{"id":26896884,"url":"https://github.com/sharafdin/blackSQL","last_synced_at":"2025-04-01T04:02:22.916Z","repository":{"id":281766823,"uuid":"946361303","full_name":"sharafdin/blackSQL","owner":"sharafdin","description":"blackSQL – Automate SQL Injection detection with ease! Scan, exploit, and bypass WAFs. Ethical hacking made simple.","archived":false,"fork":false,"pushed_at":"2025-03-11T03:09:42.000Z","size":47,"stargazers_count":26,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-27T07:49:01.669Z","etag":null,"topics":["blacksql","hacking","sql-injection","sqli"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sharafdin.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-03-11T02:45:43.000Z","updated_at":"2025-03-23T07:30:29.000Z","dependencies_parsed_at":"2025-03-11T03:37:49.267Z","dependency_job_id":null,"html_url":"https://github.com/sharafdin/blackSQL","commit_stats":null,"previous_names":["sharafdin/blacksql"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sharafdin%2FblackSQL","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sharafdin%2FblackSQL/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sharafdin%2FblackSQL/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sharafdin%2FblackSQL/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sharafdin","download_url":"https://codeload.github.com/sharafdin/blackSQL/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246580468,"owners_count":20800111,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blacksql","hacking","sql-injection","sqli"],"created_at":"2025-04-01T04:02:21.534Z","updated_at":"2025-04-01T04:02:22.897Z","avatar_url":"https://github.com/sharafdin.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# blackSQL\n\nAn advanced SQL Injection scanner with support for Error-Based, Union-Based, Boolean-Based, and Time-Based detection techniques.\n\n## Features\n\n- Multiple SQL injection detection techniques:\n  - Error-Based SQL Injection\n  - Boolean-Based SQL Injection\n  - Time-Based SQL Injection\n  - Union-Based SQL Injection\n- Multi-threaded scanning for faster results\n- Database type detection (MySQL, PostgreSQL, MSSQL, Oracle, SQLite)\n- Database enumeration (tables, columns, data)\n- Colorized CLI output\n- Structured logging (JSON/CSV)\n- WAF bypass techniques\n\n## Installation\n\n```bash\ngit clone https://github.com/sharafdin/blackSQL.git\ncd blackSQL\npip install -r requirements.txt\n```\n\n## Usage\n\nBasic usage:\n\n```bash\npython blacksql.py -u \"http://example.com/page.php?id=1\"\n```\n\nAdvanced options:\n\n```bash\npython blacksql.py -u \"http://example.com/page.php?id=1\" --level 3 --threads 10 --dump\n```\n\n### Command Line Arguments\n\n| Option          | Description                                         |\n| --------------- | --------------------------------------------------- |\n| `-u, --url`     | Target URL (e.g., http://example.com/page.php?id=1) |\n| `-p, --params`  | Specify parameters to scan (e.g., 'id,page')        |\n| `--data`        | POST data (e.g., 'id=1\u0026page=2')                     |\n| `-c, --cookies` | HTTP cookies (e.g., 'PHPSESSID=value; admin=0')     |\n| `-t, --threads` | Number of threads (default: 5)                      |\n| `--timeout`     | Connection timeout in seconds (default: 10.0)       |\n| `--proxy`       | Use a proxy (e.g., 'http://127.0.0.1:8080')         |\n| `--level`       | Scan level (1-3, higher = more tests)               |\n| `--dump`        | Attempt to dump database tables when vulnerable     |\n| `--batch`       | Never ask for user input, use the default behavior  |\n| `-o, --output`  | Save scan results to a file (CSV/JSON)              |\n\n## Examples\n\nScan a URL with a specific parameter:\n\n```bash\npython blacksql.py -u \"http://example.com/page.php?id=1\" -p \"id\"\n```\n\nScan with POST data:\n\n```bash\npython blacksql.py -u \"http://example.com/login.php\" --data \"username=admin\u0026password=test\"\n```\n\nUse a proxy and increase scan level:\n\n```bash\npython blacksql.py -u \"http://example.com/page.php?id=1\" --proxy \"http://127.0.0.1:8080\" --level 3\n```\n\nDump database when vulnerabilities are found:\n\n```bash\npython blacksql.py -u \"http://example.com/page.php?id=1\" --dump\n```\n\n## Disclaimer\n\nThis tool is intended for legal security testing and educational purposes only. Do not use it against any website or system without proper authorization. The author is not responsible for any misuse or damage caused by this tool.\n\n## License\n\nblackSQL is an open-source package licensed under the [MIT License](LICENSE) \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsharafdin%2FblackSQL","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsharafdin%2FblackSQL","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsharafdin%2FblackSQL/lists"}