Your Perfect Cybersecurity Partner

Stay Connected:

SQLiv

Image

Massive SQL injection scanner 

Features 

  • multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo .
  • targetted scanning by providing specific domain (with crawling) 
  • reverse domain scanning   
  • both SQLi scanning and domain info checking are done in multiprocessing so the script is super fast at scanning many urls quick tutorial & screenshots are shown at the bottom 
  • project contribution tips at the bottom 

 Installation  

  • git clone https://github.com/the-robot/sqliv.git   
  • pip install -r requirements.txt 
  • sudo python2 setup.py -i 

Demo

Usage

Multiple domain scanning with SQLi dork 
    It simply search multiple websites from given dork and scan the results one by one 

python sqliv.py -d  -e 

Targetted scanning 

can provide only domain name or specifc url with query params if only domain name is provided, it will crawl and get urls with query 

then scan the urls one by one 

python sqliv.py -t    

python sqliv.py -t www.example.com   

python sqliv.py -t www.example.com/index.php?id=1   

Reverse domain and scanning  

do reverse domain and look for websites that hosted on same server as target url 

python sqliv.py -t  -r 

 Dumping scanned result 

you can dump the scanned results as json by giving this argument 

python sqliv.py -d  -e  -o result.json 

View help 

 python sqliv.py --help  usage: sqliv.py  [-h] [-d D] [-e E] [-p P] [-t T] [-r] 

optional arguments:

-h,         --help  show this help message and exit

-d D            SQL injection dork

-e E          search engine [Google only for now]

-p P          number of websites to look for in sarch engine

-t T               scan target website

-r                  reverse domain