{"id":14638172,"url":"https://github.com/xer0times/SQLi-Query-Tampering","last_synced_at":"2025-09-07T06:32:48.281Z","repository":{"id":172410767,"uuid":"286253358","full_name":"xer0times/SQLi-Query-Tampering","owner":"xer0times","description":"SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder.  This extension gives you the flexibility of manual testing with many powerful evasion techniques.","archived":false,"fork":false,"pushed_at":"2020-08-21T15:36:19.000Z","size":314,"stargazers_count":156,"open_issues_count":2,"forks_count":24,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-09-06T19:07:11.852Z","etag":null,"topics":["bug-bounty","bugbounty","bughunting","burp-extensions","burp-plugin","burpsuite","burpsuite-pro","evasion","payload-generator","pentesting","pentesting-tools","sqli","sqlinjection"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/xer0times.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2020-08-09T14:29:19.000Z","updated_at":"2025-09-02T19:18:54.000Z","dependencies_parsed_at":null,"dependency_job_id":"6067257b-15f8-472e-9e49-9770d7adb093","html_url":"https://github.com/xer0times/SQLi-Query-Tampering","commit_stats":null,"previous_names":["xer0days/sqli-query-tampering","xer0times/sqli-query-tampering"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/xer0times/SQLi-Query-Tampering","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xer0times%2FSQLi-Query-Tampering","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xer0times%2FSQLi-Query-Tampering/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xer0times%2FSQLi-Query-Tampering/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xer0times%2FSQLi-Query-Tampering/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/xer0times","download_url":"https://codeload.github.com/xer0times/SQLi-Query-Tampering/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xer0times%2FSQLi-Query-Tampering/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274005341,"owners_count":25205934,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-07T02:00:09.463Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bug-bounty","bugbounty","bughunting","burp-extensions","burp-plugin","burpsuite","burpsuite-pro","evasion","payload-generator","pentesting","pentesting-tools","sqli","sqlinjection"],"created_at":"2024-09-10T02:01:50.126Z","updated_at":"2025-09-07T06:32:47.902Z","avatar_url":"https://github.com/xer0times.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"SQLi Query Tampering\n==================\nSQLi Query Tampering extends and adds custom Payload Generator/Processor in \nBurp Suite's Intruder. \n\n![](img/intruder.png)\n\n## Advantages and Benefits\n\nSqlmap is a great automated tool for SQL vulnerabilities but it can be a little\nnoisy when you perform pentesting or bug hunting!\nOne of the cool part of Sqlmap is Tampering. Tampering gives us some\nfunctions/techniques to evade filters and WAF's.\n\nSQLi Query Tampering gives you the flexibility of manual testing with many powerful\nevasion techniques. This extension has two part:\n\n1. Generator: \n   - You are able to add your customized payloads\n   - All evasion techniques grouped by DBMS type\n   - Tampered payloads can be used as a Generator in Intruder or saved to clipboard/file\n\n![](img/generator.png)\n\n2. Processor: \n   - You have the ability to choose on of the tamper techniques as your processor\n   - The processor can be added as a Payload Processor\n   - You can add your payloads and tamper them based on the selected technique. Write one payload per line.\n\n![](img/processor.png)\n\nThe list of Evasion Techniques:\n\n\u003e apostrophemask, apostrophenullencode, appendnullbyte, between, bluecoat, \n\u003e chardoubleencode, charencode, charunicodeencode, charunicodeescape, commalesslimit,\n\u003e commalessmid, commentbeforeparentheses, concat2concatws, equaltolike, escapequotes,\n\u003e greatest, halfversionedmorekeywords, hex2char, htmlencode, ifnull2casewhenisnull,\n\u003e ifnull2ifisnull, informationschemacomment, least, lowercase, modsecurityversioned,\n\u003e modsecurityzeroversioned, multiplespaces, overlongutf8, overlongutf8more, \n\u003e percentage, plus2concat, plus2fnconcat, randomcase, randomcomments, sp_password, \n\u003e space2comment, space2dash, space2hash, space2morecomment, space2morehash, \n\u003e space2mssqlblank, space2mssqlhash, space2mysqlblank, space2mysqldash, space2plus, \n\u003e space2randomblank, symboliclogical, unionalltounion, unmagicquotes, uppercase, \n\u003e versionedkeywords, versionedmorekeywords, 0eunion, misunion, schemasplit, binary,\n\u003e dunion, equaltorlike\n\n## Requirements:\n\n- Burp Suite Professional\n- Jython 2.7 standalone: http://www.jython.org/downloads.html\n\n## Manual installation:\n\n1. `Extender` -\u003e `Options`\n2. Click `Select file` under `Python environment`\n3. Choose jython-standalone-2.5.jar\n4. `Extender` -\u003e `Extensions`\n5. Click `Add`\n6. Change `Extension Type` to Python\n7. Choose `sqli_query_tampering.py`\n8. Done!\n\n## Usage notes:\n\n- All Tampered Queries (in Generator/Processor) returned in URL-Encoded\n- You can add a decode rule in Payload Processing section if you need URL-decoded payloads\n\n![](img/url-decod.png)\n\n## Bug and Feature Request\n\nFeel free to submit issues and enhancement requests.\n\n## Contributing\n\nWe appreciate all forms of contribution. When contributing to this repository, \nplease first discuss the change you wish to make via issue, email, or any other \nmethod with the owners of this repository before making a change. \nContribution can include adding new feature,tampering technique based on your \nexperience/articles/sqlmap repo, making typo corrections and much more. \nIn general, we follow the \"fork-and-pull\" Git workflow.\n\n1. Fork the repo on GitHub\n2. Clone the project to your own machine\n3. Commit changes to your own branch\n4. Check and Test your changes. You could use `http://testphp.vulnweb.com/artists.php?artist=1` url as target and make sure the extension works properly.\n5. Push your work back up to your fork\n6. Submit a Pull request so that we can review your changes\n\nNOTE: Be sure to merge the latest from \"upstream\" before making a pull request!\n\n## Changelog:\n\n**1.3:**\n  - Add Options tab:\n    - Payloads Directory\n    - Restore Defaults\n  - Fix some issues in UI and Tamper module\n\n**1.2:**\n  - Add tamper technique:\n    - equaltorlike: Replaces all occurrences of operator equal (`=`) with `RLIKE` counterpart\n  - Add `Load` button in User-Defined Payloads section.\n  - Auto saves the Tamper Techniques, User-Defined Payloads and Processor Technique configuration.\n\n**1.1:**\n  - Add tamper techniques:\n    - 0eunion: Replaces instances of `\u003cint\u003e UNION` with `\u003cint\u003ee0UNION`\n    - misunion: Replaces instances of `UNION` with `-.1UNION`\n    - schemasplit: Replaces instances of `DBName.TableName`  with `DBName 9.e.TableName`\n    - binary: Injects keyword binary where possible\n    - dunion: Replaces instances of `\u003cint\u003e UNION` with `\u003cint\u003eDUNION`\n  \n**1.0:**\n  - Release","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxer0times%2FSQLi-Query-Tampering","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fxer0times%2FSQLi-Query-Tampering","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxer0times%2FSQLi-Query-Tampering/lists"}