SleuthQL
SQL injector
A Python script to identify and extract potential SQL injection points from Burp Proxy History files.
Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
465 stars
24 watching
84 forks
Language: Python
last commit: about 5 years ago
Linked from 1 awesome list
vavkamil/awesome-bugbounty-toolsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 initroot/burpsqltruncsanner | Automatically scans endpoints for potential SQL Truncation vulnerabilities by fuzzing request parameters | 61 |
 websecnl/magicbyteselector | A Burp Suite extension that inserts specific bytes into requests to bypass security checks for certain file types. | 21 |
 attackercan/burp-xss-sql-plugin | Automated tool for detecting cross-site scripting (XSS) and SQL injection vulnerabilities in web applications. | 44 |
 ricardojba/poi-slinger | Automatically identifies serialization issues in PHP applications by forcing them to perform DNS lookups with serialized objects | 42 |
 matrix/burp-nosqliscanner | A tool to detect NoSQL injection vulnerabilities in web applications using a Java-based plugin for Burp Suite. | 23 |
 codewatchorg/sqlipy | A plugin for Burp Suite that automates the execution of SQLMap scans using its RESTful API | 253 |
 yg-ht/burp-lookoverthere | A Burp Suite extension to enhance scanning by injecting HTTP redirects into responses from specific APIs. | 0 |
 keramas/mssqli-duet | A tool designed to extract domain users from Active Directory environments by exploiting SQL injection vulnerabilities in MSSQL databases. | 92 |
 ghostlulzhacks/waybacksqliscanner | Scans URLs from the wayback machine and tests GET parameters for SQL injection vulnerabilities. | 185 |
 jiangsir404/xss-sql-fuzz | Automates fuzzing of XSS and SQL injection vulnerabilities in web applications using Burp Suite extensions. | 60 |
 charlie-belmer/nosqli | A command-line tool to detect and exploit NoSQL injection vulnerabilities in MongoDB databases. | 355 |
 anof-cyber/pycript | A tool for bypassing client-side encryption in web applications during penetration testing and bug bounty activities | 186 |
 xer0times/sqli-query-tampering | Customizable extension for Burp Suite's Intruder to generate and process SQLi payloads with various evasion techniques. | 150 |
 debasishm89/burpy | A tool that analyzes web application security by parsing Burp Suite logs and generating reports. | 119 |
 sadicann/andor | A blind SQL injection tool that allows users to identify vulnerabilities in web applications by manipulating input parameters. | 75 |