SQLMutant is a comprehensive offensive security tool against SQL injections. The tool uses a variety of techniques to detect vulnerabilities, including pattern matching, error analysis and timing attacks, ensuring that no stone is left unturned. In addition to its powerful features, SQLMutant also integrates with Waybackurls and Arjun, allowing you to find even more parameters and merge all results. This integration is very beneficial as it provides automated subdomain enumeration and SQL injection testing capabilities.
SQLMutant will look for automated subdomain enumeration and SQL injection testing, using several tools, including waybackurls, httpx, Arjun and sqlmap. It first checks if the user is connected to the Internet. It then prompts the user to enter a domain to scan and creates a directory for the output files. It fetches the URLs from Wayback Machine and filters them using HTTPX, and informs the user of the number of URLs found. It then searches for more parameters using Arjun with 20 threads and extracts the URLs with parameters from Arjun's output. The script merges the URLs found by Arjun with those ready for SQL injection and informs the user about the new number of URLs ready for SQL injection testing. Finally, it tests SQL injection on the new list of URLs using SQLMAP with an aggressively tuned approach.