The sqlmap is one of the best known tools open source for penetration testing which automates the procedures for locating and executing SQL Injections. It is based on python and one can find it in Kali Linux or download it from github.
The corresponding tool is also available for mobile phones Android by name sqlmapchik. Easy to use graphic environment and with a variety of options without the use of a console. Its basic efficiency is the same as the computer version, but as an application it shows some instabilities in some devices, which over time are estimated to be overcome. Also, some features available in regular sqlmap are missing:
- sqlmap API
- profiling
- log colorizing
- beeping
- Definition of a user-defined injection process
- Upgrade
- Interfacing with the metasploit framework
It is understood that de facto some of these functions are difficult to integrate for the time being.
How to execute sqlmapchik and interface with the user while performing the results gives the same sense of usability as sqlmap.
An important condition about the ability to execute it sqlmapchik is installation of the platform BusyBox and by extension to have been done root device.
We thank her warmly SecTeam @SAMSONIC