.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.1.
.TH SQLMAP "1" "October 2023" "sqlmap v1.7.10" "User Commands"
.SH NAME
sqlmap \- automatic SQL injection tool
.SH SYNOPSIS
.B python3
\fI\,sqlmap \/\fR[\fI\,options\/\fR]
.SH DESCRIPTION
.IP
___
.IP
__H__
.TP
___ ___[']_____ ___ ___
{1.7.10#stable}
.PP
|_ \-| . [,]     | .'| . |
|___|_  [)]_|_|_|__,|  _|
.TP
|_|V...
|_|   https://sqlmap.org
.SH OPTIONS
.TP
\fB\-h\fR, \fB\-\-help\fR
Show basic help message and exit
.TP
\fB\-hh\fR
Show advanced help message and exit
.TP
\fB\-\-version\fR
Show program's version number and exit
.TP
\fB\-v\fR VERBOSE
Verbosity level: 0\-6 (default 1)
.IP
Target:
.IP
At least one of these options has to be provided to define the
target(s)
.TP
\fB\-u\fR URL, \fB\-\-url\fR=\fI\,URL\/\fR
Target URL (e.g. "http://www.site.com/vuln.php?id=1")
.TP
\fB\-g\fR GOOGLEDORK
Process Google dork results as target URLs
.IP
Request:
.IP
These options can be used to specify how to connect to the target URL
.TP
\fB\-\-data\fR=\fI\,DATA\/\fR
Data string to be sent through POST (e.g. "id=1")
.TP
\fB\-\-cookie\fR=\fI\,COOKIE\/\fR
HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..")
.TP
\fB\-\-random\-agent\fR
Use randomly selected HTTP User\-Agent header value
.TP
\fB\-\-proxy\fR=\fI\,PROXY\/\fR
Use a proxy to connect to the target URL
.TP
\fB\-\-tor\fR
Use Tor anonymity network
.TP
\fB\-\-check\-tor\fR
Check to see if Tor is used properly
.IP
Injection:
.IP
These options can be used to specify which parameters to test for,
provide custom injection payloads and optional tampering scripts
.TP
\fB\-p\fR TESTPARAMETER
Testable parameter(s)
.TP
\fB\-\-dbms\fR=\fI\,DBMS\/\fR
Force back\-end DBMS to provided value
.IP
Detection:
.IP
These options can be used to customize the detection phase
.TP
\fB\-\-level\fR=\fI\,LEVEL\/\fR
Level of tests to perform (1\-5, default 1)
.TP
\fB\-\-risk\fR=\fI\,RISK\/\fR
Risk of tests to perform (1\-3, default 1)
.IP
Techniques:
.IP
These options can be used to tweak testing of specific SQL injection
techniques
.TP
\fB\-\-technique\fR=\fI\,TECH\/\fR..
SQL injection techniques to use (default "BEUSTQ")
.IP
Enumeration:
.IP
These options can be used to enumerate the back\-end database
management system information, structure and data contained in the
tables
.TP
\fB\-a\fR, \fB\-\-all\fR
Retrieve everything
.TP
\fB\-b\fR, \fB\-\-banner\fR
Retrieve DBMS banner
.TP
\fB\-\-current\-user\fR
Retrieve DBMS current user
.TP
\fB\-\-current\-db\fR
Retrieve DBMS current database
.TP
\fB\-\-passwords\fR
Enumerate DBMS users password hashes
.TP
\fB\-\-dbs\fR
Enumerate DBMS databases
.TP
\fB\-\-tables\fR
Enumerate DBMS database tables
.TP
\fB\-\-columns\fR
Enumerate DBMS database table columns
.TP
\fB\-\-schema\fR
Enumerate DBMS schema
.TP
\fB\-\-dump\fR
Dump DBMS database table entries
.TP
\fB\-\-dump\-all\fR
Dump all DBMS databases tables entries
.TP
\fB\-D\fR DB
DBMS database to enumerate
.TP
\fB\-T\fR TBL
DBMS database table(s) to enumerate
.TP
\fB\-C\fR COL
DBMS database table column(s) to enumerate
.IP
Operating system access:
.IP
These options can be used to access the back\-end database management
system underlying operating system
.TP
\fB\-\-os\-shell\fR
Prompt for an interactive operating system shell
.TP
\fB\-\-os\-pwn\fR
Prompt for an OOB shell, Meterpreter or VNC
.IP
General:
.IP
These options can be used to set some general working parameters
.TP
\fB\-\-batch\fR
Never ask for user input, use the default behavior
.TP
\fB\-\-flush\-session\fR
Flush session files for current target
.IP
Miscellaneous:
.IP
These options do not fit into any other category
.TP
\fB\-\-wizard\fR
Simple wizard interface for beginner users