SQLmap is an open-source tool used in penetration testing to detect and exploit SQL injection flaws. SQLmap automates the process of detecting and exploiting SQL injection. ... They can affect any website or web app that may have a SQL database linked to it, such as MySQL, SQL Server, Oracle and many others.
