SQL Injection MCP Server

Local setup required. This server has to be cloned and prepared on your machine before you register it in Claude Code.
1

Set the server up locally

Run this once to clone and prepare the server before adding it to Claude Code.

Run in terminal
cd SQLinjector_MCP
uv sync
2

Register it in Claude Code

After the local setup is done, run this command to point Claude Code at the built server.

Run in terminal
claude mcp add sql-injector -- node "<FULL_PATH_TO_SQLINJECTOR_MCP>/dist/index.js"

Replace <FULL_PATH_TO_SQLINJECTOR_MCP>/dist/index.js with the actual folder you prepared in step 1.

README.md

An MCP server for discovering SQL injection vulnerabilities in web applications.

SQL Injection MCP Server

A Model Context Protocol (MCP) server for discovering SQL injection vulnerabilities in web applications.

Features

  • Multiple Injection Types: Error-based, Time-based, Boolean-based, Union-based, Blind SQL injection
  • Database Support: MySQL, MSSQL, PostgreSQL, Oracle, SQLite
  • HTTP Methods: GET and POST parameter testing
  • Authentication: Custom headers, cookies, Bearer tokens
  • Proxy Support: Route traffic through Burp Suite or other proxies
  • WAF Bypass: URL encoding, Hex encoding, Unicode, Case swapping, Comment injection
  • Custom Payloads: Load payloads from external files

Installation

# Using uv (recommended)
cd SQLinjector_MCP
uv sync

# Using pip
pip install -e .

Usage

Running the Server

# Using uv
uv run sqli-mcp

# Or directly
python -m sqli_mcp.server

MCP Client Configuration

Claude Desktop / Claude Code

Add to your MCP configuration:

{
  "mcpServers": {
    "sqli-scanner": {
      "command": "uv",
      "args": ["--directory", "C:/path/to/SQLinjector_MCP", "run", "sqli-mcp"]
    }
  }
}
LM Studio / Cursor

Configure the server URL after starting with HTTP transport:

uv run python -c "from sqli_mcp.server import mcp; mcp.run(transport='streamable-http')"

Then connect to http://localhost:8000/mcp

Available Tools

Tool Description
scan_url Full URL scan for SQLi in all detected parameters
scan_get_parameter Test specific GET parameter
scan_post_parameter Test specific POST parameter
test_payload Test a single payload against a target
list_payloads List available built-in payloads
load_custom_payloads_from_file Load payloads from external file
get_waf_bypass_payloads Get WAF bypass variants of a payload
get_scan_result Retrieve previous scan results
Bulk Scanning
scan_urls_batch Scan multiple URLs (newline-separated, up to 500)
scan_urls_from_file Scan URLs from a file (one per line)
get_batch_result Retrieve batch scan results
get_vulnerable_urls Get only vulnerable URLs from batch

Examples

Basic GET Parameter Scan

Use scan_url with:
- target_url: "http://vulnerable-site.com/page?id=1"

Authenticated POST Scan

Use scan_post_parameter with:
- target_url: "http://site.com/login"
- post_data: "username=admin&password=test"
- parameter: "username"
- cookies: "session=abc123"
- bearer_token: "your-jwt-token"

Using Burp Suite Proxy

Use scan_url with:
- target_url: "http://target.com/page?id=1"
- proxy_url: "http://127.0.0.1:8080"
- verify_ssl: false

WAF Bypass

Use scan_url with:
- target_url: "http://target.com/page?id=1"
- waf_bypass: "comment_injection"

Bulk URL Scanning

Scan multiple URLs from a list:

Use scan_urls_batch with:
- urls: "http://site1.com/page?id=1
http://site2.com/search?q=test
http://site3.com/user?uid=5"
- concurrency: 10
- waf_bypass: "url_encode"

Scan URLs from a file:

Use scan_urls_from_file with:
- file_path: "C:/path/to/urls.txt"
- concurrency: 5
- proxy_url: "http://127.0.0.1:8080"

Get vulnerable URLs only:

Use get_vulnerable_urls with:
- batch_id: "abc12345"

Custom Payloads

Create a text file with one payload per line:

# my_payloads.txt
' OR '1'='1
" OR "1"="1
' UNION SELECT NULL--

Then load with:

Use load_custom_payloads_from_file with:
- file_path: "C:/path/to/my_payloads.txt"
- injection_type: "union_based"
- name: "my_custom"

Security Notice

⚠️ This tool is intended for authorized security testing only. Always obtain proper authorization before testing any system for vulnerabilities. Unauthorized access to computer systems is illegal.

License

MIT

Tools (6)

scan_urlFull URL scan for SQLi in all detected parameters
scan_get_parameterTest specific GET parameter
scan_post_parameterTest specific POST parameter
scan_urls_batchScan multiple URLs (newline-separated, up to 500)
scan_urls_from_fileScan URLs from a file (one per line)
get_vulnerable_urlsGet only vulnerable URLs from batch

Configuration

claude_desktop_config.json
{"mcpServers": {"sqli-scanner": {"command": "uv", "args": ["--directory", "C:/path/to/SQLinjector_MCP", "run", "sqli-mcp"]}}}

Try it

Scan the URL http://vulnerable-site.com/page?id=1 for SQL injection vulnerabilities.
Perform an authenticated POST scan on http://site.com/login using the username parameter and my session cookie.
Run a batch scan on the URLs provided in C:/path/to/urls.txt with a concurrency of 5.
Scan http://target.com/page?id=1 for SQLi using comment injection as a WAF bypass strategy.

Frequently Asked Questions

What are the key features of SQL Injection MCP Server?

Supports multiple injection types including error-based, time-based, and union-based.. Compatible with MySQL, MSSQL, PostgreSQL, Oracle, and SQLite databases.. Includes WAF bypass strategies like URL encoding, hex encoding, and comment injection.. Supports authenticated testing via custom headers, cookies, and Bearer tokens.. Allows proxying traffic through tools like Burp Suite..

What can I use SQL Injection MCP Server for?

Automated security auditing of web applications during development.. Bulk scanning of multiple endpoints for common SQL injection vulnerabilities.. Testing web application resilience against WAF bypass techniques.. Authenticated vulnerability assessment of login forms and protected endpoints..

How do I install SQL Injection MCP Server?

Install SQL Injection MCP Server by running: cd SQLinjector_MCP && uv sync

What MCP clients work with SQL Injection MCP Server?

SQL Injection MCP Server works with any MCP-compatible client including Claude Desktop, Claude Code, Cursor, and other editors with MCP support.

Turn this server into reusable context

Keep SQL Injection MCP Server docs, env vars, and workflow notes in Conare so your agent carries them across sessions.

Need the old visual installer? Open Conare IDE.
Open Conare
View all other servers →

Related MCP Servers

Nuclear
Free, open-source music player without ads or tracking.
other17.1K stars
Domain Check
Fast domain availability checker with RDAP/WHOIS lookup and batch checking.
other253 stars
Ableton MCP Extended
Control Ableton Live using natural language via AI assistants
other142 stars
US Government Open Data MCP
MCP Server + TypeScript SDK for 40+ U.S. Government APIs
other90 stars
Garmin Connect
Access your fitness, health, and training data from MCP clients.
other71 stars
BinjaLattice MCP
Secure communication protocol for Binary Ninja and MCP servers
other61 stars