Massive SQL Injection Scanner: SQLiv

This tool will give you the SQLi Vulnerable Website Just by Adding the Dork.

Features

1. multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo
2. targetted scanning by providing specific domain (with crawling)
3. reverse domain scanning

Note: Both SQLi scanning and domain info checking are done in multiprocessing so the script is super fast at scanning many urls

Installation

1. git clone http://ift.tt/2ixK0rq
2. sudo python2 setup.py -i

Dependencies

• bs4
• termcolor
• google

Examples

---

Multiple domain scanning with SQLi dork

• it simply search multiple websites from given dork and scan the results one by one

python sqliv.py -d <SQLIDORK>-e <SEARCHENGINE> python sqliv.py -d "inurl:index.php?id="-e google

Targetted scanning

• can provide only domain name or specifc url with query params
• if only domain name is provided, it will crawl and get urls with query
• then scan the urls one by one

python sqliv.py -t <URL> python sqliv.py -t www.example.com python sqliv.py -t www.example.com/index.php?id=1

Reverse domain and scanning

• do reverse domain and look for websites that hosted on same server as target url

python sqliv.py -t <URL>-r

Help

python sqliv.py --help usage: sqliv.py [-h] [-d D] [-e E] [-p P] [-t T] [-r] optional arguments: -h, --help show this help message andexit-d D SQL injection dork -e E search engine [Google only for now] -p P number of websites to look forin search engine -t T scan target website -r reverse domain

from WordPress http://ift.tt/2zRl2XQ
via IFTTT