Results for "cookie-parser"

Claude Code Claude Desktop GitHub Copilot Cursor Windsurf Cline Zed JetBrains

📄SKILL.md 🤖CLAUDE.md ⚡Claude Commands 📐.cursorrules 📐Cursor Rules 🕹️AGENTS.md 🧬codex.md 🏄.windsurfrules 🔧.clinerules 🧑‍✈️Copilot Instructions

All Development Operations Data Product Marketing Customer Design Sales

132 skills found · Page 2 of 5

innovatorved / AuthenticationSystem

A Simple API based Authentication System Implemented in nodejs and a Express template for creating Backend RestAPI

universal

authauthenticationauthorization+8

Updated 4mo ago

dvygolov / YWB.AntidetectAccountParser

This program automatically parses a file with Facebook accounts (or zip/rar-files with 1 FB account for each file), creates profiles in your Antidetect browser, imports cookies and saves all account's info into profile's note.

universal

accountsadspowerdolphin+4

Updated 1mo ago

ryonlife / Py Google Analytics Cookie

A simple Python class for parsing useful visitor and referral data from a Google Analytics cookie.

universal

Updated 5y ago

MhsnBakhshi / Shop Apis

shop apies using nodejs & express.js & mongoDB

universal

backendbcryptcookie-parser+14

Updated 1mo ago

mdegrazia / Google Analytic Cookie Cruncher

Parse IE, FireFox, Chrome and Safari Cookies for Google Analytic values

universal

Updated 1y ago

mengzhuo / Cookiestxt

cookiestxt implement parser of cookies txt format

universal

Updated 2mo ago

Lessica / CookiesTool

Convert cookies between BinaryCookies (Apple), EditThisCookie (JSON), Perl::LWP and Netscape HTTP Cookie File (Mozilla, curl).

universal

cookiecookie-parsercookiejar+6

Updated 1mo ago

michealbalogun / Horizon Dashboard

Copyright 2012 United States Government as represented by the # Administrator of the National Aeronautics and Space Administration. # All Rights Reserved. # # Copyright 2012 Nebula, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. import glob import logging import os import sys import warnings from django.utils.translation import pgettext_lazy from django.utils.translation import ugettext_lazy as _ from horizon.utils.escape import monkeypatch_escape from openstack_dashboard import enabled from openstack_dashboard import exceptions from openstack_dashboard.local import enabled as local_enabled from openstack_dashboard import theme_settings from openstack_dashboard.utils import config from openstack_dashboard.utils import settings as settings_utils monkeypatch_escape() _LOG = logging.getLogger(__name__) warnings.formatwarning = lambda message, category, *args, **kwargs: \ '%s: %s' % (category.__name__, message) ROOT_PATH = os.path.dirname(os.path.abspath(__file__)) if ROOT_PATH not in sys.path: sys.path.append(ROOT_PATH) DEBUG = False SITE_BRANDING = 'OpenStack Dashboard' WEBROOT = '/' LOGIN_URL = None LOGOUT_URL = None LOGIN_ERROR = None LOGIN_REDIRECT_URL = None MEDIA_ROOT = None MEDIA_URL = None STATIC_ROOT = None STATIC_URL = None SELECTABLE_THEMES = None INTEGRATION_TESTS_SUPPORT = False NG_TEMPLATE_CACHE_AGE = 2592000 ROOT_URLCONF = 'openstack_dashboard.urls' HORIZON_CONFIG = { 'user_home': 'openstack_dashboard.views.get_user_home', 'ajax_queue_limit': 10, 'auto_fade_alerts': { 'delay': 3000, 'fade_duration': 1500, 'types': ['alert-success', 'alert-info'] }, 'bug_url': None, 'help_url': "https://docs.openstack.org/", 'exceptions': {'recoverable': exceptions.RECOVERABLE, 'not_found': exceptions.NOT_FOUND, 'unauthorized': exceptions.UNAUTHORIZED}, 'modal_backdrop': 'static', 'angular_modules': [], 'js_files': [], 'js_spec_files': [], 'external_templates': [], 'plugins': [], 'integration_tests_support': INTEGRATION_TESTS_SUPPORT } # The OPENSTACK_IMAGE_BACKEND settings can be used to customize features # in the OpenStack Dashboard related to the Image service, such as the list # of supported image formats. OPENSTACK_IMAGE_BACKEND = { 'image_formats': [ ('', _('Select format')), ('aki', _('AKI - Amazon Kernel Image')), ('ami', _('AMI - Amazon Machine Image')), ('ari', _('ARI - Amazon Ramdisk Image')), ('docker', _('Docker')), ('iso', _('ISO - Optical Disk Image')), ('ova', _('OVA - Open Virtual Appliance')), ('ploop', _('PLOOP - Virtuozzo/Parallels Loopback Disk')), ('qcow2', _('QCOW2 - QEMU Emulator')), ('raw', _('Raw')), ('vdi', _('VDI - Virtual Disk Image')), ('vhd', _('VHD - Virtual Hard Disk')), ('vhdx', _('VHDX - Large Virtual Hard Disk')), ('vmdk', _('VMDK - Virtual Machine Disk')), ] } MIDDLEWARE = ( 'openstack_auth.middleware.OpenstackAuthMonkeyPatchMiddleware', 'debreach.middleware.RandomCommentMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'horizon.middleware.OperationLogMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'horizon.middleware.HorizonMiddleware', 'horizon.themes.ThemeMiddleware', 'django.middleware.locale.LocaleMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', 'openstack_dashboard.contrib.developer.profiler.middleware.' 'ProfilerClientMiddleware', 'openstack_dashboard.contrib.developer.profiler.middleware.' 'ProfilerMiddleware', ) CACHED_TEMPLATE_LOADERS = [ 'django.template.loaders.filesystem.Loader', 'django.template.loaders.app_directories.Loader', 'horizon.loaders.TemplateLoader' ] ADD_TEMPLATE_LOADERS = [] ADD_TEMPLATE_DIRS = [] TEMPLATES = [ { 'BACKEND': 'django.template.backends.django.DjangoTemplates', 'DIRS': [os.path.join(ROOT_PATH, 'templates')], 'OPTIONS': { 'context_processors': [ 'django.template.context_processors.debug', 'django.template.context_processors.i18n', 'django.template.context_processors.request', 'django.template.context_processors.media', 'django.template.context_processors.static', 'django.contrib.messages.context_processors.messages', 'horizon.context_processors.horizon', 'openstack_dashboard.context_processors.openstack', ], 'loaders': [ 'horizon.themes.ThemeTemplateLoader' ], }, }, ] STATICFILES_FINDERS = ( 'django.contrib.staticfiles.finders.FileSystemFinder', 'horizon.contrib.staticfiles.finders.HorizonStaticFinder', 'compressor.finders.CompressorFinder', ) COMPRESS_PRECOMPILERS = ( ('text/scss', 'horizon.utils.scss_filter.HorizonScssFilter'), ) COMPRESS_CSS_FILTERS = ( 'compressor.filters.css_default.CssAbsoluteFilter', ) COMPRESS_ENABLED = True COMPRESS_OUTPUT_DIR = 'dashboard' COMPRESS_CSS_HASHING_METHOD = 'hash' COMPRESS_PARSER = 'compressor.parser.HtmlParser' INSTALLED_APPS = [ 'openstack_dashboard', 'django.contrib.contenttypes', 'django.contrib.auth', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'django.contrib.humanize', 'django_pyscss', 'debreach', 'openstack_dashboard.django_pyscss_fix', 'compressor', 'horizon', 'openstack_auth', ] AUTHENTICATION_BACKENDS = ('openstack_auth.backend.KeystoneBackend',) AUTHENTICATION_URLS = ['openstack_auth.urls'] AUTH_USER_MODEL = 'openstack_auth.User' MESSAGE_STORAGE = 'django.contrib.messages.storage.fallback.FallbackStorage' SESSION_ENGINE = 'django.contrib.sessions.backends.cache' CACHES = { 'default': { 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', 'LOCATION': '127.0.0.1:11211', }, } SESSION_COOKIE_HTTPONLY = True SESSION_EXPIRE_AT_BROWSER_CLOSE = True SESSION_COOKIE_SECURE = False # Control whether the SESSION_TIMEOUT period is refreshed due to activity. If # False, SESSION_TIMEOUT acts as a hard limit. SESSION_REFRESH = True # This SESSION_TIMEOUT is a method to supercede the token timeout with a # shorter horizon session timeout (in seconds). If SESSION_REFRESH is True (the # default) SESSION_TIMEOUT acts like an idle timeout rather than being a hard # limit, but will never exceed the token expiry. If your token expires in 60 # minutes, a value of 1800 will log users out after 30 minutes of inactivity, # or 60 minutes with activity. Setting SESSION_REFRESH to False will make # SESSION_TIMEOUT act like a hard limit on session times. SESSION_TIMEOUT = 3600 # When using cookie-based sessions, log error when the session cookie exceeds # the following size (common browsers drop cookies above a certain size): SESSION_COOKIE_MAX_SIZE = 4093 # when doing upgrades, it may be wise to stick to PickleSerializer # NOTE(berendt): Check during the K-cycle if this variable can be removed. # https://bugs.launchpad.net/horizon/+bug/1349463 SESSION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer' # MEMOIZED_MAX_SIZE_DEFAULT allows setting a global default to help control # memory usage when caching. It should at least be 2 x the number of threads # with a little bit of extra buffer. MEMOIZED_MAX_SIZE_DEFAULT = 25 CSRF_FAILURE_VIEW = 'openstack_dashboard.views.csrf_failure' LANGUAGES = ( ('cs', 'Czech'), ('de', 'German'), ('en', 'English'), ('en-au', 'Australian English'), ('en-gb', 'British English'), ('eo', 'Esperanto'), ('es', 'Spanish'), ('fr', 'French'), ('id', 'Indonesian'), ('it', 'Italian'), ('ja', 'Japanese'), ('ko', 'Korean (Korea)'), ('pl', 'Polish'), ('pt-br', 'Portuguese (Brazil)'), ('ru', 'Russian'), ('tr', 'Turkish'), ('zh-cn', 'Simplified Chinese'), ('zh-tw', 'Chinese (Taiwan)'), ) LANGUAGE_CODE = 'en' LANGUAGE_COOKIE_NAME = 'horizon_language' USE_I18N = True USE_L10N = True USE_TZ = True # Set OPENSTACK_CLOUDS_YAML_NAME to provide a nicer name for this cloud for # the clouds.yaml file than "openstack". OPENSTACK_CLOUDS_YAML_NAME = 'openstack' # If this cloud has a vendor profile in os-client-config, put it's name here. OPENSTACK_CLOUDS_YAML_PROFILE = '' OPENSTACK_KEYSTONE_DEFAULT_ROLE = '_member_' DEFAULT_EXCEPTION_REPORTER_FILTER = 'horizon.exceptions.HorizonReporterFilter' POLICY_FILES_PATH = os.path.join(ROOT_PATH, "conf") # Map of local copy of service policy files POLICY_FILES = { 'identity': 'keystone_policy.json', 'compute': 'nova_policy.json', 'volume': 'cinder_policy.json', 'image': 'glance_policy.json', 'network': 'neutron_policy.json', } # Services for which horizon has extra policies are defined # in POLICY_DIRS by default. POLICY_DIRS = { 'compute': ['nova_policy.d'], 'volume': ['cinder_policy.d'], } SECRET_KEY = None LOCAL_PATH = None SECURITY_GROUP_RULES = { 'all_tcp': { 'name': _('All TCP'), 'ip_protocol': 'tcp', 'from_port': '1', 'to_port': '65535', }, 'all_udp': { 'name': _('All UDP'), 'ip_protocol': 'udp', 'from_port': '1', 'to_port': '65535', }, 'all_icmp': { 'name': _('All ICMP'), 'ip_protocol': 'icmp', 'from_port': '-1', 'to_port': '-1', }, } ADD_INSTALLED_APPS = [] # NOTE: The default value of USER_MENU_LINKS will be set after loading # local_settings if it is not configured. USER_MENU_LINKS = None # 'key', 'label', 'path' AVAILABLE_THEMES = [ ( 'default', pgettext_lazy('Default style theme', 'Default'), 'themes/default' ), ( 'material', pgettext_lazy("Google's Material Design style theme", "Material"), 'themes/material' ), ] # The default theme if no cookie is present DEFAULT_THEME = 'default' # Theme Static Directory THEME_COLLECTION_DIR = 'themes' # Theme Cookie Name THEME_COOKIE_NAME = 'theme' POLICY_CHECK_FUNCTION = 'openstack_auth.policy.check' CSRF_COOKIE_AGE = None COMPRESS_OFFLINE_CONTEXT = 'horizon.themes.offline_context' SHOW_KEYSTONE_V2_RC = False SHOW_OPENRC_FILE = True SHOW_OPENSTACK_CLOUDS_YAML = True # Dictionary of currently available angular features ANGULAR_FEATURES = { 'images_panel': True, 'key_pairs_panel': True, 'flavors_panel': False, 'domains_panel': False, 'users_panel': False, 'groups_panel': False, 'roles_panel': True } # Notice all customizable configurations should be above this line XSTATIC_MODULES = settings_utils.BASE_XSTATIC_MODULES OPENSTACK_PROFILER = { 'enabled': False } if not LOCAL_PATH: LOCAL_PATH = os.path.join(ROOT_PATH, 'local') LOCAL_SETTINGS_DIR_PATH = os.path.join(LOCAL_PATH, "local_settings.d") _files = glob.glob(os.path.join(LOCAL_PATH, 'local_settings.conf')) _files.extend( sorted(glob.glob(os.path.join(LOCAL_SETTINGS_DIR_PATH, '*.conf')))) _config = config.load_config(_files, ROOT_PATH, LOCAL_PATH) # Apply the general configuration. config.apply_config(_config, globals()) try: from local.local_settings import * # noqa: F403,H303 except ImportError: _LOG.warning("No local_settings file found.") # configure templates if not TEMPLATES[0]['DIRS']: TEMPLATES[0]['DIRS'] = [os.path.join(ROOT_PATH, 'templates')] TEMPLATES[0]['DIRS'] += ADD_TEMPLATE_DIRS # configure template debugging TEMPLATES[0]['OPTIONS']['debug'] = DEBUG # Template loaders if DEBUG: TEMPLATES[0]['OPTIONS']['loaders'].extend( CACHED_TEMPLATE_LOADERS + ADD_TEMPLATE_LOADERS ) else: TEMPLATES[0]['OPTIONS']['loaders'].extend( [('django.template.loaders.cached.Loader', CACHED_TEMPLATE_LOADERS)] + ADD_TEMPLATE_LOADERS ) # allow to drop settings snippets into a local_settings_dir LOCAL_SETTINGS_DIR_PATH = os.path.join(ROOT_PATH, "local", "local_settings.d") if os.path.exists(LOCAL_SETTINGS_DIR_PATH): for (dirpath, dirnames, filenames) in os.walk(LOCAL_SETTINGS_DIR_PATH): for filename in sorted(filenames): if filename.endswith(".py"): try: with open(os.path.join(dirpath, filename)) as f: # pylint: disable=exec-used exec(f.read()) except Exception as e: _LOG.exception( "Can not exec settings snippet %s", filename) # The purpose of OPENSTACK_IMAGE_FORMATS is to provide a simple object # that does not contain the lazy-loaded translations, so the list can # be sent as JSON to the client-side (Angular). OPENSTACK_IMAGE_FORMATS = [fmt for (fmt, name) in OPENSTACK_IMAGE_BACKEND['image_formats']] if USER_MENU_LINKS is None: USER_MENU_LINKS = [] if SHOW_KEYSTONE_V2_RC: USER_MENU_LINKS.append({ 'name': _('OpenStack RC File v2'), 'icon_classes': ['fa-download', ], 'url': 'horizon:project:api_access:openrcv2', }) if SHOW_OPENRC_FILE: USER_MENU_LINKS.append({ 'name': (_('OpenStack RC File v3') if SHOW_KEYSTONE_V2_RC else _('OpenStack RC File')), 'icon_classes': ['fa-download', ], 'url': 'horizon:project:api_access:openrc', }) if not WEBROOT.endswith('/'): WEBROOT += '/' if LOGIN_URL is None: LOGIN_URL = WEBROOT + 'auth/login/' if LOGOUT_URL is None: LOGOUT_URL = WEBROOT + 'auth/logout/' if LOGIN_ERROR is None: LOGIN_ERROR = WEBROOT + 'auth/error/' if LOGIN_REDIRECT_URL is None: LOGIN_REDIRECT_URL = WEBROOT if MEDIA_ROOT is None: MEDIA_ROOT = os.path.abspath(os.path.join(ROOT_PATH, '..', 'media')) if MEDIA_URL is None: MEDIA_URL = WEBROOT + 'media/' if STATIC_ROOT is None: STATIC_ROOT = os.path.abspath(os.path.join(ROOT_PATH, '..', 'static')) if STATIC_URL is None: STATIC_URL = WEBROOT + 'static/' AVAILABLE_THEMES, SELECTABLE_THEMES, DEFAULT_THEME = ( theme_settings.get_available_themes( AVAILABLE_THEMES, DEFAULT_THEME, SELECTABLE_THEMES ) ) # Discover all the directories that contain static files STATICFILES_DIRS = theme_settings.get_theme_static_dirs( AVAILABLE_THEMES, THEME_COLLECTION_DIR, ROOT_PATH) # Ensure that we always have a SECRET_KEY set, even when no local_settings.py # file is present. See local_settings.py.example for full documentation on the # horizon.utils.secret_key module and its use. if not SECRET_KEY: if not LOCAL_PATH: LOCAL_PATH = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'local') # pylint: disable=ungrouped-imports from horizon.utils import secret_key SECRET_KEY = secret_key.generate_or_read_from_file(os.path.join(LOCAL_PATH, '.secret_key_store')) # populate HORIZON_CONFIG with auto-discovered JavaScript sources, mock files, # specs files and external templates. settings_utils.find_static_files(HORIZON_CONFIG, AVAILABLE_THEMES, THEME_COLLECTION_DIR, ROOT_PATH) INSTALLED_APPS = list(INSTALLED_APPS) # Make sure it's mutable settings_utils.update_dashboards( [ enabled, local_enabled, ], HORIZON_CONFIG, INSTALLED_APPS, ) INSTALLED_APPS[0:0] = ADD_INSTALLED_APPS NG_TEMPLATE_CACHE_AGE = NG_TEMPLATE_CACHE_AGE if not DEBUG else 0 # Include xstatic_modules specified in plugin XSTATIC_MODULES += HORIZON_CONFIG['xstatic_modules'] # Discover all the xstatic module entry points to embed in our HTML STATICFILES_DIRS += settings_utils.get_xstatic_dirs( XSTATIC_MODULES, HORIZON_CONFIG) # This base context objects gets added to the offline context generator # for each theme configured. HORIZON_COMPRESS_OFFLINE_CONTEXT_BASE = { 'WEBROOT': WEBROOT, 'STATIC_URL': STATIC_URL, 'HORIZON_CONFIG': HORIZON_CONFIG, 'NG_TEMPLATE_CACHE_AGE': NG_TEMPLATE_CACHE_AGE, } if DEBUG: logging.basicConfig(level=logging.DEBUG) # Here comes the Django settings deprecation section. Being at the very end # of settings.py allows it to catch the settings defined in local_settings.py # or inside one of local_settings.d/ snippets.

Guzzle3 / Parser

[Guzzle 3] [READ-ONLY] Subtree split of the Guzzle\Parser component. Provides parsing interfaces for Cookies, HTTP messages, and URI Templates

universal

Updated 3y ago

snoyberg / Cookie

HTTP cookie parsing and rendering

universal

Updated 5mo ago

nathschmidt / Restify Cookies

Adds cookie parsing support to restify

universal

Updated 4y ago

varunpal / Koa Cookie

Cookie parser middleware for koa

universal

Updated 1y ago

themodernmonk7 / E Commerce API

This is a REST API built using Node.js and Express.js for eCommerce

universal

backend-apibackend-for-frontendbcrypt+14

Updated 2mo ago

the-gitter / Inventory Management System MERN Stack

An Inventory Management System built with Vite, React.js for the frontend, and Node.js, Express, and MongoDB for the backend. MERN PROJECT

universal

axioscookie-parserexpress+8

Updated 2mo ago

lyadd / Parser Cookie

Flemme d'expliquer lisez le code et vous comprendriez.

universal

Updated 11mo ago

HlaingPhyoAung / Sqlmap

Usage: python sqlmap.py [options] Options: -h, --help Show basic help message and exit -hh Show advanced help message and exit --version Show program's version number and exit -v VERBOSE Verbosity level: 0-6 (default 1) Target: At least one of these options has to be provided to define the target(s) -d DIRECT Connection string for direct database connection -u URL, --url=URL Target URL (e.g. "http://www.site.com/vuln.php?id=1") -l LOGFILE Parse target(s) from Burp or WebScarab proxy log file -x SITEMAPURL Parse target(s) from remote sitemap(.xml) file -m BULKFILE Scan multiple targets given in a textual file -r REQUESTFILE Load HTTP request from a file -g GOOGLEDORK Process Google dork results as target URLs -c CONFIGFILE Load options from a configuration INI file Request: These options can be used to specify how to connect to the target URL --method=METHOD Force usage of given HTTP method (e.g. PUT) --data=DATA Data string to be sent through POST --param-del=PARA.. Character used for splitting parameter values --cookie=COOKIE HTTP Cookie header value --cookie-del=COO.. Character used for splitting cookie values --load-cookies=L.. File containing cookies in Netscape/wget format --drop-set-cookie Ignore Set-Cookie header from response --user-agent=AGENT HTTP User-Agent header value --random-agent Use randomly selected HTTP User-Agent header value --host=HOST HTTP Host header value --referer=REFERER HTTP Referer header value -H HEADER, --hea.. Extra header (e.g. "X-Forwarded-For: 127.0.0.1") --headers=HEADERS Extra headers (e.g. "Accept-Language: fr\nETag: 123") --auth-type=AUTH.. HTTP authentication type (Basic, Digest, NTLM or PKI) --auth-cred=AUTH.. HTTP authentication credentials (name:password) --auth-file=AUTH.. HTTP authentication PEM cert/private key file --ignore-401 Ignore HTTP Error 401 (Unauthorized) --proxy=PROXY Use a proxy to connect to the target URL --proxy-cred=PRO.. Proxy authentication credentials (name:password) --proxy-file=PRO.. Load proxy list from a file --ignore-proxy Ignore system default proxy settings --tor Use Tor anonymity network --tor-port=TORPORT Set Tor proxy port other than default --tor-type=TORTYPE Set Tor proxy type (HTTP (default), SOCKS4 or SOCKS5) --check-tor Check to see if Tor is used properly --delay=DELAY Delay in seconds between each HTTP request --timeout=TIMEOUT Seconds to wait before timeout connection (default 30) --retries=RETRIES Retries when the connection timeouts (default 3) --randomize=RPARAM Randomly change value for given parameter(s) --safe-url=SAFEURL URL address to visit frequently during testing --safe-post=SAFE.. POST data to send to a safe URL --safe-req=SAFER.. Load safe HTTP request from a file --safe-freq=SAFE.. Test requests between two visits to a given safe URL --skip-urlencode Skip URL encoding of payload data --csrf-token=CSR.. Parameter used to hold anti-CSRF token --csrf-url=CSRFURL URL address to visit to extract anti-CSRF token --force-ssl Force usage of SSL/HTTPS --hpp Use HTTP parameter pollution method --eval=EVALCODE Evaluate provided Python code before the request (e.g. "import hashlib;id2=hashlib.md5(id).hexdigest()") Optimization: These options can be used to optimize the performance of sqlmap -o Turn on all optimization switches --predict-output Predict common queries output --keep-alive Use persistent HTTP(s) connections --null-connection Retrieve page length without actual HTTP response body --threads=THREADS Max number of concurrent HTTP(s) requests (default 1) Injection: These options can be used to specify which parameters to test for, provide custom injection payloads and optional tampering scripts -p TESTPARAMETER Testable parameter(s) --skip=SKIP Skip testing for given parameter(s) --skip-static Skip testing parameters that not appear dynamic --dbms=DBMS Force back-end DBMS to this value --dbms-cred=DBMS.. DBMS authentication credentials (user:password) --os=OS Force back-end DBMS operating system to this value --invalid-bignum Use big numbers for invalidating values --invalid-logical Use logical operations for invalidating values --invalid-string Use random strings for invalidating values --no-cast Turn off payload casting mechanism --no-escape Turn off string escaping mechanism --prefix=PREFIX Injection payload prefix string --suffix=SUFFIX Injection payload suffix string --tamper=TAMPER Use given script(s) for tampering injection data Detection: These options can be used to customize the detection phase --level=LEVEL Level of tests to perform (1-5, default 1) --risk=RISK Risk of tests to perform (1-3, default 1) --string=STRING String to match when query is evaluated to True --not-string=NOT.. String to match when query is evaluated to False --regexp=REGEXP Regexp to match when query is evaluated to True --code=CODE HTTP code to match when query is evaluated to True --text-only Compare pages based only on the textual content --titles Compare pages based only on their titles Techniques: These options can be used to tweak testing of specific SQL injection techniques --technique=TECH SQL injection techniques to use (default "BEUSTQ") --time-sec=TIMESEC Seconds to delay the DBMS response (default 5) --union-cols=UCOLS Range of columns to test for UNION query SQL injection --union-char=UCHAR Character to use for bruteforcing number of columns --union-from=UFROM Table to use in FROM part of UNION query SQL injection --dns-domain=DNS.. Domain name used for DNS exfiltration attack --second-order=S.. Resulting page URL searched for second-order response Fingerprint: -f, --fingerprint Perform an extensive DBMS version fingerprint Enumeration: These options can be used to enumerate the back-end database management system information, structure and data contained in the tables. Moreover you can run your own SQL statements -a, --all Retrieve everything -b, --banner Retrieve DBMS banner --current-user Retrieve DBMS current user --current-db Retrieve DBMS current database --hostname Retrieve DBMS server hostname --is-dba Detect if the DBMS current user is DBA --users Enumerate DBMS users --passwords Enumerate DBMS users password hashes --privileges Enumerate DBMS users privileges --roles Enumerate DBMS users roles --dbs Enumerate DBMS databases --tables Enumerate DBMS database tables --columns Enumerate DBMS database table columns --schema Enumerate DBMS schema --count Retrieve number of entries for table(s) --dump Dump DBMS database table entries --dump-all Dump all DBMS databases tables entries --search Search column(s), table(s) and/or database name(s) --comments Retrieve DBMS comments -D DB DBMS database to enumerate -T TBL DBMS database table(s) to enumerate -C COL DBMS database table column(s) to enumerate -X EXCLUDECOL DBMS database table column(s) to not enumerate -U USER DBMS user to enumerate --exclude-sysdbs Exclude DBMS system databases when enumerating tables --pivot-column=P.. Pivot column name --where=DUMPWHERE Use WHERE condition while table dumping --start=LIMITSTART First query output entry to retrieve --stop=LIMITSTOP Last query output entry to retrieve --first=FIRSTCHAR First query output word character to retrieve --last=LASTCHAR Last query output word character to retrieve --sql-query=QUERY SQL statement to be executed --sql-shell Prompt for an interactive SQL shell --sql-file=SQLFILE Execute SQL statements from given file(s) Brute force: These options can be used to run brute force checks --common-tables Check existence of common tables --common-columns Check existence of common columns User-defined function injection: These options can be used to create custom user-defined functions --udf-inject Inject custom user-defined functions --shared-lib=SHLIB Local path of the shared library File system access: These options can be used to access the back-end database management system underlying file system --file-read=RFILE Read a file from the back-end DBMS file system --file-write=WFILE Write a local file on the back-end DBMS file system --file-dest=DFILE Back-end DBMS absolute filepath to write to Operating system access: These options can be used to access the back-end database management system underlying operating system --os-cmd=OSCMD Execute an operating system command --os-shell Prompt for an interactive operating system shell --os-pwn Prompt for an OOB shell, Meterpreter or VNC --os-smbrelay One click prompt for an OOB shell, Meterpreter or VNC --os-bof Stored procedure buffer overflow exploitation --priv-esc Database process user privilege escalation --msf-path=MSFPATH Local path where Metasploit Framework is installed --tmp-path=TMPPATH Remote absolute path of temporary files directory Windows registry access: These options can be used to access the back-end database management system Windows registry --reg-read Read a Windows registry key value --reg-add Write a Windows registry key value data --reg-del Delete a Windows registry key value --reg-key=REGKEY Windows registry key --reg-value=REGVAL Windows registry key value --reg-data=REGDATA Windows registry key value data --reg-type=REGTYPE Windows registry key value type General: These options can be used to set some general working parameters -s SESSIONFILE Load session from a stored (.sqlite) file -t TRAFFICFILE Log all HTTP traffic into a textual file --batch Never ask for user input, use the default behaviour --binary-fields=.. Result fields having binary values (e.g. "digest") --charset=CHARSET Force character encoding used for data retrieval --crawl=CRAWLDEPTH Crawl the website starting from the target URL --crawl-exclude=.. Regexp to exclude pages from crawling (e.g. "logout") --csv-del=CSVDEL Delimiting character used in CSV output (default ",") --dump-format=DU.. Format of dumped data (CSV (default), HTML or SQLITE) --eta Display for each output the estimated time of arrival --flush-session Flush session files for current target --forms Parse and test forms on target URL --fresh-queries Ignore query results stored in session file --hex Use DBMS hex function(s) for data retrieval --output-dir=OUT.. Custom output directory path --parse-errors Parse and display DBMS error messages from responses --save=SAVECONFIG Save options to a configuration INI file --scope=SCOPE Regexp to filter targets from provided proxy log --test-filter=TE.. Select tests by payloads and/or titles (e.g. ROW) --test-skip=TEST.. Skip tests by payloads and/or titles (e.g. BENCHMARK) --update Update sqlmap Miscellaneous: -z MNEMONICS Use short mnemonics (e.g. "flu,bat,ban,tec=EU") --alert=ALERT Run host OS command(s) when SQL injection is found --answers=ANSWERS Set question answers (e.g. "quit=N,follow=N") --beep Beep on question and/or when SQL injection is found --cleanup Clean up the DBMS from sqlmap specific UDF and tables --dependencies Check for missing (non-core) sqlmap dependencies --disable-coloring Disable console output coloring --gpage=GOOGLEPAGE Use Google dork results from specified page number --identify-waf Make a thorough testing for a WAF/IPS/IDS protection --skip-waf Skip heuristic detection of WAF/IPS/IDS protection --mobile Imitate smartphone through HTTP User-Agent header --offline Work in offline mode (only use session data) --page-rank Display page rank (PR) for Google dork results --purge-output Safely remove all content from output directory --smart Conduct thorough tests only if positive heuristic(s) --sqlmap-shell Prompt for an interactive sqlmap shell --wizard Simple wizard interface for beginner users