Currently viewing ATT&CK v15.1 which was live between April 23, 2024 and October 30, 2024. Learn more about the versioning system or see the live site.
  1. Home
  2. Software
  3. sqlmap

sqlmap

sqlmap is an open source penetration testing tool that can be used to automate the process of detecting and exploiting SQL injection flaws. [1]

ID: S0225
Type: TOOL
Version: 1.0
Created: 18 April 2018
Last Modified: 17 October 2018
Enterprise Layer
download view

Techniques Used

Domain ID Name Use
Enterprise T1190 Exploit Public-Facing Application

sqlmap can be used to automate exploitation of SQL injection vulnerabilities.[1]

Groups That Use This Software

ID Name References
G0130 Ajax Security Team

[2]
G0096 APT41

[3]

References

  1. Damele, B., Stampar, M. (n.d.). sqlmap. Retrieved March 19, 2018.
  2. Check Point Software Technologies. (2015). ROCKET KITTEN: A CAMPAIGN WITH 9 LIVES. Retrieved March 16, 2018.
  1. Nikita Rostovcev. (2022, August 18). APT41 World Tour 2021 on a tight schedule. Retrieved February 22, 2024.