the detection and exploitation of various types of vulnerabilities in web applications. Building on the capabilities of SQLMap, Injectionmap_v2 expands its scope to include not only SQL injection but also Blind SQL, NoSQL, Command, LDAP, Directory Traversal, and other injection techniques.

Python3 based

Features

  • Comprehensive Injection Support: Detects and exploits SQL, Blind SQL, NoSQL, Command, LDAP, Directory Traversal, and other injection vulnerabilities.
  • Wide DBMS Support: Compatible with MySQL, Oracle, PostgreSQL, Microsoft SQL Server, SQLite, MongoDB, and many more.
  • Automated Testing: Automates the process of finding and exploiting injection vulnerabilities.
  • Advanced Techniques: Uses a variety of techniques including boolean-based blind, time-based blind, error-based, UNION query-based, stacked queries, and more.
  • Payloads and Tampering: Includes numerous payloads and tamper scripts to bypass security mechanisms.
  • Database Fingerprinting: Identifies the specific version and features of the targeted DBMS.
  • Data Extraction: Extracts data such as database schema, tables, columns, and sensitive data.
  • Command Execution: Executes arbitrary commands on the database server if privileges allow.
  • Integration: Can be integrated with other tools and scripts for enhanced security testing.

Installation

Clone the repository:

git clone https://github.com/pxcs/Injectionmap_v2.git
cd Injectionmap_v2

Install the required dependencies:

pip install -r requirements.txt

Usage

Injectionmap_v2 is designed to be easy to use with a command line interface, below are some example commands:

To perform a basic SQL injection test:

python Injectionmap_v2 -u "http://example.com/vulnerable.php?id=1"

To get a list of basic options and switches use:

python Injectionmap_v2 -h

To get a list of all options and switches use:

python Injectionmap_v2 -hh

You can find a sample run here!.

Another injections attack modules:

  • Blind SQL Injection
  • NoSQL Injection
  • Command Injection
  • LDAP Injection
  • Directory Traversal

Contribution

Contributions are welcome! Please submit a pull request or open an issue to discuss any changes you would like to make. License. This project is licensed under the Injectionmap_v2 General Public License. See the LICENSE file for details. Contact

Code contributors of Injectionmap_v2:

Thanks to

  • SQLMap
  • GangstaCrew
  • The Designer

For more informations

visit our GitHub page, our org, or contact us at [email protected]

About

automatic Injection attacks. Blind SQL, NoSQL, SQL, Blind GQL, GQL, Command, LDAP, Traversal, JNDI, JDBC, Esi, El, etc. Clear mapping

sqlmap.org

Topics

linux ldap nosql injection automatic manipulation database-access sqlmap injection-attacks trust-attack

Resources

Readme

License

View license
Activity

Stars

25 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases 2

version 1 Latest
Jul 8, 2024
+ 1 release

Packages

No packages published

Contributors 8

Languages