sqli-tester
CommunityConfirm SQL injection with safe PoCs
Software Engineering#web security#sqli#bug bounty#sqlmap#authentication bypass#vulnerability validation#dbms fingerprinting
Authorcuongnguyen-git
Version1.0.0
Installs0
System Documentation
What problem does it solve?
sqli-tester helps you quickly determine whether a web input is vulnerable to SQL injection, then confirm impact safely with minimal, non-destructive evidence.
Core Features & Use Cases
- Injection discovery workflow: Pinpoints likely injection points from URL parameters, path-based endpoints, and stored recon notes.
- Multi-method confirmation: Performs error-based, boolean blind, and time-based tests with explicit “hard stop” safety rules to avoid noisy or destructive attempts.
- DB fingerprinting and constrained sqlmap use: Identifies likely DBMS and runs sqlmap only after manual confirmation to reduce WAF triggering.
- Impact-focused PoCs: Supports minimal extraction (e.g., schema or one-row PoC) and authentication bypass testing with clear stopping guidance.
Quick Start
Use sqli-tester on your target URL or recon directory path to confirm or rule out SQL injection for a candidate parameter.
Dependency Matrix
Required Modules
sqlmap
Components
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: sqli-tester Download link: https://github.com/cuongnguyen-git/bug-bounty/archive/main.zip#sqli-tester Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.