Can I use this skill for POST-based injections?

Yes, the skill includes instructions for using Burp Suite request files to target POST parameters and other complex HTTP requests.

What is the SQLMap Database Pentesting skill?

It is a specialized capability for Claude Code that provides automated workflows and commands for using SQLMap to detect and exploit SQL injection vulnerabilities.

Which databases does this skill support?

The skill supports a wide range of systems, including MySQL, PostgreSQL, Microsoft SQL Server, Oracle, SQLite, and many others.

Does it help with WAF bypass?

Yes, it provides specific troubleshooting steps and tamper script configurations to help bypass Web Application Firewalls and rate limiting.

SQLMap Database Penetration Testing

Name: SQLMap Database Penetration Testing
Author: zebbern

byzebbern

•

2,883

•

安全与测试

Automates SQL injection vulnerability detection and database exploitation using industry-standard SQLMap methodologies.

This skill empowers Claude to perform systematic database security audits by leveraging SQLMap for automated injection testing. It provides a comprehensive framework for enumerating database structures, extracting sensitive table data, discovering column mappings, and performing advanced exploitation techniques like OS shell access. Ideal for security researchers and developers performing authorized penetration tests, it covers a wide range of database management systems including MySQL, PostgreSQL, and MSSQL while incorporating best practices for WAF bypass and performance optimization.

主要功能

012,883 GitHub stars

02Full data dumping capabilities including credential extraction and hash cracking

03Automated SQL injection vulnerability detection across multiple DBMS types

04Advanced target specification via HTTP request files or bulk URL lists

05Comprehensive enumeration of databases, tables, and columns

06WAF/IPS bypass techniques using tamper scripts and custom headers

使用场景

01Conducting authorized security audits to identify and fix SQL injection flaws

02Extracting database schemas and data from vulnerable legacy applications

03Automating bulk vulnerability scanning across large-scale web infrastructures

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add zebbern/claude-code-guide sqlmap-database-pentesting

For use in Claude.ai and ChatGPT

Download Skill