sqlmap-websockets-threads is another tool that proxies sqlmap requests to a WebSocket server, with support for multiple threads. This can be useful for improving the performance of the SQL injection attack. Here is how to use it:
- Install the dependencies:
pip install websocket-client rich
# GLOBAL VENV
pipx install websocket-client rich
- Run the proxy:
python proxy.py -u ws://target:port -p '{"id": "%param%"}' --json -o 9090 -t 10
- Run sqlmap:
sqlmap -u "http://localhost:9090/?param1=1" --batch --level 5 --risk 3 --thread 10 --dbs