What's the problem (or question)?
Currently, sqlmap doesn't have a feature to list all the tamper scripts which are included by default.
It would be nice if sqlmap could have sort of a --list-tampers switch to allow us to see the list of tampers with maybe a nice comment quickly explaining its behavior and it's limitation ( with what db system it's compatible, what type of WAF does it bypasses, etc... ).
Do you have an idea for a solution?
If I would have to make it, I would firstly add a "quick comment" and a "name" section on each tamper scripts ( "name" would be the name of the tamper e.g.: base64encode.py )
Then, to respond to the switch, I would import all the default tampers, then get the "quick comment" section of each one.
How can we reproduce the issue?
Non applicable.
What are the running context details?
Non applicable
What's the problem (or question)?
Currently, sqlmap doesn't have a feature to list all the tamper scripts which are included by default.
It would be nice if sqlmap could have sort of a
--list-tampersswitch to allow us to see the list of tampers with maybe a nice comment quickly explaining its behavior and it's limitation ( with what db system it's compatible, what type of WAF does it bypasses, etc... ).Do you have an idea for a solution?
If I would have to make it, I would firstly add a "quick comment" and a "name" section on each tamper scripts ( "name" would be the name of the tamper e.g.: base64encode.py )
Then, to respond to the switch, I would import all the default tampers, then get the "quick comment" section of each one.
How can we reproduce the issue?
Non applicable.
What are the running context details?
Non applicable