The Mole Download – Automatic SQL Injection Tool For Windows


The Mole is an automatic SQL Injection tool for SQLi exploitation for Windows and Linux. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique.

The Mole Download - Automatic SQL Injection Tool


What is The Mole SQL Injection Tool for Windows & Linux?

The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. The CLI also provides auto-completion on both commands and command arguments, making the user type as less as possible.

This application is able to exploit both union-based and blind boolean-based injections.

Every action The Mole can execute is triggered by a specific command. All this application requires in order to exploit a SQL Injection is the URL(including the parameters) and a needle(a string) that appears in the server’s response whenever the injection parameter generates a valid query, and does not appear otherwise.

So far, The Mole supports MySQL, MS-SQL and PostgreSQL, but we expect to include other DBMSs in the future.

Features of The Mole SQL Injection Tool

  • Support for Mysql, Postgres, SQL Server and Oracle.
  • Automatic SQL injection exploitation using union technique.
  • Automatic blind SQL injection exploitation.
  • Exploits SQL Injections in GET/POST/Cookie parameters.
  • Support for filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily.
  • Exploits SQL Injections that return binary data.
  • Powerful command interpreter to simplify its usage.

Using The Mole SQL Injection Software

Other automated SQLInjection Tools would be:

BSQL Hacker Download – Automated SQL Injection Tool
Havij Download – Advanced Automated SQL Injection Tool
sqlmap – Automated Blind SQL Injection Tool

You can download The Mole SQL Inection Tool here:

Windows: themole-0.3-win32.zip
Linux: themole-0.3-lin-src.tar.gz

Or read more here.

Posted in: Database Hacking

, ,


Latest Posts:


zBang - Privileged Account Threat Detection Tool zBang – Privileged Account Threat Detection Tool
zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations & red teams can use it to identify attack vectors
Memhunter - Automated Memory Resident Malware Detection Memhunter – Automated Memory Resident Malware Detection
Memhunter is an Automated Memory Resident Malware Detection tool for the hunting of memory resident malware at scale, improving threat hunter analysis process.
Sandcastle - AWS S3 Bucket Enumeration Tool Sandcastle – AWS S3 Bucket Enumeration Tool
Sandcastle is an Amazon AWS S3 Bucket Enumeration Tool, formerly known as bucketCrawler. The script takes a target's name as the stem argument (e.g. shopify).
Astra - API Automated Security Testing For REST Astra – API Automated Security Testing For REST
Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs.
Judas DNS - Nameserver DNS Poisoning Attack Tool Judas DNS – Nameserver DNS Poisoning Attack Tool
Judas DNS is a Nameserver DNS Poisoning Attack Tool which functions as a DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation.
dsniff Download - Tools for Network Auditing & Password Sniffing dsniff Download – Tools for Network Auditing & Password Sniffing
Dsniff download is a collection of tools for network auditing & penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a network


Comments are closed.