English | 中文 | 截图 / Screenshot
- Telegram集成 - 通过Telegram机器人管理Sqlmap的批量扫描
- 实时监控 - 即时获取漏洞扫描通知
- 多线程支持 - 支持并发扫描
- 跨平台运行 - 基于Java的解决方案
- Java运行环境
- Python运行环境
- 创建一个空白文件夹并将GlientCat.jar放入
- 运行:
java -jar GlientCat.jar - 配置
config.json:{ "ownerID": "你的Telegram ID", "botToken": "你的机器人令牌", "sqlPM": "null" } - 再次运行,若配置无误即可正常启动
- 使用
/start命令与/help开始与机器人的会话 - 投喂含网址列表的.txt(一行一条)即可开始扫描
sqlPM: 非必填,Sqlmap参数(追加到基础命令后)- 基础扫描命令:
python sqlmap.py -u target --batch
- 默认扫描命令:
python sqlmap.py -u target --batch --random-agent --crawl=2 --forms
- 妥善保管你的机器人令牌!
- 扫描前需先用
/start命令初始化会话,否则扫描结果无法回传 - Linux服务器可参考
nohup运行
- Telegram Integration - Manage Sqlmap batch scanning via Telegram bot
- Real-time Monitoring - Receive instant vulnerability scan notifications
- Multi-threading Support - Concurrent scanning capability
- Cross-platform - Java-based solution
- Java Runtime Environment
- Python Runtime Environment
- Create an empty folder and place
GlientCat.jarinside it. - Run:
java -jar GlientCat.jar - Configure the generated
config.json:{ "ownerID": "YOUR_TELEGRAM_ID", "botToken": "YOUR_BOT_TOKEN", "sqlPM": "null" } - Run the program again. If the configuration is correct, it will start successfully.
- Start a conversation with your bot using the
/startcommand, and use/helpto see available commands. - To begin scanning, send a
.txtfile containing a list of targets (one URL per line).
sqlPM: Optional. Sqlmap parameters (appended to the base command).- Base scan command:
python sqlmap.py -u target --batch
- Default scan command:
python sqlmap.py -u target --batch --random-agent --crawl=2 --forms
- Keep your bot token secure!
- You must initiate the session with the
/startcommand before scanning; otherwise, scan results cannot be sent back to you. - For Linux servers, consider running the program in the background using
nohup.
