How does it handle Web Application Firewalls (WAF)?

It provides troubleshooting steps and commands for using tamper scripts, random user agents, and request delays to bypass security filters and rate limiting.

What is the SQLMap Database Pentesting skill?

It is a specialized guidance tool for Claude Code that provides automated workflows and commands for using SQLMap to detect and exploit SQL injection vulnerabilities.

Which databases does this skill support?

It supports a wide range of systems including MySQL, PostgreSQL, Microsoft SQL Server, Oracle, SQLite, IBM DB2, and many others.

Is this tool legal to use?

This skill is intended for ethical security testing only. You must have explicit, written authorization to perform penetration testing on any target system.

Can I use this for POST-based injections?

Yes, the skill includes specific instructions for using HTTP request files (often exported from tools like Burp Suite) to test POST parameters and headers.

SQLMap Database Pentesting

Name: SQLMap Database Pentesting
Author: claudiodearaujo

byclaudiodearaujo

Security & Testing

Automates SQL injection vulnerability detection and database exploitation using the industry-standard SQLMap penetration testing framework.

About

This skill provides comprehensive, systematic methodologies for identifying and exploiting SQL injection vulnerabilities within web applications. It streamlines the process of database enumeration, table and column discovery, and sensitive data extraction while offering advanced guidance on WAF bypass techniques and multiple target specification methods. Designed for security professionals and developers performing authorized audits, it ensures thorough testing across various database management systems including MySQL, PostgreSQL, and MSSQL using proven automated workflows.

Key Features

0 GitHub stars
Support for multiple target inputs including URLs, request files, and logs
Advanced data extraction for credentials and password hashes
Full database enumeration including tables, columns, and records
WAF/IPS bypass strategies using tamper scripts and custom headers
Automated SQL injection detection across multiple DBMS platforms

Use Cases

Automating the identification of injectable parameters in complex web forms
Extracting and verifying database schema information during penetration tests
Performing authorized security audits on web application databases

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front sqlmap-database-pentesting

For use in Claude.ai and ChatGPT

Download Skill

GitHub