This tool will give you the SQLi Vulnerable Website Just by Adding the Dork.
- Multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo;
- Targeted scanning by providing specific domain (with crawling);
- Reverse domain scanning.
Note: Both SQLi Scanning and Domain Info Checking are done in multiprocessing so the script is super fast at scanning many URL-s.
- git clone https://github.com/Hadesy2k/sqlivulscan.git
- sudo python2 setup.py -i
Multiple domain scanning with SQLi dork
- it simply search multiple websites from given dork and scan the results one by one
python sqliv.py -d <SQLI DORK> -e <SEARCH ENGINE>
python sqliv.py -d "inurl:index.php?id=" -e google
- Can provide only domain name or specifc url with query params;
- If only domain name is provided, it will crawl and get URL’s with query;
- Then scan the urls one by one.
python sqliv.py -t <URL>
python sqliv.py -t www.example.com
python sqliv.py -t www.example.com/index.php?id=1
Reverse domain and scanning
- Do reverse domain and look for websites that hosted on same server as target url
python sqliv.py -t <URL> -r
python sqliv.py --help
usage: sqliv.py [-h] [-d D] [-e E] [-p P] [-t T] [-r]
-h, --help show this help message and exit
-d D SQL injection dork
-e E search engine [Google only for now]
-p P number of websites to look for in search engine
-t T scan target website
-r reverse domain