Article · Wikipedia archive · Last revised Jun 10, 2026

Sqlmap

sqlmap is a software utility for automated discovering of SQL injection vulnerabilities in web applications.

Last revised
Jun 10, 2026
Read time
≈ 1 min
Length
154 w
Citations
5
Source
Wikipedia ↗
Sqlmap
Original authorDaniele Bellucci1
LicenseGNU General Public License, version 2
Websitesqlmap.org
Repository

sqlmap is a software utility for automated discovering of SQL injection vulnerabilities in web applications.23

Usage

The tool was used in the 2015 data breach of TalkTalk.4 In 2016, the Illinois Board of Election was breached using the tool, combined with Acunetix and DirBuster.5

References

References

  1. "History". GitHub. Retrieved 2023-06-24.
  2. Clarke, Justin (2012). SQL injection attacks and defense. Waltham, MA: Elsevier. p. 282. ISBN 978-1-59749-963-7.
  3. Perry, Brandon (2017). Gray hat C#: a hacker's guide to creating and automating security tools (First printing ed.). San Francisco: No Starch Press. ISBN 978-1-59327-759-8.
  4. Bowcott, Owen; correspondent, Owen Bowcott Legal affairs (2016-11-15). "Boy who hacked TalkTalk website was 'showing off to mates'". The Guardian. ISSN 0261-3077. Retrieved 2023-06-05. {{cite news}}: |last2= has generic name (help)
  5. Francisco, Iain Thomson in San. "FBI: Look out – hackers are breaking into US election board systems". The Register. Retrieved 2023-06-05.
External links