How does it handle Web Application Firewalls (WAF)?

It provides troubleshooting steps and commands for using tamper scripts, random user agents, and request delays to bypass security filters and rate limiting.

What is the SQLMap Database Pentesting skill?

It is a specialized guidance tool for Claude Code that provides automated workflows and commands for using SQLMap to detect and exploit SQL injection vulnerabilities.

Which databases does this skill support?

It supports a wide range of systems including MySQL, PostgreSQL, Microsoft SQL Server, Oracle, SQLite, IBM DB2, and many others.

Is this tool legal to use?

This skill is intended for ethical security testing only. You must have explicit, written authorization to perform penetration testing on any target system.

Can I use this for POST-based injections?

Yes, the skill includes specific instructions for using HTTP request files (often exported from tools like Burp Suite) to test POST parameters and headers.

SQLMap Database Pentesting

Name: SQLMap Database Pentesting
Author: claudiodearaujo

byclaudiodearaujo

0•

Security & Testing

Automates SQL injection vulnerability detection and database exploitation using the industry-standard SQLMap penetration testing framework.

This skill provides comprehensive, systematic methodologies for identifying and exploiting SQL injection vulnerabilities within web applications. It streamlines the process of database enumeration, table and column discovery, and sensitive data extraction while offering advanced guidance on WAF bypass techniques and multiple target specification methods. Designed for security professionals and developers performing authorized audits, it ensures thorough testing across various database management systems including MySQL, PostgreSQL, and MSSQL using proven automated workflows.

Key Features

010 GitHub stars

02Support for multiple target inputs including URLs, request files, and logs

03Advanced data extraction for credentials and password hashes

04Full database enumeration including tables, columns, and records

05WAF/IPS bypass strategies using tamper scripts and custom headers

06Automated SQL injection detection across multiple DBMS platforms

Use Cases

01Automating the identification of injectable parameters in complex web forms

02Extracting and verifying database schema information during penetration tests

03Performing authorized security audits on web application databases

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front sqlmap-database-pentesting

For use in Claude.ai and ChatGPT

Download Skill

Key Features

010 GitHub stars

02Support for multiple target inputs including URLs, request files, and logs

03Advanced data extraction for credentials and password hashes

04Full database enumeration including tables, columns, and records

05WAF/IPS bypass strategies using tamper scripts and custom headers

06Automated SQL injection detection across multiple DBMS platforms

Use Cases

01Automating the identification of injectable parameters in complex web forms

02Extracting and verifying database schema information during penetration tests

03Performing authorized security audits on web application databases

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front sqlmap-database-pentesting

For use in Claude.ai and ChatGPT

Download Skill