Marketplace for trusted AI agent skills

Reproduce SQL injection paths and map database takeover options with sqlmap

Skill Detail

Reproduce SQL injection paths and map database takeover options with sqlmap

Take a suspected injectable request, replay it on an authorized target, confirm the finding, and enumerate reachable database actions before manual follow-up.

Security & VerificationMulti-Framework
Security & Verification Multi-Framework Security Reviewed
⭐ 37.1k GitHub stars
INSTALL WITH ANY AGENT
npx skills add agentskillexchange/skills --skill reproduce-sql-injection-paths-and-map-database-takeover-options-with-sqlmap Copy
Works best when you want a reusable capability, not another fragile one-off prompt.
View source Documentation
At a glance
Tools required
Python, authorized target URL or captured HTTP request, operator approval for security testing
Install & setup
Clone the upstream repository or use a packaged install, then run sqlmap.py against an authorized request or URL.
Author
sqlmapproject
Publisher
Open Source Project
Last updated
Apr 19, 2026
Quick brief

Use sqlmap when an authorized security review already has a suspicious request, parameter, or captured HTTP transaction and needs to confirm whether SQL injection is real, reproducible, and materially exploitable. The upstream project is explicit about the workflow: automate detection, fingerprint the backend database, and enumerate impact.

How it works

What this skill actually does

Invoke this instead of manual request replay when the goal is structured confirmation and evidence gathering for a suspected SQL injection path, not broad application scanning or generic database administration. The scope boundary is tight: sqlmap reproduces and characterizes SQL injection on authorized targets. It is not a general database client, security platform, or web framework listing.