Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
Z4nzu
GitHub Repository: Z4nzu/hackingtool
 Path: blob/master/tools/sql_tools.py
1269 views
1
# coding=utf-8

2
from core import HackingTool

3
from core import HackingToolsCollection

4


5


6
class Sqlmap(HackingTool):

7
    TITLE = "Sqlmap tool"

8
    DESCRIPTION = "sqlmap is an open source penetration testing tool that " \

9
                  "automates the process of \n" \

10
                  "detecting and exploiting SQL injection flaws and taking " \

11
                  "over of database servers \n " \

12
                  "[!] python3 sqlmap.py -u [<http://example.com>] --batch --banner \n " \

13
                  "More Usage [!] https://github.com/sqlmapproject/sqlmap/wiki/Usage"

14
    INSTALL_COMMANDS = [

15
        "sudo git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev"]

16
    RUN_COMMANDS = ["cd sqlmap-dev;python3 sqlmap.py --wizard"]

17
    PROJECT_URL = "https://github.com/sqlmapproject/sqlmap"

18


19
class NoSqlMap(HackingTool):

20
    TITLE = "NoSqlMap"

21
    DESCRIPTION = "NoSQLMap is an open source Python tool designed to \n " \

22
                  "audit for as well as automate injection attacks and exploit.\n " \

23
                  "\033[91m " \

24
                  "[*] Please Install MongoDB \n "

25
    INSTALL_COMMANDS = [

26
        "git clone https://github.com/codingo/NoSQLMap.git",

27
        "sudo chmod -R 755 NoSQLMap;cd NoSQLMap;python setup.py install"

28
    ]

29
    RUN_COMMANDS = ["python NoSQLMap"]

30
    PROJECT_URL = "https://github.com/codingo/NoSQLMap"

31


32


33
class SQLiScanner(HackingTool):

34
    TITLE = "Damn Small SQLi Scanner"

35
    DESCRIPTION = "Damn Small SQLi Scanner (DSSS) is a fully functional SQL " \

36
                  "injection\nvulnerability scanner also supporting GET and " \

37
                  "POST parameters.\n" \

38
                  "[*]python3 dsss.py -h[help] | -u[URL]"

39
    INSTALL_COMMANDS = ["git clone https://github.com/stamparm/DSSS.git"]

40
    PROJECT_URL = "https://github.com/stamparm/DSSS"

41


42
    def __init__(self):

43
        super(SQLiScanner, self).__init__(runnable = False)

44


45


46
class Explo(HackingTool):

47
    TITLE = "Explo"

48
    DESCRIPTION = "Explo is a simple tool to describe web security issues " \

49
                  "in a human and machine readable format.\n " \

50
                  "Usage:- \n " \

51
                  "[1] explo [--verbose|-v] testcase.yaml \n " \

52
                  "[2] explo [--verbose|-v] examples/*.yaml"

53
    INSTALL_COMMANDS = [

54
        "git clone https://github.com/dtag-dev-sec/explo.git",

55
        "cd explo;sudo python setup.py install"

56
    ]

57
    PROJECT_URL = "https://github.com/dtag-dev-sec/explo"

58


59
    def __init__(self):

60
        super(Explo, self).__init__(runnable = False)

61


62


63
class Blisqy(HackingTool):

64
    TITLE = "Blisqy - Exploit Time-based blind-SQL injection"

65
    DESCRIPTION = "Blisqy is a tool to aid Web Security researchers to find " \

66
                  "Time-based Blind SQL injection \n on HTTP Headers and also " \

67
                  "exploitation of the same vulnerability.\n " \

68
                  "For Usage >> \n"

69
    INSTALL_COMMANDS = ["git clone https://github.com/JohnTroony/Blisqy.git"]

70
    PROJECT_URL = "https://github.com/JohnTroony/Blisqy"

71


72
    def __init__(self):

73
        super(Blisqy, self).__init__(runnable = False)

74


75


76
class Leviathan(HackingTool):

77
    TITLE = "Leviathan - Wide Range Mass Audit Toolkit"

78
    DESCRIPTION = "Leviathan is a mass audit toolkit which has wide range " \

79
                  "service discovery,\nbrute force, SQL injection detection " \

80
                  "and running custom exploit capabilities. \n " \

81
                  "[*] It Requires API Keys \n " \

82
                  "More Usage [!] https://github.com/utkusen/leviathan/wiki"

83
    INSTALL_COMMANDS = [

84
        "git clone https://github.com/leviathan-framework/leviathan.git",

85
        "cd leviathan;sudo pip install -r requirements.txt"

86
    ]

87
    RUN_COMMANDS = ["cd leviathan;python leviathan.py"]

88
    PROJECT_URL = "https://github.com/leviathan-framework/leviathan"

89


90


91
class SQLScan(HackingTool):

92
    TITLE = "SQLScan"

93
    DESCRIPTION = "sqlscan is quick web scanner for find an sql inject point." \

94
                  " not for educational, this is for hacking."

95
    INSTALL_COMMANDS = [

96
        "sudo apt install php php-bz2 php-curl php-mbstring curl",

97
        "sudo curl https://raw.githubusercontent.com/Cvar1984/sqlscan/dev/build/main.phar --output /usr/local/bin/sqlscan",

98
        "chmod +x /usr/local/bin/sqlscan"

99
    ]

100
    RUN_COMMANDS = ["sudo sqlscan"]

101
    PROJECT_URL = "https://github.com/Cvar1984/sqlscan"

102


103


104
class SqlInjectionTools(HackingToolsCollection):

105
    TITLE = "SQL Injection Tools"

106
    TOOLS = [

107
        Sqlmap(),

108
        NoSqlMap(),

109
        SQLiScanner(),

110
        Explo(),

111
        Blisqy(),

112
        Leviathan(),

113
        SQLScan()

114
    ]

115


116