ScanQLi - Scanner To Detect SQL Injection Vulnerabilities
ScanQLi is a simple SQL injection scanner with somes additionals features. This tool can't exploit the SQLi, it just detect them. Tested on Debian 9
Features
- Classic
- Blind
- Time based
- GBK (soon)
- Recursive scan (follow all hrefs of the scanned web site)
- Cookies integration
- Adjustable wait delay between requests
- Ignore given URLs
Prerequisites
1. Install git tool
apt update
apt install git
2. Clone the repo.git clone https://github.com/bambish/ScanQLi
3. Install python required libsapt install python-pip
cd ScanQLi
pip install -r requirements.txt
For python3 please install python3-pip and use pip3Usage
./scanqli -u [URL] [OPTIONS]
Examples
Simple url scan with output file
python scanqli.py -u 'http://127.0.0.1/test/?p=news' -o output.log
Recursive URL scanning with cookiespython scanqli.py -u 'https://127.0.0.1/test/' -r -c '{"PHPSESSID":"4bn7uro8qq62ol4o667bejbqo3" , "Session":"Mzo6YWMwZGRmOWU2NWQ1N2I2YTU2YjI0NTMzODZjZDVkYjU="}'
ScanQLi - Scanner To Detect SQL Injection Vulnerabilities
Reviewed by Zion3R
on
5:34 PM
Rating:
![ScanQLi - Scanner To Detect SQL Injection Vulnerabilities](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdjPsGBw6xaXhbCyuZaZKK9ySYXTCsBHfY3XJwtcT1byoKkWJZXXjO0cFH9qpNvykcYOmbCRjWpIG6_wNxIKnXVWTZltyVwdVKAfjya2SADb_2D-GW66Ik0rzvY8ZU2v45OJRfUq5DLOkU/s72-c/ScanQLi_4_scanqli.jpeg)