Thank you for considering contributing to SQL Easy! Every contribution makes this tool better for the entire security research community.
- Who Should Contribute
- Development Environment Setup
- Understanding the Codebase
- Module Architecture
- Module Dependency Graph
- Code Style Guidelines
- Submitting a Pull Request
- Adding New Features
- Testing Your Changes
- Security researchers who want to add new scanners or tools
- Python developers who want to improve the core pipeline
- Bug hunters who found a bug and want to patch it
- Documentation writers who want to improve clarity
Fork the repository on GitHub, then clone your fork:
git clone https://github.com/syed-sameer-ul-hassan/SQL-Easy.git
cd SQL-EasyMake the sqleasy command available globally across your system:
sudo cp sqleasy /usr/local/bin/sqleasy
sudo chmod +x /usr/local/bin/sqleasy
sqleasy installThis will automatically create a configuration directory at ~/.config/sqleasy to save the dynamic project path and prompt you to install backend dependencies (sqlmap, subfinder, httpx, and katana).
If you are developing or testing Python packages locally:
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txtflowchart TD
A([Fork Repo on GitHub]) --> B[git clone your fork]
B --> C[cd SQL-Easy]
C --> D[sudo cp sqleasy /usr/local/bin/sqleasy]
D --> E[sqleasy install]
E --> F[Install Backend Tools]
F --> G[python3 -m venv .venv]
G --> H[source .venv/bin/activate]
H --> I[pip install -r requirements.txt]
I --> J([Ready to develop!])
Before making any changes, it is critical to understand which module does what. Every feature maps to a specific file.
flowchart TD
A[main.py\nOrchestrator] --> B[core/config.py\nCLI Flags]
A --> C[core/utils.py\nDependency Check & Cleanup]
A --> D[core/recon.py\nSubfinder + Httpx + arjun\ngau + Katana + URL Filter]
A --> E[core/display.py\nBanner + Target Menu]
A --> F[core/scanner.py\nSQLMap + Nuclei Executor]
F --> G[core/logging.py\nCSV + JSON Exporter]
This file is the entry point. It imports all core/ modules and calls them in sequence. It also wraps the entire execution in a global try...except KeyboardInterrupt block to ensure safe cleanup when the user presses Ctrl+C.
Rule: Do not add business logic here. Only orchestration calls.
Contains all argparse definitions.
When to edit: If you want to add a new command-line flag.
parser.add_argument('-d', '--domain', help='Target domain')
parser.add_argument('-t', '--threads', default=10, type=int)
parser.add_argument('--proxy', help='Proxy URL')
parser.add_argument('--delay', default=0, type=int)
parser.add_argument('--level', default=3, type=int)
parser.add_argument('--risk', default=2, type=int)
parser.add_argument('--tables', action='store_true')
parser.add_argument('--dump', action='store_true')
parser.add_argument('--logs', action='store_true')
parser.add_argument('--report', action='store_true')
parser.add_argument('--clear', action='store_true')Contains two functions:
check_dependencies()- Verifies the 4 required tools are in PATH (subfinder, httpx, katana, sqlmap). Optional tools (nuclei, arjun, gau) are checked silently at runtime and skipped if absent.cleanup()- Deletes.subs.txt,.live_subs.txt,.targets.txt
When to edit: If you add a new required tool to the pipeline.
The most complex module. Full v1.2.0 pipeline:
- Subfinder - passive subdomain enumeration (live stdout streaming)
- Httpx - live host probing across 5 ports (live stdout streaming)
- Arjun (optional) - hidden parameter bruteforce on up to 5 live hosts
- GAU / Waybackurls (optional) - historical URL harvest
- Katana - active URL crawling with inline counter
- URL Filter - strips static assets and cache-buster-only params
- Priority Sort - 20+ high-value params pushed to top, cap of 50 URLs
When to edit: Subdomain discovery, live host probing, URL filtering, sorting logic, or adding new recon tools.
Builds the SQLMap command from user input and the args config object, then executes it. v1.2.0 always applies: --batch --random-agent --forms --threads=5 --tamper=auto-rotation --timeout=10 --retries=2 plus configurable --level and --risk. After SQLMap, if nuclei is installed it runs a broad vuln scan on all live hosts. If gowitness is installed it screenshots confirmed vulnerable pages.
When to edit: SQLMap flags, default scan depth, action flags (--tables/--dump), or nuclei integration.
Renders the ASCII banner and the Wifite-style numbered target menu.
When to edit: If you want to change the visual layout or menu format.
Parses SQLMap output directory logs and writes confirmed vulnerabilities to both CSV and JSON. Also provides show_log_manager(), show_report(), and clear_logs() which are invoked by sqleasy logs, sqleasy report, and sqleasy clear.
When to edit: Add more export fields, change output format, or extend the log manager UI.
These rules are strictly enforced in all pull requests.
subprocess.run(shlex.split("sqlmap -u " + url), check=False)Never do this:
subprocess.run("sqlmap -u " + url, shell=True)Using shell=True opens the door to OS-level command injection attacks if a user passes a malicious domain name containing shell metacharacters.
try:
with open('.subs.txt', 'r', encoding='utf-8') as f:
data = f.read()
except FileNotFoundError:
print("[-] File not found")
except Exception as e:
print(f"[-] Error: {e}")The codebase is intentionally comment-free. Code should be self-explanatory through clear variable and function naming.
Every import must be actively used in the file it appears in.
print(f"{G}[+] Found: {url}{W}")Not: print("[+] Found: " + url)
feature/add-nuclei-scanner
fix/katana-crash-on-empty-output
docs/update-readme-diagrams
flowchart TD
A([Fork Repo]) --> B[Create feature branch\ngit checkout -b feature-name]
B --> C[Make changes to code]
C --> D[Test changes locally]
D --> E{All tests\npass?}
E -->|No| C
E -->|Yes| F[git add .]
F --> G[git commit -m 'describe change']
G --> H[git push origin feature-name]
H --> I[Open Pull Request on GitHub]
I --> J[Fill out PR template checklist]
J --> K[Wait for review]
K --> L{Changes\nrequested?}
L -->|Yes| C
L -->|No| M([PR Merged!])
Before submitting, confirm:
- Code uses secure list arguments for subprocess calls - no
shell=Trueand noshlex.splitstring parsing - All file I/O wrapped in
try...except - No comments left in code files
- No unused imports
-
pytest tests/ -vpasses with no failures - Tested against a real domain (or a controlled test environment)
- PR template is fully filled out
- Open
core/config.py - Add your argument to the
argparseparser - Pass
argsinto the relevant function inmain.py - Use
args.your_flaginside the target module
parser.add_argument('--timeout', default=30, type=int, help='Request timeout in seconds')- Add the tool name to
REQUIRED_TOOLSlist incore/utils.py - Add a new function in
core/recon.py(or a new filecore/your_scanner.py) - Call it from
main.pyafter the existing pipeline
flowchart TD
A[New Feature Idea] --> B{Which module\ndoes it belong to?}
B -->|New CLI flag| C[Edit core/config.py]
B -->|New recon tool| D[Edit core/recon.py]
B -->|New scanner| E[Edit core/scanner.py]
B -->|New output format| F[Edit core/logging.py]
B -->|New UI element| G[Edit core/display.py]
C & D & E & F & G --> H[Wire up in main.py]
H --> I[Test locally]
I --> J[Submit PR]
There is no automated test suite yet. Test manually by running against a controlled target.
Use these intentionally vulnerable test sites (legal to test against):
| Site | URL |
|---|---|
| DVWA | http://localhost/dvwa (local) |
| WebGoat | http://localhost:8080/WebGoat (local) |
| HackTheBox | Machines in your active session |
| TryHackMe | Machines in your active session |
sqleasy start -d sameer.orildo.onlineIf all modules run without Python errors (even if no vulnerabilities are found), your changes are safe to submit.
Open a GitHub Discussion or file an Issue using the appropriate template. We respond to all contributions promptly.
To report a bug directly, use the bug reporting portal: bug.orildo.sbs