This tool will give you the SQLi Vulnerable Website Just by Adding the Dork.

Features

  1. Multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo;
  2. Targeted scanning by providing specific domain (with crawling);
  3. Reverse domain scanning.

Note: Both SQLi Scanning and Domain Info Checking are done in multiprocessing so the script is super fast at scanning many URL-s.

Installation

  1. git clone https://github.com/Hadesy2k/sqlivulscan.git
  2. sudo python2 setup.py -i

Dependencies

Examples


Multiple domain scanning with SQLi dork

  • it simply search multiple websites from given dork and scan the results one by one
python sqliv.py -d <SQLI DORK> -e <SEARCH ENGINE>  
python sqliv.py -d "inurl:index.php?id=" -e google

Targetted scanning

  • Can provide only domain name or specifc url with query params;
  • If only domain name is provided, it will crawl and get URL’s with query;
  • Then scan the urls one by one.
python sqliv.py -t <URL>  
python sqliv.py -t www.example.com  
python sqliv.py -t www.example.com/index.php?id=1

Reverse domain and scanning

  • Do reverse domain and look for websites that hosted on same server as target url
python sqliv.py -t <URL> -r

Help

python sqliv.py --help

usage: sqliv.py [-h] [-d D] [-e E] [-p P] [-t T] [-r]

optional arguments:
  -h, --help  show this help message and exit
  -d D        SQL injection dork
  -e E        search engine [Google only for now]
  -p P        number of websites to look for in search engine
  -t T        scan target website
  -r          reverse domain

Massive SQL Injection Scanner: SQLiv Download

Print Friendly, PDF & Email