Detailed Features1. Comprehensive Dork List 2025
- Updated for 2025 with the latest Google dorks tailored to find modern web applications with SQLi flaws.
- Covers a variety of platforms and CMS (Content Management Systems) such as WordPress, Joomla, Drupal, and custom applications.
- Includes dorks targeting parameters like ,Code:
id=
,Code:cat=
,Code:page=
, etc., known to be common SQL injection vectors.Code:product=
- Automatically sends Google search queries based on the dork list.
- Retrieves URLs matching the SQLi dorks.
- Supports pagination and can crawl through multiple pages of Google results to maximize coverage.
- Automatically tests retrieved URLs for common SQLi payloads.
- Supports both error-based and union-based injection techniques.
- Optionally integrates with blind SQLi testing methods.
- Utilizes multi-threading for fast scanning of multiple URLs concurrently.
- Efficiently handles large dork lists without significant delays.
- Supports proxy integration to avoid IP bans and reduce detection.
- Optionally can rotate proxies or VPNs for anonymity during scanning.
- Filters results based on vulnerability severity.
- Exports findings in formats like CSV, JSON, or HTML reports for easy analysis.
- Allows users to customize SQL injection payloads to tailor testing.
- Can test specific databases like MySQL, PostgreSQL, or MSSQL.
- GUI interface for beginners.
- Command-line interface (CLI) for advanced users and automation scripts.
- Maintains logs of scanning sessions.
- Ability to pause and resume scans without losing progress.