sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

Typically used for out-of-band SQL injection.

https://www.security-sleuth.com/sleuth-blog/2017/1/3/sqlmap-cheat-sheet

https://www.invicti.com/blog/web-security/sql-injection-cheat-sheet/

• Basics
• Enumeration
• Firewall Evasion
• Attacking forms
• Using proxy
• Burp Suite + SQLMap