== Individuals ==

Chip Andrews <[email protected]>

for his excellent work maintaining the SQL Server versions database

at SQLSecurity.com and permission to implement the update feature

taking data from his site

Daniele Bellucci <[email protected]>

for starting sqlmap project and developing it between July and August

2006

Jack Butler <[email protected]>

for providing me with the sqlmap site favicon

Cesar Cerrudo <[email protected]>

for his Windows access token kidnapping tool Churrasco included in

sqlmap tree as a contrib library and used to run the stand-alone

payload stager on the target Windows machine as SYSTEM user if the

user wants to perform a privilege escalation attack,

http://www.argeniss.com/research/Churrasco.zip

Karl Chen <[email protected]>

for providing with the multithreading patch for the inference

algorithm

Pierre Chifflier <[email protected]>

for uploading the sqlmap 0.6.2 Debian package to the official Debian

project repository

Ulises U. Cune <[email protected]>

for reporting a bug

Stefano Di Paola <[email protected]>

for suggesting good features

Dan Guido <[email protected]>

for promoting sqlmap in the context of the Penetration Testing and

Vulnerability Analysis class at the Polytechnic University of New York,

http://isisblogs.poly.edu/courses/pentest/

Adam Faheem <[email protected]>

for reporting a few bugs

Jim Forster <[email protected]>

for reporting a bug

Rong-En Fan <[email protected]>

for commiting the sqlmap 0.5 port to the official FreeBSD project

repository

Giorgio Fedon <[email protected]>

for suggesting a speed improvement for bisection algorithm

for reporting a bug when running against Microsoft SQL Server 2005

Alan Franzoni <[email protected]>

for helping me out with Python subprocess library

Ivan Giacomelli <[email protected]>

for reporting a bug

for suggesting a minor enhancement

for reviewing the documentation

Davide Guerri <[email protected]>

for suggesting an enhancement

Kristian Erik Hermansen <[email protected]>

for reporting a bug

for donating to sqlmap development

Jorge Hoya <[email protected]>

for suggesting a minor enhancement

Will Holcomb <[email protected]>

for his MultipartPostHandler class to handle multipart POST forms and

permission to include it within sqlmap source code

Mounir Idrassi <[email protected]>

for his compiled version of UPX for Mac OS X

Luke Jahnke <[email protected]>

for reporting a bug when running against MySQL < 5.0

Anant Kochhar <[email protected]>

for providing me with feedback on the user's manual

Alexander Kornbrust <[email protected]>

for reporting a couple of bugs

Nicolas Krassas <[email protected]>

for reporting a bug

Guido Landi <[email protected]>

for the great technical discussions

for Microsoft SQL Server 2000 and Microsoft SQL Server 2005

'sp_replwritetovarbin' stored procedure heap-based buffer overflow

(MS09-004) exploit development, http://www.milw0rm.com/author/1413

Nico Leidecker <[email protected]>

for providing me with feedback on a few features

Gabriel Lima <[email protected]>

for reporting a couple of bugs

Pavol Luptak <[email protected]>

for reporting a bug when injecting on a POST data parameter

Michael Majchrowicz <[email protected]>

for extensively beta-testing sqlmap on various MySQL DBMS

for providing really appreciated feedback

for suggesting a lot of ideas and features

Ferruh Mavituna <[email protected]>

for providing me with ideas on the implementation of a couple of

new features

Enrico Milanese <[email protected]>

for reporting a bugs when using (-a) a single line User-Agent file

for providing me with some ideas for the PHP backdoor

Roberto Nemirovsky <[email protected]>

for pointing me out some enhancements

Markus Oberhumer <[email protected]>

Laszlo Molnar <[email protected]>

John F. Reiser <[email protected]>

for their great tool UPX (Ultimate Packer for eXecutables) included

in sqlmap tree as a contrib library and used mainly to pack the

Metasploit Framework 3 payload stager portable executable,

http://upx.sourceforge.net

Antonio Parata <[email protected]>

for providing me with some ideas for the PHP backdoor

Chris Patten <[email protected]>

for reporting a bug in the blind SQL injection bisection algorithm

Adam Pridgen <[email protected]>

for suggesting some features

Alberto Revelli <[email protected]>

for inspiring me to write sqlmap user's manual in SGML

for his great Microsoft SQL Server take over tool, sqlninja,

http://sqlninja.sourceforge.net

Andres Riancho <[email protected]>

for beta-testing sqlmap

for reporting a bug and suggesting some features

for including sqlmap in his great web application audit and attack

framework, w3af, http://w3af.sourceforge.net

Antonio Riva <[email protected]>

for reporting a bug when running with python 2.5

Richard Safran <[email protected]>

for donating the sqlmap.org domain control

Tomoyuki Sakurai <[email protected]>

for submitting to the FreeBSD project the sqlmap 0.5 port

Philippe A. R. Schaeffer <[email protected]>

for reporting a minor bug

Sven Schluter <[email protected]>

for providing with a patch for waiting a number of seconds between

each HTTP request

Uemit Seren <[email protected]>

for reporting a minor adjustment when running with python 2.6

Sumit Siddharth <[email protected]>

for providing me with ideas on the implementation of a couple of

features

M Simkin <[email protected]>

for suggesting a feature

Konrads Smelkovs <[email protected]>

for reporting a few bugs in --sql-shell and --sql-query on Microsoft

SQL Server

Marek Stiefenhofer <[email protected]>

for reporting a bug

Jason Swan <[email protected]>

for reporting a bug when enumerating columns on Microsoft SQL Server

for suggesting a couple of improvements

Alessandro Tanasi <[email protected]>

for extensively beta-testing sqlmap

for suggesting many features and reporting some bugs

for reviewing the documentation

Andres Tarasco <[email protected]>

for providing me with good feedback

Efrain Torres <[email protected]>

for helping me out to improve the Metasploit Framework 3 sqlmap

auxiliary module and for commiting it on the Metasploit official

subversion repository

for his great Metasploit WMAP Framework

Sandro Tosi <[email protected]>

for helping to create sqlmap Debian package correctly

Bedirhan Urgun <[email protected]>

for reporting a few bugs

for suggesting some features and improvements

for benchmarking sqlmap in the context of his SQL injection

benchmark project, OWASP SQLiBench, http://code.google.com/p/sqlibench

Kyprianos Vassilopoulos <[email protected]>

for reporting an unhandled connection exception

Anthony Zboralski <[email protected]>

for providing me with detailed feedback

for reporting a few minor bugs

for donating to sqlmap development

fufuh <[email protected]>

for reporting a bug when running on Windows

mariano <[email protected]>

for reporting a bug

Sylphid <[email protected]>

for suggesting some features

== Organizations ==

Black Hat team <[email protected]>

for the opportunity to present my research on 'Advanced SQL injection

to operating system full control' at Black Hat Europe 2009 Briefings on

April 16, 2009 in Amsterdam (NL). I unveiled and demonstrated some of

the sqlmap 0.7 release candidate version new features during my

presentation

Metasploit LLC <[email protected]>

for their powerful tool Metasploit Framework 3, used by sqlmap, among

others things, to create the payload stager and establish an

out-of-band connection between sqlmap and the database server,

http://www.metasploit.com/framework

OWASP Board <http://www.owasp.org>

for sponsoring part of the sqlmap development in the context of OWASP

Spring of Code 2007