Scribd
Upload
8 views

SQLiv – Massive SQL Injection Scanner

SQLiv is a powerful SQL Injection Scanner that can identify vulnerable websites using Google Dorks and is written in Python. The tool is available for free on GitHub and requires Python to be installed on the system. The document provides installation steps and examples of how to use SQLiv for scanning multiple domains and saving results.

Uploaded by

Shahid Raza
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
8 views

SQLiv – Massive SQL Injection Scanner

SQLiv is a powerful SQL Injection Scanner that can identify vulnerable websites using Google Dorks and is written in Python. The tool is available for free on GitHub and requires Python to be installed on the system. The document provides installation steps and examples of how to use SQLiv for scanning multiple domains and saving results.

Uploaded by

Shahid Raza
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 12

SQLiv – Massive SQL Injection Scanner

Last Updated : 03 Jun, 2022



SQL Injection is one of the trending and high impactful attacks on the web
application. We can perform the scanning process of SQL Injection
through automated tools like SQLMap etc. But, there is one of the best
tools known as SQLiv tool which is a massive SQL Injection Scanner that
can also find the vulnerable SQL Websites via Google Dorks. SQLiv tool
is written in the Python language and it is also available on the Github
platform, so we can download and use it for free.
Note: Before installing the tool make sure you have Python installed on
your system, as SQLiv is a python-based tool. Click to get the installation
process of Python on Linux - Python Installation Steps on Linux
Installation of SQLiv Tool on Kali Linux OS
Step 1: In this step, we will get the SQLiv tool repository from GitHub
open-source platform.
git clone https://github.com/xchopath/pathprober.git
Step 2: Use the below cd command to navigate to the SQLiv tool directory
or folder.
cd pathprober
Step 3: We are in the directory of SQLiv. Now execute the below
command to download all the Python dependencies and requirements
which are associated with the tool.
sudo pip3 install -r requirements.txt
Step 4: Run the below command in the terminal to view and understand
the usage of the SQLiv tool.
./sqliv.py -h
Working with SQLiv Tool on Kali Linux OS
Example 1: Multiple domain scanning with SQLi dork
sqliv -d "php?id=" -e bing -p 40
Here, we are scanning for multiple domains bypassing the Google Dork
query. We have specified the search engine as bing.
We have got the results of our scan. All the returned URLs match the
Google Dork query.
Example 2: Targeted scanning
sqliv -t www.example.com/index.php?id=1
In this example, we are scanning for a specific target domain. We have
specified the target domain in the -t flag.
Example 3: Dumping scanned result
sqliv -d "inurl:index?id=" -e google -p 40 -o result.jso
In this example, we are storing the results in the results.json file.
We have given the dork query and the scanning process is been started.
We have got the results of vulnerable domains through the dork query.
In the below screenshots, results are been saved in the results.json file
and we have simply displayed the contents using the cat command.

You might also like