Trawling for Bugs – Using Google Dorks and Python for SQLi Discovery

 

Using sqlmap requires a URL to target—one that will contain testable parameters. This next technique can be used to target specific applications and form inputs—like sqlmap does—or to simply return a list of sites susceptible to SQLi vulnerabilities.