Join the 1500 companies using G2 Track to manage SaaS spend, usage, contracts & compliance.

SQLmap

4.4
(13)

Automatic SQL injection and database takeover tool

Work for SQLmap?

Learning about SQLmap?

We can help you find the solution that fits you best.

SQLmap Reviews

Chat with a G2 Advisor
Write a Review
Filter Reviews
Filter Reviews
  • Ratings
  • Company Size
  • User Role
  • Industry
Ratings
Company Size
User Role
Industry
Showing 13 SQLmap reviews
LinkedIn Connections
SQLmap review by User in Media Production
User in Media Production
Validated Reviewer
Verified Current User
Review Source
content

"SQL Injection and Penetration Testing SQLMap is your tool"

What do you like best?

Ease of installation and usage. Examples and use cases. Test cases, high volume of forums and helps. Free of cost. The tutorials are easy to find and very extensive and cover all use case. So any developer or tester who does not know database can easily learn and start database testing.

What do you dislike?

Nothing so far, all features at this no price is very good. The learning curve for a new developer / tester is so smooth and easy that its the best tool in the market. And as you should know its an opensource tool hence free of cost.

Recommendations to others considering the product

Install it, try it think like a hacker test the use case and even the manual / automated testers can add this tool in their testing world and use it easily for a safe and secure application.

What business problems are you solving with the product? What benefits have you realized?

SQL injection is one of the basic yet most critical vulnerability in this data centric world. So to test each and every query and putting dedicated resource is not worth when automated tools are available. So, this led our business to opt for SQLMap as the automated penetration testing tool. The benefits were ease of installation and easy tutorial for anyone to learn. The cost was low and was compatible both on windows developer machine and unix based servers.

Sign in to G2 to see what your connections have to say about SQLmap
SQLmap review by Salani E.
Salani E.
Validated Reviewer
Review Source
content

"Project Accountant "

What do you like best?

The best thing that I like about this software is that it will give the visual benefit of analyzing the results and the interrelation with the tables. This will allow me to understand the primary and foreign key an the interrelationship between two. I personally believe that all the

What do you dislike?

The things that I don't dislike about this is sometimes the relationship between the tables confuse me. And I feel like we need more technical knowledge to understand that.

Recommendations to others considering the product

As any other software learn all the features and things that you can do using SQL. and follow some you tube videos available for free to get a better understanding about this. Get a specialist service and this one time cost will be a good investment for sure.

What business problems are you solving with the product? What benefits have you realized?

- Program mapping

-Contractors information mapping

-Injecting information to for the company record.

What Penetration Testing solution do you use?

Thanks for letting us know!
SQLmap review by Chaitanya T.
Chaitanya T.
Validated Reviewer
Verified Current User
Review Source
content

"SQLmap is the best tool to test the security of the database"

What do you like best?

Best Tool for testing the database for finding the sql injection vulnerabilities.

Best tool available as Free and open source to detect SQL Vulnerabilities.

What do you dislike?

These is not even a single con about this SQL Map... Its works great

Recommendations to others considering the product

I won't recommend this SQLMap tool to every pentester to automate and identify the vulnerabilities with ease within minutes.

What business problems are you solving with the product? What benefits have you realized?

Best tool to test the security of the Database.

Best for testing the SQL Data base using Parameter Testing .

It is a open source and free

SQLmap review by User
User
Validated Reviewer
Review Source
content

"Seguridad ante todo"

What do you like best?

Puede sonar paradójico que una herramienta para detectar vulnerabilidades sea la que te pueda solucionar tus problemas de seguridad en tu página web por ejemplo. Es ésta paradoja la que me gusta de SQLmap, poder ver y sobre todo prever las vulnerabilidades de mis sitio web y actuar en consecuencia.

What do you dislike?

Al contrario que otros programas que cuidan su estética, SQLmap ha puesto antes la efectividad que la apariencia, podemos decir que lo que menos me gusta ( y ésto no quiere decir que sea malo) es su entorno gráfico, su presentación. Pero todo lo que ofrece supera con creces esa falta de tiempo a la hora de haber dado una apariencia más visible a la herramienta.

Recommendations to others considering the product

Si buscas proteger tu red o aplicaciones, SQLmap es una opción más que recomendable a la hora de testear tus vulnerabilidades, así que si tu negocio se basa o tiene datos guardaos y privados que no quieres que ningún agente externo obtenga, sin duda SQLmap te ayudará a minimizar tus brechas de seguridad y dar más protección a tu negocio.

What business problems are you solving with the product? What benefits have you realized?

SQLmap lo uso ante todo para ver vulnerabilidades de la red donde trabajo y vulnerabilidades de las aplicaciones que se llegan a crear. Los beneficios son claros en este tema, actualmente la seguridad informática es tan valorado o incluso más que el diamante, tener un negocio seguro ante posibles ataques externos es algo que cualquier negocio o empresa desea tener, así que el beneficio es el de poder tener la seguridad de que tus datos no van a ser vulnerados por agentes externos.

SQLmap review by User in Computer & Network Security
User in Computer & Network Security
Validated Reviewer
Review Source
content

"Bst Database Penetration Testing tool"

What do you like best?

SQL map work with all SQL, MSSQL and Oracle databases, this tool is great tool for take database dumps and access databases through privileged escalations using SQL injection commands using the SQLmap commands. it is very powerful tool for automate the sql injections for penetrate web servers and database servers using SQLmap. customized python scripts can be used for automate these tasks fast and easily and also SQLmap is a free and open source tool integrated with kali linux so any one can use it without additional cost and if anyone want more features there is a pro version as well for purchase depend on your requirements.

What do you dislike?

SQLmap is a full command line tool and doesn't have proper Graphical user interface tool if there graphical user interface tool it will be lot more easy for use than the command line interface.

Recommendations to others considering the product

SQLmap is great free open source tool that every one can use without additional cost, mostly SQLmap inbuilt with Kali Linux, and if you want to install SQLmap to other than Linux platform that would be possible in this product.

What business problems are you solving with the product? What benefits have you realized?

SQLmap is opensource tool and doesn't have much support from specific vendor

there is no user friendly interface and all depends on the command line interface.

SQLmap review by Santosh R.
Santosh R.
Validated Reviewer
Review Source
content

"SQLmap is the best testing tool"

What do you like best?

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of the database server. Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, and H2 database management systems. Automatic recognition of password hash formats .search for specific database names, specific tables across all databases or specific columns across all databases' tables

What do you dislike?

SQLmap is a full command line tool .graphical user interface not perfect .no exist sufficient documentation

Recommendations to others considering the product

SQLmap is a great free open source tool. The best tool for testing the security of the Database.

What business problems are you solving with the product? What benefits have you realized?

SQLmap is open source and free tool.there is no user-friendly interface

SQLmap review by Henry S.
Henry S.
Validated Reviewer
Review Source
content

"SQLmap as a testing tool."

What do you like best?

It is an important testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over the database servers.

It comes with a powerful detection engine.

Provides for many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting,over data fetching from the database, to accessing the underlying file system and executing commands on operating system.

What do you dislike?

It requires high levels of technological know-how.

What business problems are you solving with the product? What benefits have you realized?

Detecting and exploiting SQL injection flaws.

Accessing the underlying file system.

Executing commands on the operating system via out-of-band connections.

SQLmap review by Matt B.
Matt B.
Validated Reviewer
Review Source
content

"SQLmap makes finding SQL injection points easy"

What do you like best?

SQLmap is easy to get started in, and doesn't require an expert level user to test sites. The software has a built-in wizard option, which can walk novice users through the process without losing capability, and as familiarity with the product increases, allows further advancement without a terrible learning curve.

What do you dislike?

Some reports can become cumbersome and hard to parse in the command line interface.

What business problems are you solving with the product? What benefits have you realized?

SQLmap gives us the ability to easily and quickly spin through a broad spectrum of tests which would be difficult if not impossible to accomplish manually.

SQLmap review by Cesar R.
Cesar R.
Validated Reviewer
Review Source
content
Business partner of the vendor or vendor's competitor, not included in G2 scores.

"SQLmap para examinar bases de datos"

What do you like best?

La manera en la que se puede detectar de manera eficaz, fallos o vulnerabilidades que pueden poner en riesgo la seguridad y persistencia de una base de datos.

What do you dislike?

No existe suficiente documentación técnica para tomar como referencia, hay sitios donde se puede encontrar información pero debería de existir mayor fuente de datos.

What business problems are you solving with the product? What benefits have you realized?

Este software me ayudó en examinar las vulnerabilidades que pueden existir en las bases de datos así como realizar pruebas de penetración que automatiza el proceso de detección y explotación de fallas de inyección SQL .

SQLmap review by User in Information Technology and Services
User in Information Technology and Services
Validated Reviewer
Review Source
content

"Free, fast nad accurate"

What do you like best?

Sqlmap is an open source tool which can be downloaded from any secure website.

Its one of the best tool to exploit any sql injection in your code. It gives you a full control over a database by testing the security of it. It helps to keep multiple databases in sync. You can access any database and its tables; can view, edit or delete the data in the tables. Its a 'must have' tool. Many security professionals use this tool.

What do you dislike?

This tool can be used for illegal purposes. Hackers can get into the database, if not secured, and can get all the confidential data.

What business problems are you solving with the product? What benefits have you realized?

It helps me to test my web application code and for syncing my databases.

SQLmap review by Nikki G.
Nikki G.
Validated Reviewer
Verified Current User
Review Source
content

"Quite Interesting"

What do you like best?

It helped me for testing SQL injection on a dummy website

What do you dislike?

I don't dislike anything about the SQL MAP

Recommendations to others considering the product

Absolutely esp people who want to become security experts

What business problems are you solving with the product? What benefits have you realized?

It helps detecting the vulnerabilities in websites to make them more securer

SQLmap review by User in Hospitality
User in Hospitality
Validated Reviewer
Review Source
content

"SQLmap"

What do you like best?

I like that it is easy to figure out how to use

What do you dislike?

I dislike that it is difficult to get to and does not link up with my other products

Recommendations to others considering the product

I recommend trialing it before you start using it then you will know if it will be helpful for your company and specific position or not. It may or may not work for you. This is very specific.

What business problems are you solving with the product? What benefits have you realized?

detect and exploit database vulnerabilities and provides options for injecting malicious codes into them

SQLmap review by Administrator
Administrator
Validated Reviewer
Review Source
content

"SQLMap automated tool makes tasks easier and faster!"

What do you like best?

Our team was impressed with the multiple SQL injection techniques and the detailed search functions.

What do you dislike?

While there is documentation, there is a lot of it to go through and some of it can be tedious. It can take a little while to really get used to how to perform certain functions.

What business problems are you solving with the product? What benefits have you realized?

Our dev team wanted more flexibility with how we interacted with SQL databases. While there was a lot of functionality in SQLMap, we only used some of it.

Kate from G2

Learning about SQLmap?

I can help.
* We monitor all SQLmap reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.