This is a python script used by Cyber Security Analysts to check for vulnerabilities in website
. Like any other network security tool, it is being utilized by many, meaning it was also being utilized by the bad guys a.k.a "hackers". While we were browsing the dark web, we stumbled upon a hacking forum where you need to take an exam before you could join their group. Now, this forum is no new to us as there were a lot of hacking forum scattered over the net. What intrigued us most is their entrance exam. In order for a newcomer to become a member they must need to prove themselves by taking over or defacing ones site.
SQLMAP.py has been used in the forum wildly like this is the default tool to check for anyone's site. The administrator of the forum posts a list of sites that are going to be brutally attacked by the newcomers with the use of this tool. Majority of the sites are using CMS such as WordPress, Joomla, Magento, etc., CMS are, usually, not vulnerable by themselves, they just need to be updated with newest release. Meaning, all outdated sites are very prone to attacks.