Quick Start Guide¶
Get up and running with SQLMap AI in minutes! This guide will walk you through installation, configuration, and your first SQL injection test.
Prerequisites¶
- Python 3.8 or higher
- Internet connection (for cloud AI providers)
- 2GB+ RAM (for Ollama local models)
Step 1: Installation¶
Option A: Install from PyPI (Recommended)¶
Option B: Install from Source¶
Verify Installation¶
Step 2: Set Up AI Provider¶
Choose one of the following AI providers:
Groq (Recommended - Fastest)¶
- Get a free API key from https://console.groq.com
- Create a
.envfile in your project directory:
OpenAI¶
- Get an API key from https://platform.openai.com
- Add to your
.envfile:
Anthropic (Claude)¶
- Get an API key from https://console.anthropic.com
- Add to your
.envfile:
Ollama (Local AI - Privacy Focused)¶
- Install Ollama: https://ollama.ai/download
- Start Ollama service:
- Download a model:
- Enable in your
.envfile:
Step 3: Run Installation Check¶
This command will: - Check your AI provider setup - Install SQLMap if needed - Create configuration files - Validate your environment
Step 4: Configure Settings (Optional)¶
Run the interactive configuration wizard:
This will help you: - Select AI providers - Configure security settings - Set up SQLMap options - Choose Ollama models (if using Ollama)
Step 5: Test Your Setup¶
Check AI Providers¶
Expected output:
List Ollama Models (if using Ollama)¶
Step 6: Your First Test¶
Basic SQL Injection Test¶
Enhanced Mode with AI Analysis¶
# Use enhanced mode for AI-powered testing
sqlmap-ai --enhanced -u "http://testphp.vulnweb.com/listproducts.php?cat=1"
With Specific AI Provider¶
# Use Groq (fastest)
sqlmap-ai -u "http://testphp.vulnweb.com/listproducts.php?cat=1" --ai-provider groq
# Use Ollama (local, private)
sqlmap-ai -u "http://testphp.vulnweb.com/listproducts.php?cat=1" --ai-provider ollama
Step 7: View Results¶
After running a test, you'll see:
- Real-time Progress: Live updates on the testing process
- AI Analysis: Intelligent insights and recommendations
- HTML Report: Beautiful report saved to
reports/directory - Console Output: Detailed results in the terminal
What's Next?¶
Now that you've completed your first test, explore these features:
- Testing Modes: Learn about Enhanced, Simple, and Adaptive modes
- Request Files: Test complex scenarios with captured HTTP requests
- Advanced Features: Discover adaptive testing and WAF evasion
- Examples: See more real-world examples
Troubleshooting¶
If you encounter issues:
- Check AI Providers:
sqlmap-ai --check-providers - Validate Configuration:
sqlmap-ai --validate-config - Re-run Setup:
sqlmap-ai --install-check - See Help:
sqlmap-ai --help
For more detailed troubleshooting, see the Troubleshooting Guide.
Example Output¶
Here's what a successful test looks like:
$ sqlmap-ai --enhanced -u "http://testphp.vulnweb.com/listproducts.php?cat=1"
🚀 SQLMap AI - AI-Powered SQL Injection Testing
================================================
📋 Target Information:
URL: http://testphp.vulnweb.com/listproducts.php?cat=1
Method: GET
Parameter: cat
🤖 AI Provider: Groq (Auto-selected)
🔄 Starting Enhanced Mode...
├─ Initial Assessment: Checking for SQL injection vulnerabilities
├─ DBMS Identification: Detecting database type
├─ Enhanced Testing: Applying advanced techniques
└─ AI Analysis: Generating insights and recommendations
✅ Results:
├─ Vulnerable Parameters: cat (GET)
├─ DBMS: MySQL >= 5.6
├─ Techniques: Boolean-based blind, time-based blind
└─ Risk Level: HIGH
📊 Report generated: reports/sqlmap_ai_report_20241201_143022.html
🎯 AI Recommendations:
- Target is vulnerable to SQL injection
- Consider extracting database information
- Implement proper input validation
- Use parameterized queries