https://github.com/s0md3v/sqlmate
A friend of SQLmap which will do what you always expected from SQLmap.
https://github.com/s0md3v/sqlmate
Last synced: 21 days ago
JSON representation
A friend of SQLmap which will do what you always expected from SQLmap.
- Host: GitHub
- URL: https://github.com/s0md3v/sqlmate
- Owner: s0md3v
- License: gpl-3.0
- Archived: true
- Created: 2017-10-19T19:55:58.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2019-05-05T15:53:06.000Z (almost 6 years ago)
- Last Synced: 2025-03-15T17:13:17.988Z (about 1 month ago)
- Language: Python
- Size: 26.4 KB
- Stars: 436
- Watchers: 17
- Forks: 119
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-bbht - sqlmate - A friend of SQLmap which will do what you always expected from SQLmap. (Exploitation / SQLi)
- awesome-bbht - sqlmate - A friend of SQLmap which will do what you always expected from SQLmap. (Exploitation / SQLi)
- awesome-termux-hacking - sqlmate - A friend of SQLmap which will do what you always expected from SQLmap..[](https://github.com/s0md3v/sqlmate/stargazers/) (Uncategorized / Uncategorized)
README
# sqlmate
There are some features that we think SQLMap should have. Like finding admin panel of the target, better hash cracking etc. If you think the same, SQLMate is for you.
## What it does?
- Feed it a SQL injection dork via --dork option and it will find vulnerable sites for you. After that, it will try to find their admin panels and also try to bypass them with SQL queries.
- It can do very fast hash lookups for MD5, SHA1 and SHA2. You can supply a hash with --hash option. Average lookup takes less than 2 seconds.
- You can also supply it a txt file containing hashes to be cracked with --list option.
- The first mode just checks for 13 most common admin panel locations but if you feed a website through --admin option, you can do a full scan using 482 paths.
- SQLMate has ability to scrap dorks as well. Specify dumping level via --dump option. Using --dump 1 will dump nearly 20 dorks so set the level anywhere between 1-184 as per your needs. SQLMate automatically saves the dorks into a txt file so you can use them later.
Scroll down for more.
### Screenshots
#### Running SQLMate
Enter the following command in terminal to download SQLMate
```
git clone https://github.com/UltimateHackers/sqlmate
```
Then navigate to the sqlmate directory by entering this command
```
cd sqlmate
```
Now install the required modules
```
pip install -r requirements.txt
```
Now run sqlmate
```
python sqlmate
```
##### Available command line options
```
usage: sqlmate [-h] [--dork DORK] [--hash HASH] [--list ]
[--dump 1-184] [--admin URL] [--type PHP,ASP,HTML]
optional arguments:
-h, --help show this help message and exit
--dork DORK Supply a dork and let SQLMate do its thing
--hash HASH 'Crack' a hash in 5 secs
--list Import and crack hashes from a txt file
--dump 1-184 Get dorks. Specify dumping level. Level 1 = 20 dorks
--admin URL Find admin panel of website
--type PHP,ASP,HTML Choose extension to scan (Use with --admin option,
Default is all)
```
#### Want to contribute?
Alright jump in! Find bugs or help me add these features:
- [ ] Avoiding duplicates in dork scan results
- [ ] A list of examples of sqlmap commands demonstrating some useful and less known sqlmap options
- [ ] Whatever you like
Thanks for using SQLMate.