π A powerful tool for scanning SQL Injection vulnerabilities using GET and POST methods, with automatic proxy support.
- Python 3.7 or higher
requestslibrarycoloramalibrary
Install the required libraries by running:
pip install requests colorama-
Make sure Python is installed on your system.
-
Open a terminal (or command prompt) and navigate to the script's directory:
cd path/to/your/folder- Run the script:
python your_script_name.pyExample:
python scanner.pyWhen you launch the script:
-
It will automatically fetch a list of free proxies.
-
It will prompt you to enter the full URL you want to scan, e.g.:
https://example.com/item.php?id= -
Choose the HTTP method:
GETPOST
-
If you choose
POST, it will ask for POST data like:id=1 -
The scanner will start testing the URL with various SQL injection payloads and also check for Blind SQL Injection vulnerabilities.
-
All the scan results will be saved automatically inside a file called
log.txt.
- Traditional SQLi payload testing.
- Blind SQL Injection detection using time delays.
- Random proxy usage for anonymity.
- Supports both GET and POST methods.
- Auto-saving scan results into a log file.
β This tool is intended for educational purposes and authorized security testing only.
β The user is solely responsible for any misuse or illegal activities.
python scanner.py-
Enter URL:
https://testphp.vulnweb.com/listproducts.php?cat= -
Choose method:
GET -
The scan will run, showing results in the terminal and saving them to
log.txt.
- Written in Python.
- Script Version: v4.0