Pokegod7093
Tech User Experience Designer
LEVEL 1
300 XP
SQLiv is a Python-based massive SQL Injection dork scanning tool which uses Google, Bing or Yahoo for targeted scanning, multiple-domain scanning or reverse domain scanning.
Using SQLiv For SQL Injection Dorks Scanning
Multiple domain scanning with SQLi dork
Simply search multiple websites from given dork and scan the results one by one:
Targetted scanning
You can provide just the domain name or specific URLs with query parameters. If only the domain name is provided, it will crawl and get URLs with queries then scan the URLs one by one.
Reverse domain and scanning
Reverse domain scan and look for websites that are hosted on the same server as target URL.
SQLiv Dork SQL Injection Tool Usage
Download:
Using SQLiv For SQL Injection Dorks Scanning
Multiple domain scanning with SQLi dork
Simply search multiple websites from given dork and scan the results one by one:
Code:
python sqliv.py -d <SQLI DORK> -e <SEARCH ENGINE>
python sqliv.py -d "inurl:index.php?id=" -e googleYou can provide just the domain name or specific URLs with query parameters. If only the domain name is provided, it will crawl and get URLs with queries then scan the URLs one by one.
Code:
python sqliv.py -t <URL>
python sqliv.py -t www.example.com
python sqliv.py -t www.example.com/index.php?id=1Reverse domain scan and look for websites that are hosted on the same server as target URL.
Code:
python sqliv.py -t <URL> -r
Code:
python sqliv.py --help
usage: sqliv.py [-h] [-d D] [-e E] [-p P] [-t T] [-r]
optional arguments:
-h, --help show this help message and exit
-d D SQL injection dork
-e E search engine [Google only for now]
-p P number of websites to look for in search engine
-t T scan target website -r reverse domain
Code:
[hide]https://github.com/Hadesy2k/sqliv/archive/2.0.zip[/hide]