0X6C7879/sqlmap-sqli
skills/sqlmap-sqli/SKILL.md
Scoped SQL injection verification with the bundled sqlmap source tree. Use when the operator explicitly asks for sqlmap, SQL injection testing, raw HTTP request replay, form or anti-CSRF-aware injectable parameter verification, or conservative database fingerprinting and schema enumeration on authorized HTTP or HTTPS targets.
$ install --global
skillsauthnpx skillsauth add 0X6C7879/aegissec sqlmap-sqliInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 22, 2026, 5:58 AM105.2s5 files scanned
SKILL.md
- name:
- sqlmap-sqli
- description:
- Scoped SQL injection verification with the bundled sqlmap source tree. Use when the operator explicitly asks for sqlmap, SQL injection testing, raw HTTP request replay, form or anti-CSRF-aware injectable parameter verification, or conservative database fingerprinting and schema enumeration on authorized HTTP or HTTPS targets.
- activation:
- auto
Sqlmap SQLi
Use this skill for conservative SQL injection verification on authorized targets.
Workflow
- Call
list_skill_scripts(skill_name="sqlmap-sqli")if you need to confirm the packaged script names. - Run
scripts/sqlmap_status.pyfirst to confirm the vendored source tree is available. - Choose one scan workflow:
- URL-first: use
--targetfor a single explicit in-scope URL. - Raw replay: use
--request-filefor a captured HTTP request with cookies, custom headers, JSON bodies, or awkward paths. - Discovery assist: use
--targetwith--formsor low--crawl-depthonly when there is no clear request to replay.
- URL-first: use
- Read
references/official-usage.mdwhen the target needs raw request replay, anti-CSRF handling, response comparison tuning, or crawl guidance. - Start conservatively:
- Keep
level=1andrisk=1unless the operator clearly needs broader coverage. - Prefer detection and fingerprinting before schema enumeration.
- Prefer
--test-parameter,--skip-static,--param-filter, or--param-excludebefore raising coverage. - Use
--string,--not-string,--regexp,--code,--text-only, or--titleswhen the page is noisy and false positives are possible. - Use
--csrf-tokenand--csrf-urlwhen tokens rotate between requests. - If the target is flaky or sqlmap reports SSL connection failures mid-run, first try
threads=1, then add--unstable.
- Keep
- Review the saved artifacts under
artifacts/.../sqlmap/and summarize only evidence-backed results.
Notes
- The bundled
scripts/directory is for deterministic helper logic. Uselist_skill_scriptsto inspect it. run_skill_script(skill_name="sqlmap-sqli", script_name="sqlmap_scan.py", args_json='["--target","https://app.example.internal/item.php?id=1","--banner","--current-db"]')is the preferred scan entrypoint.- For raw request replay, prefer
run_skill_script(skill_name="sqlmap-sqli", script_name="sqlmap_scan.py", args_json='["--request-file","C:\\\\captures\\\\item-request.txt","--force-ssl","--test-parameter","id"]'). sqlmap_scan.pyenforces scope, saves a structured sidecar JSON, stores stdout and stderr transcripts, and records asqlmap-log.jsonlaudit trail.- If sqlmap prints
[CRITICAL]lines such ascan't establish SSL connection, the wrapper now marks the run as failed even when sqlmap exits with code0. - Prefer this packaged scripted workflow over ad-hoc sandbox exploit code when the task is SQL injection verification, parameter testing, or conservative enumeration.
- The wrapper intentionally exposes detection and limited enumeration only. It does not automate dumping table contents, operating-system takeover, file-system access, or tamper-script chaining.
Related Skills
0X6C7879/wooyun-legacy
development
VerifiedTrustedCommunity
WooYun-derived business-logic testing methodology for web apps and APIs. Use when the request involves 支付、退款、订单、越权、认证、授权、价格篡改或业务流程绕过 review, especially black-box probing for price tampering, account takeover, and process bypass flaws.
2SKILL.mdUpdated Apr 28, 2026
0X6C7879/windows-privilege-escalation
tools
VerifiedTrustedCommunity
Escalate privileges on Windows systems using service misconfigurations, DLL hijacking, token manipulation, UAC bypasses, registry exploits, and credential dumping. Use when performing Windows post-exploitation or privilege escalation.
2SKILL.mdUpdated Apr 28, 2026
0X6C7879/tunnel
development
VerifiedTrustedCommunity
Use when performing AD pentest tunneling and pivoting, especially with Ligolo-ng, Chisel, frp, proxychains, SSH forwarding, SOCKS relays, reverse tunnels, or when internal reachability is the main blocker.
2SKILL.mdUpdated Apr 28, 2026
0X6C7879/threat-modeling
development
VerifiedTrustedCommunity
Threat model, security audit, find vulnerabilities, check security of my app, risk assessment, penetration test prep, analyze attack surface, what could an attacker exploit. Use this skill whenever a user wants holistic security analysis of a codebase, application, or project. MUST be invoked instead of analyzing security yourself — it runs a specialized 8-phase STRIDE workflow producing professional deliverables you cannot generate alone: risk assessment reports, DFD diagrams, threat inventories, attack path validation, mitigation plans, and pentest plans. Trigger on: 威胁建模, 安全评估, 渗透测试, 安全分析, 安全审计, 安全检查, 风险评估. NOT for: fixing one specific bug, adding one security feature (rate limiting, CORS), writing tests, CI/CD setup, or debugging errors.
2SKILL.mdUpdated Apr 22, 2026