[GH-ISSUE #5] Run based on HTTP capture #3

New issue

Closed

opened 2026-03-01 14:51:10 +03:00 by kerem · 10 comments

kerem commented 2026-03-01 14:51:10 +03:00

Owner

Copy link

Originally created by @feelinggoodlewis on GitHub (Aug 22, 2025).
Original GitHub issue: https://github.com/atiilla/sqlmap-ai/issues/5

Any way to run based on sqlmap -r function with http capture of post packed?

Originally created by @feelinggoodlewis on GitHub (Aug 22, 2025). Original GitHub issue: https://github.com/atiilla/sqlmap-ai/issues/5 Any way to run based on sqlmap -r function with http capture of post packed?

kerem closed this issue 2026-03-01 14:51:10 +03:00

kerem commented 2026-03-01 14:51:10 +03:00

Author

Owner

Copy link

@atiilla commented on GitHub (Aug 22, 2025):

Please try using the new version. :)

<!-- gh-comment-id:3215953744 --> @atiilla commented on GitHub (Aug 22, 2025): Please try using the new version. :)

kerem commented 2026-03-01 14:51:11 +03:00

Author

Owner

Copy link

@feelinggoodlewis commented on GitHub (Aug 23, 2025):

thanks for your reply!

tested just now and throwing an error.

python run.py --enhanced --adaptive --ai-provider groq -r ../gcl
🚀 Starting SQLMap AI in ENHANCED mode (AI-Powered Mode)...
This mode includes AI-powered analysis, adaptive testing, and advanced features.

INFO:utils.ai_providers:Groq provider initialized

────────────────────────────────────────────────────────────────
SQLMap AI v2.0
Advanced AI-Powered SQL Injection Testing Tool
Powered by Artificial Intelligence
────────────────────────────────────────────────────────────────

2025-08-23 01:00:21,284 - ERROR - SECURITY_EVENT: {"timestamp": "2025-08-23T01:00:21.284262", "event_type": "SECURITY_VIOLATION", "severity": "HIGH", "details": {"violation_type": "INVALID_URL", "target_url": null, "error": "URL must be a non-empty string"}, "user_context": null}
ERROR:SQLMapAI_Audit:SECURITY_EVENT: {"timestamp": "2025-08-23T01:00:21.284262", "event_type": "SECURITY_VIOLATION", "severity": "HIGH", "details": {"violation_type": "INVALID_URL", "target_url": null, "error": "URL must be a non-empty string"}, "user_context": null}
[ERROR] Security validation failed: URL validation failed: URL must be a non-empty string

runs fine with regular sqlmap

cat gcl
POST /redacted HTTP/1.1
Host: redacted
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, zstd
Referer: https://redacted.com/redacted
Content-Type: application/x-www-form-urlencoded
Content-Length: 63
Origin: https://redacted/
Sec-GPC: 1
Connection: keep-alive
Cookie: PHPSESSID=56umcq0ftgv9dl5umcrs771fuo
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Priority: u=0, i

user_name=hi&full_name=hi

<!-- gh-comment-id:3216216243 --> @feelinggoodlewis commented on GitHub (Aug 23, 2025): thanks for your reply! tested just now and throwing an error. python run.py --enhanced --adaptive --ai-provider groq -r ../gcl 🚀 Starting SQLMap AI in ENHANCED mode (AI-Powered Mode)... This mode includes AI-powered analysis, adaptive testing, and advanced features. INFO:utils.ai_providers:Groq provider initialized ──────────────────────────────────────────────────────────────── SQLMap AI v2.0 Advanced AI-Powered SQL Injection Testing Tool Powered by Artificial Intelligence ──────────────────────────────────────────────────────────────── 2025-08-23 01:00:21,284 - ERROR - SECURITY_EVENT: {"timestamp": "2025-08-23T01:00:21.284262", "event_type": "SECURITY_VIOLATION", "severity": "HIGH", "details": {"violation_type": "INVALID_URL", "target_url": null, "error": "URL must be a non-empty string"}, "user_context": null} ERROR:SQLMapAI_Audit:SECURITY_EVENT: {"timestamp": "2025-08-23T01:00:21.284262", "event_type": "SECURITY_VIOLATION", "severity": "HIGH", "details": {"violation_type": "INVALID_URL", "target_url": null, "error": "URL must be a non-empty string"}, "user_context": null} [ERROR] Security validation failed: URL validation failed: URL must be a non-empty string runs fine with regular sqlmap cat gcl POST /redacted HTTP/1.1 Host: redacted User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br, zstd Referer: https://redacted.com/redacted Content-Type: application/x-www-form-urlencoded Content-Length: 63 Origin: https://redacted/ Sec-GPC: 1 Connection: keep-alive Cookie: PHPSESSID=56umcq0ftgv9dl5umcrs771fuo Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1 Priority: u=0, i user_name=hi&full_name=hi

kerem commented 2026-03-01 14:51:11 +03:00

Author

Owner

Copy link

@atiilla commented on GitHub (Aug 23, 2025):

I will look into this issue and release an update very soon.

<!-- gh-comment-id:3216544923 --> @atiilla commented on GitHub (Aug 23, 2025): I will look into this issue and release an update very soon.

kerem commented 2026-03-01 14:51:11 +03:00

Author

Owner

Copy link

@atiilla commented on GitHub (Aug 24, 2025):

HTTP Request File Testing (NEW!)

# Test using HTTP request capture file
sqlmap-ai -r request.txt

# Enhanced mode with request file and adaptive testing
sqlmap-ai --enhanced --adaptive -r request.txt

# With specific AI provider
sqlmap-ai --enhanced -r request.txt --ai-provider groq

# Simple mode with request file
sqlmap-ai --simple -r request.txt

Request File Format:

POST /login.php HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9
Content-Type: application/x-www-form-urlencoded
Content-Length: 38

username=admin&password=test

<!-- gh-comment-id:3218424637 --> @atiilla commented on GitHub (Aug 24, 2025): ### HTTP Request File Testing (NEW!) ```bash # Test using HTTP request capture file sqlmap-ai -r request.txt # Enhanced mode with request file and adaptive testing sqlmap-ai --enhanced --adaptive -r request.txt # With specific AI provider sqlmap-ai --enhanced -r request.txt --ai-provider groq # Simple mode with request file sqlmap-ai --simple -r request.txt ``` **Request File Format:** ```http POST /login.php HTTP/1.1 Host: example.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9 Content-Type: application/x-www-form-urlencoded Content-Length: 38 username=admin&password=test ```

kerem commented 2026-03-01 14:51:11 +03:00

Author

Owner

Copy link

@feelinggoodlewis commented on GitHub (Aug 25, 2025):

Still not working for me. Works in regular sqlmap

~/sqlmap-ai# sqlmap-ai -r ./gcl3 🚀 Starting SQLMap AI in ENHANCED mode (AI-Powered Mode)... This mode includes AI-powered analysis, adaptive testing, and advanced features. INFO:utils.ai_providers:Groq provider initialized ──────────────────────────────────────────────────────────────── SQLMap AI v2.0 Advanced AI-Powered SQL Injection Testing Tool Powered by Artificial Intelligence ──────────────────────────────────────────────────────────────── [INFO] Using timeout of 120 seconds [INFO] Available AI providers: groq INFO:SQLMapAI_Audit:SECURITY_EVENT: {"timestamp": "2025-08-25T12:20:01.523497", "event_type": "SCAN_START", "severity": "INFO", "details": {"target_url": "https://admin.example.com/system/settings.php", "options": ["--batch", "-r", "./gcl3", "--risk=1", "--level=1", "--threads=5"], "option_count": 6}, "user_context": null} [INFO] Starting enhanced standard testing... [INFO] Starting initial reconnaissance... [INFO] Starting initial reconnaissance... [12:20:01] [DEBUG] Created new task: 'd663bf907c674b53' [INFO] Scanning target... [12:20:01] [DEBUG] (d663bf907c674b53) Started scan [INFO] Scan started for task ID: d663bf907c674b53 [INFO] Starting SQLMap scan... [12:20:05] [DEBUG] (d663bf907c674b53) Retrieved scan status Scan completed [12:20:05] [DEBUG] (d663bf907c674b53) Retrieved scan data and error messages [12:20:05] [DEBUG] (d663bf907c674b53) Deleted task [INFO] Task d663bf907c674b53 deleted successfully [ERROR] SQLMap execution failed [ERROR] Initial test failed. Check target URL and try again. INFO:SQLMapAI_Audit:SECURITY_EVENT: {"timestamp": "2025-08-25T12:20:05.559341", "event_type": "SCAN_COMPLETE", "severity": "INFO", "details": {"target_url": "https://admin.example.com/system/settings.php", "vulnerabilities_found": 0}, "user_context": null}

Below for sqlmap

~/sqlmap-ai# python sqlmap/sqlmap.py -r ./gcl3 ___ H ___ [']__ ___ ___ {1.9.8.9#dev} |_ -| . ['] | .'| . | || [)]|||__,| | ||V... || https://sqlmap.org [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program [] starting @ 12:20:34 /2025-08-25/ [12:20:34] [INFO] parsing HTTP request from './gcl3' it appears that provided value for POST parameter 'full_name' has boundaries. Do you want to inject inside? ('
Warning: Undefined array key ') [y/N] [12:20:53] [INFO] testing connection to the target URL got a 302 redirect to 'https://admin.example.com/system/settings.php'. Do you want to follow? [Y/n] redirect is a result of a POST request. Do you want to resend original POST data to a new location? [Y/n] [12:21:01] [INFO] testing if the target URL content is stable [12:21:01] [WARNING] POST parameter 'user_name' does not appear to be dynamic [12:21:02] [WARNING] heuristic (basic) test shows that POST parameter 'user_name' might not be injectable [12:21:02] [INFO] testing for SQL injection on POST parameter 'user_name' [12:21:02] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause' [12:21:05] [INFO] testing 'Boolean-based blind - Parameter replace (original value)' [12:21:05] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)' [12:21:07] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause' [12:21:09] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause (IN)'

<!-- gh-comment-id:3220062855 --> @feelinggoodlewis commented on GitHub (Aug 25, 2025): Still not working for me. Works in regular sqlmap ~/sqlmap-ai# sqlmap-ai -r ./gcl3 🚀 Starting SQLMap AI in ENHANCED mode (AI-Powered Mode)... This mode includes AI-powered analysis, adaptive testing, and advanced features. INFO:utils.ai_providers:Groq provider initialized ──────────────────────────────────────────────────────────────── SQLMap AI v2.0 Advanced AI-Powered SQL Injection Testing Tool Powered by Artificial Intelligence ──────────────────────────────────────────────────────────────── [INFO] Using timeout of 120 seconds [INFO] Available AI providers: groq INFO:SQLMapAI_Audit:SECURITY_EVENT: {"timestamp": "2025-08-25T12:20:01.523497", "event_type": "SCAN_START", "severity": "INFO", "details": {"target_url": "https://admin.example.com/system/settings.php", "options": ["--batch", "-r", "./gcl3", "--risk=1", "--level=1", "--threads=5"], "option_count": 6}, "user_context": null} [INFO] Starting enhanced standard testing... [INFO] Starting initial reconnaissance... [INFO] Starting initial reconnaissance... [12:20:01] [DEBUG] Created new task: 'd663bf907c674b53' [INFO] Scanning target... [12:20:01] [DEBUG] (d663bf907c674b53) Started scan [INFO] Scan started for task ID: d663bf907c674b53 [INFO] Starting SQLMap scan... [12:20:05] [DEBUG] (d663bf907c674b53) Retrieved scan status Scan completed [12:20:05] [DEBUG] (d663bf907c674b53) Retrieved scan data and error messages [12:20:05] [DEBUG] (d663bf907c674b53) Deleted task [INFO] Task d663bf907c674b53 deleted successfully [ERROR] SQLMap execution failed [ERROR] Initial test failed. Check target URL and try again. INFO:SQLMapAI_Audit:SECURITY_EVENT: {"timestamp": "2025-08-25T12:20:05.559341", "event_type": "SCAN_COMPLETE", "severity": "INFO", "details": {"target_url": "https://admin.example.com/system/settings.php", "vulnerabilities_found": 0}, "user_context": null} Below for sqlmap ~/sqlmap-ai# python sqlmap/sqlmap.py -r ./gcl3 ___ __H__ ___ ___[']_____ ___ ___ {1.9.8.9#dev} |_ -| . ['] | .'| . | |___|_ [)]_|_|_|__,| _| |_|V... |_| https://sqlmap.org [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program [*] starting @ 12:20:34 /2025-08-25/ [12:20:34] [INFO] parsing HTTP request from './gcl3' it appears that provided value for POST parameter 'full_name' has boundaries. Do you want to inject inside? ('<br /><b>Warning</b>: Undefined array key* ') [y/N] [12:20:53] [INFO] testing connection to the target URL got a 302 redirect to 'https://admin.example.com/system/settings.php'. Do you want to follow? [Y/n] redirect is a result of a POST request. Do you want to resend original POST data to a new location? [Y/n] [12:21:01] [INFO] testing if the target URL content is stable [12:21:01] [WARNING] POST parameter 'user_name' does not appear to be dynamic [12:21:02] [WARNING] heuristic (basic) test shows that POST parameter 'user_name' might not be injectable [12:21:02] [INFO] testing for SQL injection on POST parameter 'user_name' [12:21:02] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause' [12:21:05] [INFO] testing 'Boolean-based blind - Parameter replace (original value)' [12:21:05] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)' [12:21:07] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause' [12:21:09] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause (IN)'

kerem commented 2026-03-01 14:51:11 +03:00

Author

Owner

Copy link

@atiilla commented on GitHub (Aug 25, 2025):

I made a new update, could you try again and let me know the result?

<!-- gh-comment-id:3221876103 --> @atiilla commented on GitHub (Aug 25, 2025): I made a new update, could you try again and let me know the result?

kerem commented 2026-03-01 14:51:11 +03:00

Author

Owner

Copy link

@feelinggoodlewis commented on GitHub (Aug 26, 2025):

/sqlmap-ai# sqlmap-ai -r ./gcl3
🚀 Starting SQLMap AI in ENHANCED mode (AI-Powered Mode)...
This mode includes AI-powered analysis, adaptive testing, and advanced features.

INFO:utils.ai_providers:Groq provider initialized

────────────────────────────────────────────────────────────────
SQLMap AI v2.0
Advanced AI-Powered SQL Injection Testing Tool
Powered by Artificial Intelligence
────────────────────────────────────────────────────────────────

[INFO] SQLMap API server is already running.

[INFO] Using timeout of 120 seconds

[INFO] Available AI providers: groq

INFO:SQLMapAI_Audit:SECURITY_EVENT: {"timestamp": "2025-08-26T00:24:05.013282", "event_type": "SCAN_START", "severity": "INFO", "details": {"target_url": "https://admin.example.com/v2/system/settings.php", "options"

["--batch", "-r", "./gcl3", "--risk=1", "--level=1", "--threads=5"], "option_count": 6}, "user_context": null}
[INFO] Starting enhanced standard testing... [INFO] Starting initial reconnaissance... [INFO] Starting initial reconnaissance...
[INFO] Scanning target... [INFO] Scan started for task ID: 67ba7032cd25cbc7 [INFO] Starting SQLMap scan... [INFO] Runnin Scan completed [INFO] Task 67ba7032cd25cbc7 deleted successfully [] No vulnerabilities detected [SUCCESS] SQLMap execution completed [SUCCESS] Initial reconnaissance completed! ================================================== SQLMap SCAN RESULTS ================================================== [INFO] Analyzing results with Groq AI and determining next steps... [INFO] Analyzing SQLMap results with AI... [INFO] Sending detailed analysis request to Groq AI... INFO:httpx:HTTP Request: POST https://api.groq.com/openai/v1/chat/completions "HTTP/1.1 200 OK" [SUCCESS] Received AI recommendations! [AI SUGGESTION] --forms --level=3 --risk=3 --technique=BEUST --dump --tables Choose your next action: 1. Use AI suggestion: --forms --level=3 --risk=3 --technique=BEUST --dump --tables 2. Enter custom SQLMap options 3. Skip further testing Enter your choice (1-3): 1 [INFO] Running follow-up scan... [INFO] Scanning target... [INFO] Scan started for task ID: 261191f4c5a5a23a [INFO] Starting SQLMap scan...
[INFO] Runnin Scan completed [INFO] Task 67ba7032cd25cbc7 deleted successfully [] No vulnerabilities detected [SUCCESS] SQLMap execution completed [SUCCESS] Initial reconnaissance completed! ================================================== SQLMap SCAN RESULTS ================================================== [INFO] Analyzing results with Groq AI and determining next steps... [INFO] Analyzing SQLMap results with AI... [INFO] Sending detailed analysis request to Groq AI... INFO:httpx:HTTP Request: POST https://api.groq.com/openai/v1/chat/completions "HTTP/1.1 200 OK" [SUCCESS] Received AI recommendations! [AI SUGGESTION] --forms --level=3 --risk=3 --technique=BEUST --dump --tables Choose your next action: 1. Use AI suggestion: --forms --level=3 --risk=3 --technique=BEUST --dump --tables 2. Enter custom SQLMap options 3. Skip further testing Enter your choice (1-3): 1 [INFO] Running follow-up scan... [INFO] Scanning target... [INFO] Scan started for task ID: 261191f4c5a5a23a [INFO] Starting SQLMap scan... [INFO] Runnin SQLMap command timeout after 180.9 seconds [WARNING] SQLMap command timeout after 180.9 seconds [INFO] Task 261191f4c5a5a23a deleted successfully TIMEOUT: Command execution exceeded time limit [SUCCESS] SQLMap execution completed [WARNING] Follow-up scan timed out. [INFO] You may still get useful results from the partial scan data. [SUCCESS] Test completed successfully! ================================================== SQLMap SCAN RESULTS ================================================== Save detailed report to file? (y/n): y [INFO] Creating beautiful HTML report... [SUCCESS] Beautiful HTML report generated: reports/sqlmap_report_1756168157.html [INFO] Open the HTML file in your browser to view the interactive report INFO:SQLMapAI_Audit:SECURITY_EVENT: {"timestamp": "2025-08-26T00:29:17.581154", "event_type": "SCAN_COMPLETE", "severity": "INFO", "details": {"target_url": "https://admin.example.com/v2/system/settings.php", "vulnerabilities_found": 0}, "user_context": null}

Looks to be timing out. Is it working for you?

<!-- gh-comment-id:3222144826 --> @feelinggoodlewis commented on GitHub (Aug 26, 2025): /sqlmap-ai# sqlmap-ai -r ./gcl3 🚀 Starting SQLMap AI in ENHANCED mode (AI-Powered Mode)... This mode includes AI-powered analysis, adaptive testing, and advanced features. INFO:utils.ai_providers:Groq provider initialized ──────────────────────────────────────────────────────────────── SQLMap AI v2.0 Advanced AI-Powered SQL Injection Testing Tool Powered by Artificial Intelligence ──────────────────────────────────────────────────────────────── [INFO] SQLMap API server is already running. [INFO] Using timeout of 120 seconds [INFO] Available AI providers: groq INFO:SQLMapAI_Audit:SECURITY_EVENT: {"timestamp": "2025-08-26T00:24:05.013282", "event_type": "SCAN_START", "severity": "INFO", "details": {"target_url": "https://admin.example.com/v2/system/settings.php", "options" : ["--batch", "-r", "./gcl3", "--risk=1", "--level=1", "--threads=5"], "option_count": 6}, "user_context": null} [INFO] Starting enhanced standard testing... [INFO] Starting initial reconnaissance... [INFO] Starting initial reconnaissance... [INFO] Scanning target... [INFO] Scan started for task ID: 67ba7032cd25cbc7 [INFO] Starting SQLMap scan... [INFO] Runnin Scan completed [INFO] Task 67ba7032cd25cbc7 deleted successfully [*] No vulnerabilities detected [SUCCESS] SQLMap execution completed [SUCCESS] Initial reconnaissance completed! ================================================== SQLMap SCAN RESULTS ================================================== [INFO] Analyzing results with Groq AI and determining next steps... [INFO] Analyzing SQLMap results with AI... [INFO] Sending detailed analysis request to Groq AI... INFO:httpx:HTTP Request: POST https://api.groq.com/openai/v1/chat/completions "HTTP/1.1 200 OK" [SUCCESS] Received AI recommendations! [AI SUGGESTION] --forms --level=3 --risk=3 --technique=BEUST --dump --tables Choose your next action: 1. Use AI suggestion: --forms --level=3 --risk=3 --technique=BEUST --dump --tables 2. Enter custom SQLMap options 3. Skip further testing Enter your choice (1-3): 1 [INFO] Running follow-up scan... [INFO] Scanning target... [INFO] Scan started for task ID: 261191f4c5a5a23a [INFO] Starting SQLMap scan... [INFO] Runnin Scan completed [INFO] Task 67ba7032cd25cbc7 deleted successfully [*] No vulnerabilities detected [SUCCESS] SQLMap execution completed [SUCCESS] Initial reconnaissance completed! ================================================== SQLMap SCAN RESULTS ================================================== [INFO] Analyzing results with Groq AI and determining next steps... [INFO] Analyzing SQLMap results with AI... [INFO] Sending detailed analysis request to Groq AI... INFO:httpx:HTTP Request: POST https://api.groq.com/openai/v1/chat/completions "HTTP/1.1 200 OK" [SUCCESS] Received AI recommendations! [AI SUGGESTION] --forms --level=3 --risk=3 --technique=BEUST --dump --tables Choose your next action: 1. Use AI suggestion: --forms --level=3 --risk=3 --technique=BEUST --dump --tables 2. Enter custom SQLMap options 3. Skip further testing Enter your choice (1-3): 1 [INFO] Running follow-up scan... [INFO] Scanning target... [INFO] Scan started for task ID: 261191f4c5a5a23a [INFO] Starting SQLMap scan... [INFO] Runnin SQLMap command timeout after 180.9 seconds [WARNING] SQLMap command timeout after 180.9 seconds [INFO] Task 261191f4c5a5a23a deleted successfully TIMEOUT: Command execution exceeded time limit [SUCCESS] SQLMap execution completed [WARNING] Follow-up scan timed out. [INFO] You may still get useful results from the partial scan data. [SUCCESS] Test completed successfully! ================================================== SQLMap SCAN RESULTS ================================================== Save detailed report to file? (y/n): y [INFO] Creating beautiful HTML report... [SUCCESS] Beautiful HTML report generated: reports/sqlmap_report_1756168157.html [INFO] Open the HTML file in your browser to view the interactive report INFO:SQLMapAI_Audit:SECURITY_EVENT: {"timestamp": "2025-08-26T00:29:17.581154", "event_type": "SCAN_COMPLETE", "severity": "INFO", "details": {"target_url": "https://admin.example.com/v2/system/settings.php", "vulnerabilities_found": 0}, "user_context": null} Looks to be timing out. Is it working for you?

kerem commented 2026-03-01 14:51:11 +03:00

Author

Owner

Copy link

@atiilla commented on GitHub (Aug 26, 2025):

Problem:

• Fixed 1.5x timeout caused premature timeouts with complex AI options (~180s).
• No complexity awareness or detailed user feedback.

Solution:

• Adaptive timeout based on scan type and complexity.
• Conservative, timeout-aware AI suggestions with warnings.
• Clear feedback ([INFO] Using adaptive timeout: 383s) and configurable settings. config.yaml

Results:

• Follow-up scan now completes at 383s instead of timing out.
• Fewer timeouts, smarter runtime allocation.

Benefits:

• Prevents early timeouts.
• Safer AI recommendations.
• Clear feedback and fully configurable.

Reinstall pip install sqlmap-ai or pull repository and test it again.

<!-- gh-comment-id:3223277807 --> @atiilla commented on GitHub (Aug 26, 2025): Problem: * Fixed 1.5x timeout caused premature timeouts with complex AI options (~180s). * No complexity awareness or detailed user feedback. Solution: * Adaptive timeout based on scan type and complexity. * Conservative, timeout-aware AI suggestions with warnings. * Clear feedback (`[INFO] Using adaptive timeout: 383s`) and configurable settings. `config.yaml` Results: * Follow-up scan now completes at 383s instead of timing out. * Fewer timeouts, smarter runtime allocation. Benefits: * Prevents early timeouts. * Safer AI recommendations. * Clear feedback and fully configurable. Reinstall `pip install sqlmap-ai` or pull repository and test it again. <img width="1144" height="676" alt="Image" src="https://github.com/user-attachments/assets/82f31476-aba7-439b-a533-2357ece715e6" />

kerem commented 2026-03-01 14:51:11 +03:00

Author

Owner

Copy link

@feelinggoodlewis commented on GitHub (Aug 27, 2025):

Repulled git repo. Still not working for me and timing out on 4th step as before.. adjusting some setting in config.yml and did not help.

<!-- gh-comment-id:3227118811 --> @feelinggoodlewis commented on GitHub (Aug 27, 2025): Repulled git repo. Still not working for me and timing out on 4th step as before.. adjusting some setting in config.yml and did not help.

kerem commented 2026-03-01 14:51:11 +03:00

Author

Owner

Copy link

@atiilla commented on GitHub (Aug 27, 2025):

Repulled git repo. Still not working for me and timing out on 4th step as before.. adjusting some setting in config.yml and did not help.

Timeouts are happening due to the AI service (whether Ollama or cloud backend, I’m not sure).

<!-- gh-comment-id:3227742898 --> @atiilla commented on GitHub (Aug 27, 2025): > Repulled git repo. Still not working for me and timing out on 4th step as before.. adjusting some setting in config.yml and did not help. Timeouts are happening due to the AI service (whether Ollama or cloud backend, I’m not sure).

kerem referenced this issue 2026-03-01 14:51:16 +03:00

[PR #4] [MERGED] Changed default model choice of qwen-qwq-32-b to qwen/qwen3-32b #12

kerem referenced this issue 2026-03-15 11:27:14 +03:00

[GH-ISSUE #3] deprecated model #2

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

No results found.

Labels

Clear labels   

pull-request

Mirrored from GitHub Pull Request

No labels

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/sqlmap-ai#3

No description provided.