Uses mitmproxy to intercept all HTTP traffic and automatically forwards HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS
SQLinator only supports Python >= 3.6
It's recommended to install SQLinator with pipenv: pipenv install && pipenv shell
-
Start the SQLMap API server:
python sqlmapapi.py -s -
Run this script:
mitmdump -s "sqlinator.py <target domain>" -
Start clicking through the target website
-
Profit