---
title: sql map Reviews
meta_title: 'sql map Reviews 2026: Details, Pricing, & Features | G2'
meta_description: Filter 14 reviews by the users' company size, role or industry to
  find out how sql map works for a business like yours.
aggregate_rating:
  rating_value: 4.0
  review_count: 14
  scale: '5'
date_modified: '2026-05-05'
parent_category:
  name: "DevSecOps\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t"
  url: https://www.g2.com/categories/devsecops
---

# sql map Reviews
**Vendor:** sql map  
**Category:** [Penetration Testing Tools](https://www.g2.com/categories/penetration-testing-tools)  
**Average Rating:** 4.0/5.0  
**Total Reviews:** 14
## About sql map
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.




## sql map Reviews
  ### 1. SQL Map Review

**Rating:** 4.0/5.0 stars

**Reviewed by:** Verified User in Accounting | Mid-Market (51-1000 emp.)

**Reviewed Date:** May 21, 2022

**What do you like best about sql map?**

It is an open source penetration testing tool

**What do you dislike about sql map?**

The UI can be imprvised a bit as SQL Map has the black background which should be made white so as to appaer less colour sensitive to eyes.

**What problems is sql map solving and how is that benefiting you?**

I have used it to detect and exploit SQL Injection flaws. It was very useful as it was very handy to use.

  ### 2. Great SQL injection finding tool

**Rating:** 5.0/5.0 stars

**Reviewed by:** Ashen S. | Analyst, Enterprise (> 1000 emp.)

**Reviewed Date:** June 13, 2021

**What do you like best about sql map?**

What I like about this tool is, only we have to apply the URL with the correct parameters. The SQL Map tool does the rest. SQL map finds every possible way to inject SQL to the URL. The manual is also beneficial. There are so many options available on the SQL Map tool, which is very helpful to find SQL Injections in many ways.

**What do you dislike about sql map?**

What I most dislike is the complexity of the tool. Without the manual, it is so much harder to apply SQL Injection to URLs. Another thing is, sometimes the result is giving false positives. We often need to verify the results shown from the SQL injection tool.

**Recommendations to others considering sql map:**

If the complexity is low, that would be a great advantage to SQL Injection users.

**What problems is sql map solving and how is that benefiting you?**

The main benefit that I'm having is the time base advantage. When I am manually trying SQL injection on a web application, It is a very time-consuming process. But if I am using SQL Injection, I have to apply the tool to the correct URL and verify the output from the SQL injection.

  ### 3. A non-user friendly open source software

**Rating:** 3.5/5.0 stars

**Reviewed by:** Linda J. | Writer, Small-Business (50 or fewer emp.)

**Reviewed Date:** June 08, 2019

**What do you like best about sql map?**

sql map is an open source software that allows you to figure out what code you may have that is potentially dangerous or prone to vulnerabilities. It is important in figuring out what problems you can find and fix and or what you can provoke with the software.

**What do you dislike about sql map?**

It is not very user friendly nor does it allow kind of development that would make it easier to read and realize what is available, meaning there are errors in the code that some users who are not as advanced would not realize they would need to fix.

**Recommendations to others considering sql map:**

Consider your skill set in coding and if you can adequately describe not only what you're looking at but also what it is that you are missing, and that is where you would find the vulnerability.

**What problems is sql map solving and how is that benefiting you?**

For advanced users, this is easy to use and helps poke holes in the code you have for some vulnerabilities. However, for others who do not have that coding background, or rather, reading code background, this becomes difficult to decipher.

  ### 4. Database Dumping made easier

**Rating:** 3.5/5.0 stars

**Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.)

**Reviewed Date:** July 24, 2019

**What do you like best about sql map?**

SQL map is a popular software where users are able to automate SQL queries and inject the database. The user friendliness and the features of SQL map makes penetration testing more easier. Bypass methods and shell uploading via sql map makes penetration testing much more easier. 

**What do you dislike about sql map?**

Nothing much to dislike about sqlmap since this is a stable tool. The tool lags sometimes due to network errors and the application gets stuck. 

**Recommendations to others considering sql map:**

I recommend SQLMap for newbies who like to get started with penetration testing. Web Application testing and application penetration testers are advised to use SQLMap to make your process easier. 

**What problems is sql map solving and how is that benefiting you?**

Day to today penetration testing of web applications and databases are solved using SQL map in my case. A very useful tool for security researches to save time. 

  ### 5. A tool used to detect and exploit database vulnerabilities

**Rating:** 4.0/5.0 stars

**Reviewed by:** Verified User in Information Technology and Services | Mid-Market (51-1000 emp.)

**Reviewed Date:** June 06, 2019

**What do you like best about sql map?**

Automatic recognition of password hash formats and support for cracking them using a dictionary-based attack. Support to dump database tables entirely, a range of entries or specific columns as per user's choice. The user can also choose to dump only a range of characters from each column's entry.

**What do you dislike about sql map?**

Regarding the risk. There are 3 risk values. The default value is 1 which is innocuous for the majority of SQL injection points. Risk value 2 adds to the default level the tests for heavy query time-based SQL injections and value 3 adds also OR-based SQL injection tests.

**Recommendations to others considering sql map:**

One can use it for populating database, connecting to the remote database, and find vulneabilties via SQL injections.

**What problems is sql map solving and how is that benefiting you?**

Support to directly connect to the database without passing via a SQL injection, by providing DBMS credentials, IP address, port and database name. Support to establish an out-of-band stateful TCP connection between the attacker machine and the database server underlying operating system

  ### 6. Injections For Databases ;) 

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Computer & Network Security | Enterprise (> 1000 emp.)

**Reviewed Date:** May 29, 2019

**What do you like best about sql map?**

The user friendliness and the easy switches of SQLmap helps users to do injections and upload shells to the back end of an application. 
Bypass techniques in sqlmap are very helpful for beginners whos desire is for pen testing.  

**What do you dislike about sql map?**

So far i like everything about  SQLMap. May be the interface and new switches can be developed to use for more DBMS's

**Recommendations to others considering sql map:**

I recommend newbies to use this tool in Penetration Testing. For Easy and Fast Learning

**What problems is sql map solving and how is that benefiting you?**

Automated SQL injection. Rather than matching expressions and injecting get/post requests manually it is easy to inject pay loads by SQLMap. Mostly in Web App penetration Testing we pentesters use automated tools such as SQLMap to dump databases and upload shells to gain access to database management Systems. 

  ### 7. good tool for database injections

**Rating:** 4.5/5.0 stars

**Reviewed by:** yoganathan a. | Lecture , Mid-Market (51-1000 emp.)

**Reviewed Date:** May 08, 2019

**What do you like best about sql map?**

it has most of the possible database injection methods so it makes easy to detect sql injection vulnerability by automated this on the victim url. 

**What do you dislike about sql map?**

it is talking too much time to process to find the vulnerability. also it little bit outdated 

**Recommendations to others considering sql map:**

it is a good tool for finding database injection vulnerabilities 

**What problems is sql map solving and how is that benefiting you?**

easy to find database injection vulnerability to fix also it save my time from multiple testing scenarios. it automated all the test case so i can do other works while it run on the target.

  ### 8. Dump the database with sqlmap

**Rating:** 4.5/5.0 stars

**Reviewed by:** Dilan M. | Information Security Analyst, Enterprise (> 1000 emp.)

**Reviewed Date:** May 10, 2019

**What do you like best about sql map?**

This tool can easily use everyone, I have use this to do my office works, this very useful to identify the sql injection vulnerabilites . this is support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server and etc.

**What do you dislike about sql map?**

There is nothing to tell anything bad, but if there is a graphical interface could be easy to use beginners. to use this tool need some technical knowledge also.

**What problems is sql map solving and how is that benefiting you?**

time-saving and when need to perform SQL injection attack this tool can do it in an automated way

  ### 9. automatted sql injection scanner 

**Rating:** 5.0/5.0 stars

**Reviewed by:** Vasanth P. | application security engineer, Enterprise (> 1000 emp.)

**Reviewed Date:** May 22, 2019

**What do you like best about sql map?**

it has all type sql injection attack vectors so it makes penetration tester's life too easy also it reduces testing time as well.

**What do you dislike about sql map?**

some times we need to increase the level of scanning complexity to exploit the attack but it take long time.  

**What problems is sql map solving and how is that benefiting you?**

it help to find sql injection vulnerabilities on websites.

  ### 10. sdfBest Database Penetration Testing device

**Rating:** 2.5/5.0 stars

**Reviewed by:** Shani K. | MEAN Stack Dev, Mid-Market (51-1000 emp.)

**Reviewed Date:** February 27, 2019

**What do you like best about sql map?**

SQL map work with all SQL, MSSQL and Oracle databases, this device is extraordinary device for take database dumps and access databases through special accelerations utilizing SQL infusion directions utilizing the SQLmap directions.

**What do you dislike about sql map?**

SQLmap is a full direction line device and doesn't have appropriate Graphical UI instrument if there graphical UI device it will be part more simple for use than the order line interface.

**What problems is sql map solving and how is that benefiting you?**

SQLmap is opensource device and doesn't have much help from explicit seller

  ### 11. Need an authority administration

**Rating:** 3.0/5.0 stars

**Reviewed by:** nancy p. | Python Dev, Mid-Market (51-1000 emp.)

**Reviewed Date:** February 27, 2019

**What do you like best about sql map?**

This will enable me to comprehend the essential and remote key a the interrelationship between two.Get an expert administration and this one time cost will be a decent speculation without a doubt.

**What do you dislike about sql map?**

I feel like we need increasingly specialized learning to comprehend this, youtube does not support that much so we may require an expert to support us

**What problems is sql map solving and how is that benefiting you?**

Temporary workers data mapping.

  ### 12. SQLmap is the best device to test the security of the database

**Rating:** 4.5/5.0 stars

**Reviewed by:** Paul M. | Software Analyst , Mid-Market (51-1000 emp.)

**Reviewed Date:** February 27, 2019

**What do you like best about sql map?**

Best Tool for testing the database for finding the sql infusion vulnerabilities.Best instrument accessible as Free and open source to recognize SQL Vulnerabilities.

**What do you dislike about sql map?**

I won't prescribe this SQLMap instrument to each pentester to computerize and distinguish the vulnerabilities effortlessly inside minutes.

**What problems is sql map solving and how is that benefiting you?**

Best instrument to test the security of the Database.

  ### 13. Undertaking Accountant

**Rating:** 4.0/5.0 stars

**Reviewed by:** Maynard H. | Senior Q/A Engineer, Mid-Market (51-1000 emp.)

**Reviewed Date:** February 27, 2019

**What do you like best about sql map?**

The best thing that I like about this product is that it will give the visual advantage of breaking down the outcomes and the interrelation with the tables.

**What do you dislike about sql map?**

The things that I don't disdain about this is once in a while the connection between the tables confound me.

**What problems is sql map solving and how is that benefiting you?**

Program mapping.

  ### 14. Very well built software

**Rating:** 4.0/5.0 stars

**Reviewed by:** Verified User in Online Media | Small-Business (50 or fewer emp.)

**Reviewed Date:** October 30, 2018

**What do you like best about sql map?**

It is very well documented, very well organized and it has a very bright future!

**What do you dislike about sql map?**

Nothing so far, I enjoy using sqlmap for pen testing.

**What problems is sql map solving and how is that benefiting you?**

There are dozens of viable SQL injection exploitation tools available. I have  tested many and continue to return to sqlmap when I need to pen-test for SQL injection vulnerabilities. 


## sql map Discussions
  - [What is sql map used for?](https://www.g2.com/discussions/what-is-sql-map-used-for)

- [View sql map pricing details and edition comparison](https://www.g2.com/products/sql-map/reviews?section=pricing&secure%5Bexpires_at%5D=2026-07-01+23%3A02%3A25+-0500&secure%5Bsession_id%5D=1f2e3112-8866-4802-a794-9aa7880c3068&secure%5Btoken%5D=1de67c3254edee19a574e92d74f78e00d57b28166f2386c33e7dd88dcb4052a7&format=llm_user)

## sql map Features
**Administration**
- API / Integrations
- Extensibility
- Reporting and Analytics

**Analysis**
- Issue Tracking
- Reconnaissance
- Vulnerability Scan

**Testing**
- Command-Line Tools
- Manual Testing
- Test Automation
- Performance and Reliability

## Top sql map Alternatives
  - [vPenTest](https://www.g2.com/products/vpentest/reviews) - 4.6/5.0 (238 reviews)
  - [Cobalt](https://www.g2.com/products/cobalt-io-cobalt/reviews) - 4.5/5.0 (176 reviews)
  - [Intruder](https://www.g2.com/products/intruder/reviews) - 4.8/5.0 (206 reviews)

