🔥 VIP SQLi Scanner

Advanced Edition · v4.0

PROFESSIONAL SQL INJECTION DETECTION & EXPLOITATION TRIAGE FRAMEWORK

🔗 GitHub · Website · Report Bug

📖 Table of Contents

Overview
Features
Installation
Quick Start
Usage Guide
Enterprise Dashboard
Export & Reporting
How It Works
Architecture
Upcoming Features
Legal Notice

🎯 Overview

VIP SQLi Scanner is a next-generation, high-performance security framework for automated SQL Injection discovery and triage. Built for professional penetration testers, bug bounty hunters, and enterprise security teams.

v4.0 introduces Team Workspaces, Threat Intelligence enrichment, Scan Templates, Webhook integrations, Scan Comparison/Diff, and a fully upgraded Cyberpunk dashboard with GitHub OAuth.

✨ Features

🔍 Advanced Detection Engine

Technique	Description	Since
Error-Based	100+ SQL error signatures across MySQL, PG, Oracle, MSSQL, SQLite, DB2	v1.0
Time-Based Blind	High-accuracy detection with automated WAF bypass	v2.0
Boolean-Based Blind	Precision logic-pair testing with response diff analysis	v3.0
ML Scoring	Random Forest + XGBoost ensemble to qualify findings	v3.0
Union-Based	Column enumeration and data extraction detection	v4.0
Stacked Queries	Multi-statement injection detection	v4.0

📈 Enterprise Dashboard (v4.0)

Cyberpunk Glassmorphism UI — Real-time visualization with premium aesthetics
GitHub OAuth SSO — Secure team-based security operations
Team Workspaces — Collaborative scanning with role-based access control
Distributed Nodes — Register and monitor external scan nodes for massive scalability
Real-time WebSocket Feed — Live vulnerability updates as findings are discovered
Scan Templates — Save and reuse scan configurations (Quick, Thorough, Stealth, CI/CD)

🧠 ML Intelligence

Dual-Model Ensemble: Random Forest + XGBoost for maximum accuracy
Confidence Scoring: Per-result confidence metrics (0–1)
Auto-Training: Continuously improves from verified scan results
False Positive Reduction: Intelligent noise filtering

📊 Professional Export Formats

Format	Description
SARIF v2.1.0	GitHub Advanced Security integration
PDF	Executive reports with CVSS scoring
HTML	Beautiful visual reports with Bootstrap
JSON	Structured data for SIEM/API integration
CSV	Spreadsheet-ready bulk export
XML	Enterprise system integration
Markdown	Documentation-ready reports

🛡️ Smart Triage System

Rule #0 Skip: Automatically excludes 60+ static asset types to maximize speed
Risk Assessment: Analyzes 15+ high-risk extensions and 60+ sensitive parameters
WAF Detection & Bypass: Identifies WAF type and applies sophisticated encoding
Domain Filter: Auto-organizes results into safeurl.txt / vulnurl.txt per domain

🔗 Integrations (v4.0)

Slack — Real-time vulnerability notifications to your SOC channel
Jira — Auto-create tickets for critical findings
AWS S3 — Cloud report storage and archival
Webhooks — Custom HTTP callbacks for any system
GitHub Advanced Security — SARIF upload for code scanning alerts

📦 Installation

Prerequisites

Python 3.9+
pip

Setup

# 1. Clone the repository
git clone https://github.com/viphacker100/VIPSQLi.git
cd VIPSQLi

# 2. (Recommended) Create a virtual environment
python -m venv .venv
.venv\Scripts\activate        # Windows
# source .venv/bin/activate   # Linux/macOS

# 3. Install dependencies
pip install -r requirements.txt

🚀 Quick Start

Single URL Scan (30 seconds)

python sqli_scanner_advanced.py -u "http://example.com/product.php?id=1" --boolean --ml

Batch Scan with All Detection Methods

python sqli_scanner_advanced.py -l urls.txt -t 20 --boolean --time-based --ml --sarif report.sarif

Launch the Enterprise Dashboard

python dashboard/app.py
# Open: http://localhost:5000

📚 Usage Guide

Core Command-Line Options

Flag	Description	Default
`-u, --url`	Single target URL	—
`-l, --list`	File containing URLs (one per line)	—
`-e, --exclude`	Exclusion patterns file	—
`-p, --payloads`	Custom payload file	`payloads.txt`
`-o, --output`	JSON output file	—
`--csv`	CSV output file	—
`--html`	HTML report file	—
`--pdf`	PDF report file	—
`--sarif`	SARIF v2.1.0 output file	—
`-t, --threads`	Thread count	`5`
`--async`	Enable async scanning	`False`
`--max-concurrent`	Max concurrent async requests	`20`
`--boolean`	Boolean-based blind detection	`False`
`--time-based`	Time-based blind detection	`False`
`--ml`	ML-based confidence scoring	`False`
`-k, --insecure`	Skip SSL verification	`False`
`--profile`	Scan profile: `quick`, `thorough`, `stealth`, `aggressive`	—
`--filter`	Organize results by domain	`False`
`--resume`	Resume interrupted scan	`False`
`--proxy`	Proxy URL	—
`--headers`	Custom headers JSON file	—
`-v, --verbose`	Real-time URL status output	`False`
`-i, --interactive`	Guided interactive mode	`False`
`--dashboard`	Launch web dashboard	`False`
`--train`	Train ML model on scan data	`False`

Scanning Examples

# ─── High-Speed Async ─────────────────────────────────────────
python sqli_scanner_advanced.py -l urls.txt --async --max-concurrent 30

# ─── Full Detection Suite ─────────────────────────────────────
python sqli_scanner_advanced.py -l urls.txt --boolean --time-based --ml -t 10 -v

# ─── Professional Pentest ─────────────────────────────────────
python sqli_scanner_advanced.py \
  -l urls.txt \
  -e exclusions.txt \
  -p payloads.txt \
  --async --max-concurrent 25 \
  --boolean --time-based --ml \
  -o results.json --csv results.csv --html report.html \
  -v

# ─── Stealth Scan ─────────────────────────────────────────────
python sqli_scanner_advanced.py -l urls.txt --threads 2 --time-based --profile stealth

# ─── CI/CD Pipeline ───────────────────────────────────────────
python sqli_scanner_advanced.py -l targets.txt --boolean --ml --sarif scan.sarif --no-color

# ─── Resume Interrupted Scan ──────────────────────────────────
python sqli_scanner_advanced.py --resume

# ─── Authenticated Scan with Proxy ───────────────────────────
python sqli_scanner_advanced.py -u "http://target.com" --headers headers.json --proxy http://127.0.0.1:8080

# ─── Domain Filter (Organize by Domain) ──────────────────────
python sqli_scanner_advanced.py -l urls.txt --async --filter -v

# ─── Interactive Mode (Beginner-Friendly) ────────────────────
python sqli_scanner_advanced.py -i

🖥️ Enterprise Web Dashboard (v4.0)

The scanner features a high-performance Cyberpunk-themed dashboard for managing complex operations.

python dashboard/app.py
# Access: http://localhost:5000

Dashboard Features

Feature	Description
Command Center	Sidebar control for running scans in real-time
Live Data Feed	WebSocket-powered vulnerability stream
Team Workspaces	Multi-user collaborative scanning
Scan Templates	Save/load reusable scan configurations
Distributed Nodes	Manage remote scanning infrastructure
GitHub SSO	Secure OAuth 2.0 team authentication
Analytics	Historical charts and trend analysis
Webhook Manager	Configure outbound notifications

📊 Export & Reporting

# SARIF (GitHub Advanced Security)
python sqli_scanner_advanced.py -l urls.txt --sarif scan_results.sarif

# Professional PDF Report
python sqli_scanner_advanced.py -l urls.txt --pdf report.pdf

# Full Export Suite
python sqli_scanner_advanced.py -l urls.txt -o results.json --csv results.csv --html report.html

# Cloud Upload (S3)
python sqli_scanner_advanced.py -l urls.txt --s3

# Slack Notification
python sqli_scanner_advanced.py -l urls.txt --slack

# Jira Ticket Creation
python sqli_scanner_advanced.py -l urls.txt --jira

🧠 How It Works

The 30-Second Framework

URL Input
   │
   ▼
Rule #0: Static File? ──YES──► SKIP (0% SQLi chance)
   │ NO
   ▼
Step 1: File type & path analysis (5s)
   │
   ▼
Step 2: Parameter name risk scoring (10s)
   │
   ▼
Step 3: Safe behavior baseline (10s)
   │
   ▼
Step 4: Error signature scan + Boolean/Time-Based (5s)
   │
   ▼
ML Scoring → Confidence Metric → Final Verdict

Decision Logic

Check	Result	Action
Static file	✅	Skip (0% SQLi)
Safe path	✅	Skip
Low-risk params only	✅	Skip
Same response	✅	Safe
SQL error detected	🚨	REAL SQLi
Boolean diff > threshold	🚨	BLIND SQLi
Response delay > threshold	🚨	TIME-BASED SQLi
ML confidence < 0.5	⚠️	Low confidence
Content changed	⚠️	Investigate

🏗️ Architecture

VIPSQLi/
├── sqli_scanner_advanced.py    # Main CLI entry point
├── sqli_scanner.py             # Basic scanner (legacy)
│
├── core/                       # Core scanning engine
│   ├── scanner.py              # Async/threaded scan orchestrator
│   └── detector.py             # Detection logic (error/boolean/time)
│
├── ml/                         # Machine Learning engine
│   ├── detector.py             # ML prediction interface
│   ├── features.py             # Feature extraction
│   ├── trainer.py              # Model training pipeline
│   └── models/                 # Saved model files
│
├── dashboard/                  # Enterprise web dashboard
│   ├── app.py                  # Flask + Socket.IO server
│   ├── static/                 # Frontend assets
│   └── templates/              # Jinja2 HTML templates
│
├── database/                   # Database layer
│   └── models.py               # SQLAlchemy ORM models (v4.0)
│
├── plugins/                    # Extensible plugin system
│   ├── base.py                 # Plugin base class
│   ├── manager.py              # Plugin loader
│   └── builtin/                # Built-in plugins
│
├── utils/                      # Utility modules
│   ├── report_gen.py           # Report generation (PDF/HTML/SARIF)
│   ├── waf_evasion.py          # WAF bypass techniques
│   ├── rate_limiter.py         # Request rate limiting
│   ├── logger.py               # Structured logging
│   └── cloud_manager.py        # S3/Slack/Jira integrations
│
├── config/                     # Configuration
│   ├── default.yaml            # Default settings
│   └── profiles/               # Scan profiles
│
├── payloads.txt                # SQLi payload library
├── exclusions.txt              # Exclusion patterns (1200+)
└── requirements.txt            # Python dependencies

🔮 Upcoming Features (v5.0)

Roadmap — Features currently in active development or planned for the next major release.

🤖 AI-Powered Analysis

LLM-Assisted Triage — GPT/Gemini integration for natural language vulnerability explanations
Auto-Remediation Suggestions — Context-aware code fix recommendations
Smart Payload Generation — AI-generated custom payloads based on target fingerprint
Anomaly Detection — Unsupervised ML to detect unusual response patterns

🌐 Extended Attack Surface

GraphQL Injection — Detect SQLi via GraphQL query parameters
NoSQL Injection — MongoDB, CouchDB, Redis injection detection
ORM Injection — Hibernate, Sequelize, Django ORM bypass detection
Second-Order SQLi — Stored payload detection via multi-step analysis
JSON/XML Body Injection — POST body parameter fuzzing

🏢 Enterprise & Team Features

SSO/SAML Integration — Enterprise identity provider support
RBAC Policies — Fine-grained permission management
Audit Compliance Reports — OWASP Top 10, PCI-DSS, ISO 27001 mapping
Multi-Tenant SaaS Mode — Isolated workspaces per organization
Custom Branding — White-label dashboard for MSPs

🔄 CI/CD & DevSecOps

GitHub Actions Plugin — Native GitHub Actions integration
GitLab CI Template — Pre-built GitLab CI/CD pipeline
Jenkins Plugin — Jenkins pipeline step
Pre-commit Hook — Block commits with vulnerable endpoints
DAST Integration — Connect with OWASP ZAP, Burp Suite

📡 Threat Intelligence

CVE Auto-Enrichment — Auto-link findings to NVD/CVE database
Exploit-DB Integration — Check if payloads match known exploits
IP Reputation Scoring — Flag targets with known malicious history
Community Threat Feed — Shared payload/signature database

🎨 Dashboard Enhancements

3D Network Graph — Interactive visualization of scan topology
Dark/Light Theme Toggle — User-selectable themes
Mobile App — React Native companion app for monitoring
Custom Dashboard Widgets — Drag-and-drop analytics panels
PDF Scheduled Reports — Auto-email weekly/monthly summaries

⚡ Performance

Distributed Scan Engine — Kubernetes-native horizontal scaling
Redis Queue Backend — Celery + Redis for job distribution
Scan Result Streaming — gRPC-based real-time result streaming
Browser-Based Scanning — Playwright integration for JS-heavy apps

📊 Detection Coverage

Category	Count
Static file extensions (skip)	60+
High-risk file extensions	15+
Safe directory paths	25+
High-risk parameters	60+
Low-risk parameters	40+
SQL error signatures	100+
Exclusion patterns	1,200+
WAF signatures	30+
SQLi payload variants	500+

🛠️ Requirements

Python: 3.9+
Core: requests, aiohttp, rich, colorama
ML: scikit-learn, xgboost, numpy, pandas
Dashboard: flask, flask-socketio, sqlalchemy
Reports: reportlab, jinja2

See requirements.txt for the complete dependency list.

⚠️ Legal Notice

This tool is for educational and authorized security testing only. Always obtain explicit written permission before testing any system you do not own. The authors assume no liability for misuse or damage caused by this tool. Use responsibly and ethically.

📚 Documentation

Document	Description
API Reference	Full REST API and Socket.IO event documentation
Commands Guide	Complete CLI flags and usage examples
Quick Start	Get scanning in under 5 minutes
Feature Matrix	Implementation status of every feature
Functionality Report	Detailed report on all v4.0 capabilities
Changelog	Version history and release notes
Upcoming Features	v5.0 roadmap and planned enhancements
Contributing	Guidelines for contributing to the project
Security Policy	Responsible disclosure and vulnerability reporting

📝 License

MIT License — see LICENSE for full text. For educational and authorized security testing only.

Version: 4.0 (Advanced Edition)
Status: Production Ready
Quality: Enterprise Grade · Cyberpunk Edition

🔥 Powered by the 30-Second Framework

EST 2026 · viphacker100 (Aryan Ahirwar)

Name		Name	Last commit message	Last commit date
Latest commit History 25 Commits
assets		assets
config		config
core		core
dashboard		dashboard
database		database
instance		instance
logs		logs
ml		ml
plugins		plugins
scripts		scripts
templates		templates
utils		utils
.gitignore		.gitignore
API_REFERENCE.md		API_REFERENCE.md
CHANGELOG.md		CHANGELOG.md
COMMANDS.md		COMMANDS.md
CONTRIBUTING.md		CONTRIBUTING.md
FEATURE_MATRIX.md		FEATURE_MATRIX.md
FUNCTIONALITY_REPORT.md		FUNCTIONALITY_REPORT.md
LICENSE		LICENSE
PROJECT_SUMMARY.md		PROJECT_SUMMARY.md
QUICKSTART.md		QUICKSTART.md
README.md		README.md
SECURITY.md		SECURITY.md
UPCOMING_FEATURES.md		UPCOMING_FEATURES.md
exclusions.txt		exclusions.txt
payloads.txt		payloads.txt
pyproject.toml		pyproject.toml
pytest.ini		pytest.ini
report.html		report.html
requirements-v2.2.txt		requirements-v2.2.txt
requirements.txt		requirements.txt
setup.py		setup.py
sqli_scanner.py		sqli_scanner.py
sqli_scanner_advanced.py		sqli_scanner_advanced.py
urls.txt		urls.txt

License

VIPHACKER100/VIPSQLi

Folders and files

Latest commit

History

Repository files navigation