Back to Course

The Practical Guide to sqlmap for SQL Injection

0% Complete
0/0 Steps
  1. About the Course

    About the course
  2. About the course author
  3. Pre-requisites
  4. Setting up our lab environment
    Creating a home lab environment
  5. Downloading the latest sqlmap (optional)
  6. sqlmap Overview
    What is sqlmap?
  7. sqlmap: An introduction
  8. Techniques used by sqlmap
  9. Features and usage
  10. Understanding the source code
  11. Knowledge check
    1 Quiz
  12. sqlmap Options Deep Dive
    Navigating the options sections
  13. Using
  14. Main Options
  15. Target
  16. Practical Knowledge Check
  17. Requests Options
    HTTP headers, methods, and data
  18. Cookies
  19. HTTP authentication
  20. Proxies and using sqlmap anonymously
  21. CSRF tokens
  22. General Options
  23. Eval
  24. Practical Knowledge Check
  25. Optimizations Options
  26. Injections Options
    Injection part 1
  27. Injection part 2
  28. Tamper scripts
  29. Detection Options
  30. Practical Knowledge Check
  31. Techniques Options
    Techniques part 1
  32. Techniques part 2
  33. Fingerprinting Options
  34. Practical Knowledge Check
  35. Enumeration Options
    Enumeration part 1
  36. Enumeration part 2
  37. Enumeration part 3
  38. Practical Knowledge Check
  39. Brute Force Options
    Brute force
  40. UDF Options
    User-defined function injection
  41. File, OS, and Windows registry access
    File system access
  42. Operating system access
  43. Windows registry access
  44. Practical knowledge check
  45. General & Miscellaneous
    General part 1
  46. General part 2
  47. General part 3
  48. Miscellaneous
  49. Practical Knowledge Check
  50. sqlmap in action
    Information gathering
  51. Finding an SQL injection vulnerability
  52. Exploiting an SQL injection vulnerability to extract data
  53. Cracking extracted password hashes
  54. Bypassing WAFs
    WAFs overview
  55. WAF identification
  56. Manual WAF bypass
  57. WAF bypass with sqlmap
  58. Running sqlmap as an API
    Why run sqlmap as an API?
  59. How to run sqlmap as an API
  60. Conclusion
    Additional resources
  61. What now?
Lesson 1 of 61
In Progress

About the course

Christophe June 14, 2021

sqlmap is an incredibly powerful tool for finding and exploiting SQL injection vulnerabilities. There are so many different options and so many features that can make the difference between finding and not finding vulnerabilities in pentest and bug bounty engagements — and that’s why I created this course.

In this video, I’ll explain a little bit about how this course is structured so that you can navigate it. I’ll also show you where you can download resources and cheat sheets that are included with the course, and I’ll give a high-level overview of what you can expect to learn.

The main goal of this course is to make you proficient in the use of sqlmap for professional engagements. I want this to be a resource for you that not only helps you build a very solid foundation, but also acts as a practical guide that you can use throughout your career — in addition to sqlmap’s official documentation.

That’s why I’ve laid out the course in 3 main sections.

The course is broken down in 3 main sections

Getting started with the course, creating a home lab environment, and the basics of sqlmap

Getting started with the course is where you are right now. Shortly after, we will move on to creating a home lab environment. Not only will the home lab help you follow along throughout the course, but it will also show you how to quickly spin up test environments for you to practice sqlmap’s options.

As we cover the basics of sqlmap, we’ll also take a look at how the source code is structured, how you can find payloads used by the tool, and other important files and configurations that you can modify as you become a more advanced user of sqlmap

sqlmap Options Deep Dive

In this section, we look at every single option and feature that sqlmap has to offer with examples and explanations of how and when to use those options, and of course, how to configure them.

sqlmap in action

While most of the course is built with practice in mind, this last section takes everything that we’ve learned about sqlmap’s features and options, and implements it in real-world scenarios. That way you can see how options can be used together in order to troubleshoot problems, implement sqlmap in your development and deployment pipelines, or use the tool in pentest and bug bounty engagements.

Order of completion

I do recommend going from top to bottom and completing each section one after the other in order to get the most out of this course. With that said, I also understand that you might have a specific need right now that could be solved with just one or two of these sections, and so you might want to go directly there in order to save time. For example, if you’re currently struggling to bypass a Web Application Firewall with sqlmap for a bug bounty program, then feel free to jump directly to the “Bypassing WAFs” section.

And then going back and filling in your knowledge gaps with the remaining sections.

Downloads and resources

Before you get started, I’d also highly encourage you to download all of the included resources. It’s really quick and easy: go to the main course page, scroll down to just above the course syllabus where you will see a Course tab and a Materials tab. Click on the Materials tab and you will see all of the available downloads. These will be helpful as you go through the course, but also as you use sqlmap in your professional engagements.

Chat with other students and members of the community

Finally, I’d encourage you to join our Discord server by going to where you will be able to interact directly with me and with students of this course and our other courses. This is a great place to ask questions and contribute, and so are our forums which you can find by going to


That’s it for this About the Course video, I hope you are as excited to get started as I am, so let’s go ahead and complete this lesson, and I’ll see you in the next.


Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.