Fast and customisable vulnerability scanner based on simple SQL payloads.

How • Install • Join Discord

---

Bsqli is used to send requests across targets based on a payload list, leading to almost zero false positives and providing fast scanning on a large number of hosts, With powerful and flexible payload list, Bsqli can be used to find all kinds of sql vulns.

How it works

Install Bsqli

Bsqli requires python3 to run successfully. Run the following command to install the latest version -

git clone -v https://github.com/KKonaNN/bsqli.git

Usage

python3 main.py -h

This will display help for the tool. Here are all the switches it supports.

Bsqli is a fast Blind SQL LIKE CLAUSE Data Exfiltration Tool

Usage:
  python3 bsqli.py [flags]

Flags:
usage: main.py [-h] (-u URL | -l FILE) -p PAYLOADS [-t THREADS] [-o OUTPUT] [-hf] [-s]

Proof of Concept Blind SQL LIKE CLAUSE Data Exfiltration Tool

options:
  -h, --help            show this help message and exit
  -u URL, --url URL     Target URL
  -l FILE, --file FILE  URLs file
  -p PAYLOADS, --payloads PAYLOADS
                        Payloads file
  -t THREADS, --threads THREADS
                        Number of threads
  -o OUTPUT, --output OUTPUT
                        Output file for results
  -hf, --hide-fail, --hide-fails
                        Hide failed attempts
  -s, --no-ssl-verify   Disable SSL verification