View Issue Details

IDProjectCategoryView StatusLast Update
0008750Kali LinuxNew Tool Requestspublic2024-06-03 12:12
Reportermalvads Assigned Todaniruiz  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Fixed in Version2024.2 
Summary0008750: sqlmc - About Check all urls of a domain for SQL injections

[Name] - sqlmc
[Version] - 1.0.0

[Homepage] -

[Download] -

[Author] - Miguel Alvarez

[Licence] - AGPL-3.0

[Description] - SQLMC (SQL Injection Massive Checker) is a tool designed to scan a domain for SQL injection vulnerabilities. It crawls the given URL up to a specified depth, checks each link for SQL injection vulnerabilities, and reports its findings.

[Dependencies] - python3

[Similar tools] - Is similar to sqliv but instead of scan for urls on the web it scan all urls of a domain

[Activity] - Im currently developing and maintaining it

[How to install] - pip3 install .

[How to use] - sqlmc -u -d 2

[Packaged] - Is the tool already packaged for Debian? No




2024-05-19 18:04

reporter   ~0019301

Hey @malvads. I am taking a look at packaging your tool, however a few questions/concerns arise regarding the tool's dependencies.

It requires:

  • python3-aiohttp v3.9.5
  • python3-frozenlist v1.4.1
  • python3-idna v3.7
  • python3-multidict v6.0.5
  • python3-tabulate v0.9.0

However, Kali has the following versions available (which come from Debian):

  • python3-aiohttp v3.9.1
  • python3-frozenlist v1.4.0
  • python3-idna v3.6
  • python3-multidict v6.0.4
  • python3-tabulate v0.8.10

Will the older versions work? If so, any chance to remove the "version restrictions" in requirements.txt and make them more open ended? i.e. >= x.y.z instead of == x.y.z



2024-05-19 21:15

reporter   ~0019303

i updated all the dependencies to match kali ones, and the tool is working with no issues :)



2024-05-19 21:16

reporter   ~0019304

you can package now @Arszilla



2024-05-20 19:44

reporter   ~0019317

@malvads just to clarify, I meant to use >= on all dependencies (assuming majority if not all of the code does not use functions etc. from those libraries that will be deprecated/subjected to major changes).

Regardless, a draft package is available:



2024-05-20 19:57

reporter   ~0019319

that was fast @Arszilla, than u for the work :), sure, i updated the dependencies on now it contains non-restrictive dependencies in the requirements.



2024-06-03 12:01

manager   ~0019342

This tool is now packaged!

Thank you ;)

Issue History

Date Modified Username Field Change
2024-05-06 02:31 malvads New Issue
2024-05-06 06:26 daniruiz Summary Add sqlmc tool => sqlmc - About Check all urls of a domain for SQL injections
2024-05-19 18:04 Arszilla Note Added: 0019301
2024-05-19 21:15 malvads Note Added: 0019303
2024-05-19 21:16 malvads Note Added: 0019304
2024-05-20 19:44 Arszilla Note Added: 0019317
2024-05-20 19:57 malvads Note Added: 0019319
2024-06-03 12:01 daniruiz Note Added: 0019342
2024-06-03 12:12 daniruiz Assigned To => daniruiz
2024-06-03 12:12 daniruiz Status new => resolved
2024-06-03 12:12 daniruiz Resolution open => fixed
2024-06-03 12:12 daniruiz Fixed in Version => 2024.2