The sub-techniques beta is now live! Read the release blog post for more info.


sqlmap is an open source penetration testing tool that can be used to automate the process of detecting and exploiting SQL injection flaws. [1]

ID: S0225
Type: TOOL
Platforms: Linux, Windows, macOS
Version: 1.0
Created: 18 April 2018
Last Modified: 17 October 2018

Techniques Used

Domain ID Name Use
Enterprise T1190 Exploit Public-Facing Application

sqlmap can be used to automate exploitation of SQL injection vulnerabilities.[1]

Groups That Use This Software

ID Name References
G0059 Magic Hound [2]