0

I'm automating SQL injection using sqlmap. Is there someone who managed to parse sqlmap console output to only report critical findings (vulnerable pages to SQL injection)?

The tool doesn't support output as JSON, and running the tool as API server, the results are in JSON format but it still reports all findings (basically converting all console output to JSON file).

Is there an efficient way to automate the SQLmap tool that I'm not aware of?

schroeder
  • 123,438
  • 55
  • 284
  • 319
ikenahimm
  • 11
  • 1
  • 1
    You mean `grep` looking for `injectable`? sqlmap can do so much and returns a wide range of possible results, that "automation" is difficult. If you define what exactly you want, you can simply grep for it. – schroeder Jul 02 '20 at 10:10
  • I like to filter console output to only print found results (vulnerable pages to SQL injection), SQLmap doesn't have a parameter to filter results and doesn't support JSON output – ikenahimm Jul 02 '20 at 11:58
  • I understand that. That's why I suggested `grep` ... – schroeder Jul 02 '20 at 14:17
  • oh dear, this isn't going to end well.... – Pedro Jul 02 '20 at 14:42
  • I will try grep and see , thanks for the hint – ikenahimm Jul 04 '20 at 07:51

0 Answers0