SQL injection is one of the most prominent vulnerabilities for web-based applications. In last article, we’ve used viSQL through which we scanned the whole server for SQL Injection vulnerabilities with the help of Crawling and Reverse IP domain check feature.
Today we’ll discuss about SQLiv tool which is a massive SQL Injection scanner through which you can even find the vulnerable SQL websites using Google Dorks. SQLiv is pre-installed in BlackArch Linux distribution.
Features of SQLiv –
- Multiple domain scanning with SQL injection dork
- Targetted scanning by providing specific domain (with crawling)
- Reverse domain scanning
Installation of SQLiv in Kali Linux –
To install SQLiv, type “git clone https://github.com/Hadesy2k/sqlivulscan.git” in your Linux machine terminal.
To install all dependencies of SQLiv tool, type “python setup.py -i” which will install all dependencies i.e. bs4, termcolor, google.
After the complete installation of all dependencies, type “python sqliv.py” which will gives you the welcome screen of SQLiv tool and displays the usage and options.
To run SQLiv, type “python sqliv.py -d “inurl:index.php?id=” -e google” in your terminal.
Here -d stands for SQL Injection dork and -e stands for Search Engine.
It simply search multiple websites from given dork and scan the results one by one.
For Target scanning, you can use -t parameter, “python sqliv.py -t <http://www.example.com/index.php?id=15”
If only domain name is provided, it will crawl all URLs with query as shown below.
You can even use -r parameter for reverse IP lookup scanning just like the viSQL tool.
You may also like:
- The Intricate Process of Designing and Developing Online Casino Slot Games
- Bella Protocol vs. Traditional Banking: A New Era of Financial Services
- How Does Spam Score Affect SEO?
- Top Email Marketing Applications for Effective Campaigns
- Edit and Compile Code with the Best 5 Code Editors
- 50+ Top DevSecOps Tools You Need To Know
- Learn How to Add Proxy and Multiple Accounts in MoreLogin
- Can Jews and Evangelical Christians Co-Exist?
- What Will Be Digital Information Technology in 2023
- Advantages Of Using Opkey SAP Testing Services