Skip to content

/ SQLiScanner

Automatic SQL injection with Charles and sqlmap api
sqlmap sqlmapapi autoscan scanner security-audit security sqlmap-webui security-vulnerability
Python JavaScript CSS HTML Shell
  1. Python 54.6%
  2. JavaScript 33.9%
  3. CSS 9.0%
  4. HTML 2.1%
  5. Shell 0.4%
Branch: master
Find file
Clone or download

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Open in Desktop Download ZIP

Latest commit

@0xbug
0xbug Update README_zh.md
Latest commit 4dfce46 Sep 22, 2017

Files

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
SQLiScanner Update settings.py Oct 9, 2016
public 添加操作按钮,支持查看详情、删除、生成 sqlmap 命令 Sep 20, 2016
scanner Update views.py Oct 8, 2016
static 添加操作按钮,支持查看详情、删除、生成 sqlmap 命令 Sep 20, 2016
templates first commit Aug 28, 2016
.gitignore first commit Aug 28, 2016
LICENSE Change LICENSE Aug 28, 2016
README.md Update README.md Sep 20, 2016
README_zh.md Update README_zh.md Sep 22, 2017
_config.yml Set theme jekyll-theme-minimal Feb 18, 2017
manage.py first commit Aug 28, 2016
requirements.txt first commit Aug 28, 2016

README.md

SQLiScanner

GitHub issues GitHub forks GitHub stars Python 3.x GitHub license

Automatic SQL injection with Charles and sqlmapapi

中文版说明文档点这里

Introduction

Automatic SQL injection with Charles and sqlmapapi

Dependencies

  • Django
  • PostgreSQL
  • Celery
  • sqlmap
  • redis

Supported platforms

  • Linux
  • osx

Screenshots

Installation

Preferably, you can download SQLiScanner by cloning the Git repository:

git clone https://github.com/0xbug/SQLiScanner.git --depth 1

You can download sqlmap by cloning the Git repository:

git clone https://github.com/sqlmapproject/sqlmap.git --depth 1

SQLiScanner works with Python version 3.x on Linux and osx.

Create virtualenv and install requirements

cd SQLiScanner/
virtualenv --python=/usr/local/bin/python3.5 venv
source venv/bin/activate
pip install -r requirements.txt

Setting

DATABASES Setting

SQLiScanner/settings.py:85

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql',
        'NAME': '',
        'USER': '',
        'PASSWORD': '',
        'HOST': '127.0.0.1',
        'PORT': '5432',
    }
}

SendEmail Setting

SQLiScanner/settings.py:158

# Email

EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_USE_TLS = False
EMAIL_HOST = ''
EMAIL_PORT = 25
EMAIL_HOST_USER = ''
EMAIL_HOST_PASSWORD = ''
DEFAULT_FROM_EMAIL = ''

scanner/tasks.py:14

class SqlScanTask(object):
    def __init__(self, sqli_obj):
        self.api_url = "http://127.0.0.1:8775"
        self.mail_from = ""
        self.mail_to = [""]

Syncdb

python manage.py makemigrations scanner
python manage.py migrate

Create superuser

python manage.py createsuperuser

Run

redis-server
python sqlmapapi.py -s -p 8775
python manage.py celery worker --loglevel=info
python manage.py runserver
You can’t perform that action at this time.