Hey Guys, In this video i show you a cool tool called SQLiv which used to scan websites for sql injection.
SQLiv:
https://github.com/Hadesy2k/sqliv
Features: multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo targetted scanning by providing specific domain (with crawling) reverse domain scanning
both SQLi scanning and domain info checking are done in multiprocessing
so the script is super fast at scanning many urls
Installation: git clone https://github.com/Hadesy2k/sqlivulsc… sudo python2 setup.py -i
Dependencies: bs4 termcolor google
Quick Tutorial
1. Multiple domain scanning with SQLi dork it simply search multiple websites from given dork and scan the results one by one
python sqliv.py -d SQLI DORK -e SEARCH ENGINE
python sqliv.py -d “inurl:index.php?id=” -e google
2. Targetted scanning can provide only domain name or specifc url with query params if only domain name is provided, it will crawl and get urls with query then scan the urls one by one
python sqliv.py -t URL
python sqliv.py -t www.example.com
python sqliv.py -t www.example.com/index.php?id=1
3. Reverse domain and scanning do reverse domain and look for websites that hosted on same server as target url
python sqliv.py -t URL -r
Video:
https://www.youtube.com/watch?v=nmtaPNgfi6s
Does this tutorial apply to 2019 linux times?