Screenshots

Verbose output (option -v set to 3):

Verbose output set to 3

Concatenation of three tamper scripts to obfuscate the injected SQL payloads (option --tamper set to between,randomcase,space2comment):

Tamper scripts in action

Cracking dumped databased users' password hashes (switch --passwords):

Users' password hashes cracking

Enumerating database table's columns (switch --columns):

Database table's columns dump

Mnemonics (option -z set to "flu,bat,tec=B"):

Mnemonics usage

Conducting through tests only if positive heuristic(s) (switch --smart):

Smart mode

DNS exfiltration technique (option --dns-domain):

DNS exfiltration technique

HTTP parameter pollution (switch --hpp):

HTTP parameter pollution

Replicating table to a local SQLite3 database (option --dump-format set to SQLITE):

Replicated table

Dumping table to HTML format (option --dump-format set to HTML):

Dumped table to HTML

OS pwn mode (Meterpreter) (switch --os-pwn):

OS pwn mode

OS shell mode (switch --os-shell):

SQL shell mode

SQL shell mode (switch --sql-shell):

SQL shell mode

Wizard mode (switch --wizard):

Wizard mode

Introduction - Introductory to sqlmap
Techniques - SQLi techniques supported by sqlmap
Features - Brief list of supported features
Download and update - Keep your copy up-to-date
Dependencies - Information about used third-party libraries and tools
History - History from 2006 to 2024
Usage - Exhaustive breakdown of all options and switches together with examples
License - Copyright information

FAQ - Frequently Asked Questions
Presentations - Materials from sqlmap team presented at conferences
Screenshots - Collection of screenshots demonstrating some of features
Third party libraries - Detailed information about third-party libraries and tools used by sqlmap

Provide feedback