sqlifinder is a tool with the function of detecting GET-based sql injection vulnerabilities in web applications using waybackurls, web crawlers and sql injection payloads.
- Fast and powerful scanner
- Include web crawler and waybackurls
python3 sqlifinder.py -h
This will display help for the tool. Here are all the switches it supports.
Sqlifinder requires:
- python3
- huepy
- requests
- tqdm
To install run these comands:
▶ sudo apt install git
▶ git clone https://github.com/americo/sqlifinder
▶ cd sqlifinder
▶ pip3 install -r requirements.txt
To run the tool on a target, just use the following command.
▶ python3 sqlifinder.py -d example.com
The -s
command can be used to test sql injection in subdomains of the target.
▶ python3 sqlifinder -d example.com -s
sqlifinder is made with 🖤 by the americo.