Integrate Burp Request and SQLmap
We can use the Burp Suite request state for SQLmap by downloading item.
Download Request File in Burp Suite
- Right click on the request field in Burp Suite.
- Click "Save item" or "Copy to file" to download the request state.
- Save as "request.txt" (this is arbitrary name).
Using Request File in SQLmap
After downloading the request file in Burp Suite as the previous section, we can use when running SQLmap.
By the way, we can see what SQLmap send payloads to websites by adding the --proxy
flag.