Provided by: sqlmap_1.9.9-1_all 
NAME
sqlmap - automatic SQL injection tool
SYNOPSIS
python3 sqlmap [options]
DESCRIPTION
___
__H__
___ ___[']_____ ___ ___
{1.7.10#stable}
|_ -| . [,] | .'| . | |___|_ [)]_|_|_|__,| _|
|_|V...
|_| https://sqlmap.org
OPTIONS
-h, --help
Show basic help message and exit
-hh Show advanced help message and exit
--version
Show program's version number and exit
-v VERBOSE
Verbosity level: 0-6 (default 1)
Target:
At least one of these options has to be provided to define the target(s)
-u URL, --url=URL
Target URL (e.g. "http://www.site.com/vuln.php?id=1")
-g GOOGLEDORK
Process Google dork results as target URLs
Request:
These options can be used to specify how to connect to the target URL
--data=DATA
Data string to be sent through POST (e.g. "id=1")
--cookie=COOKIE
HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..")
--random-agent
Use randomly selected HTTP User-Agent header value
--proxy=PROXY
Use a proxy to connect to the target URL
--tor Use Tor anonymity network
--check-tor
Check to see if Tor is used properly
Injection:
These options can be used to specify which parameters to test for, provide custom injection
payloads and optional tampering scripts
-p TESTPARAMETER
Testable parameter(s)
--dbms=DBMS
Force back-end DBMS to provided value
Detection:
These options can be used to customize the detection phase
--level=LEVEL
Level of tests to perform (1-5, default 1)
--risk=RISK
Risk of tests to perform (1-3, default 1)
Techniques:
These options can be used to tweak testing of specific SQL injection techniques
--technique=TECH..
SQL injection techniques to use (default "BEUSTQ")
Enumeration:
These options can be used to enumerate the back-end database management system information,
structure and data contained in the tables
-a, --all
Retrieve everything
-b, --banner
Retrieve DBMS banner
--current-user
Retrieve DBMS current user
--current-db
Retrieve DBMS current database
--passwords
Enumerate DBMS users password hashes
--dbs Enumerate DBMS databases
--tables
Enumerate DBMS database tables
--columns
Enumerate DBMS database table columns
--schema
Enumerate DBMS schema
--dump Dump DBMS database table entries
--dump-all
Dump all DBMS databases tables entries
-D DB DBMS database to enumerate
-T TBL DBMS database table(s) to enumerate
-C COL DBMS database table column(s) to enumerate
Operating system access:
These options can be used to access the back-end database management system underlying operating
system
--os-shell
Prompt for an interactive operating system shell
--os-pwn
Prompt for an OOB shell, Meterpreter or VNC
General:
These options can be used to set some general working parameters
--batch
Never ask for user input, use the default behavior
--flush-session
Flush session files for current target
Miscellaneous:
These options do not fit into any other category
--wizard
Simple wizard interface for beginner users
sqlmap v1.7.10 October 2023 SQLMAP(1)