== Individuals ==

David Alvarez <[email protected]>

for reporting a bug

Chip Andrews <[email protected]>

for his excellent work maintaining the SQL Server versions database

at SQLSecurity.com and permission to implement the update feature

taking data from his site

Smith Andy <[email protected]>

for suggesting a feature

Otavio Augusto <[email protected]>

for reporting a minor bug

Simon Baker <[email protected]>

for reporting some bugs

Daniele Bellucci <[email protected]>

for starting sqlmap project and developing it between July and August

2006

Velky Brat <[email protected]>

for suggesting a minor enhancement to the bisection algorithm

Jack Butler <[email protected]>

for providing me with the sqlmap site favicon

Roberto Castrogiovanni <[email protected]>

for reporting a minor bug

Cesar Cerrudo <[email protected]>

for his Windows access token kidnapping tool Churrasco included in

sqlmap tree as a contrib library and used to run the stand-alone

payload stager on the target Windows machine as SYSTEM user if the

user wants to perform a privilege escalation attack,

http://www.argeniss.com/research/TokenKidnapping.pdf

Karl Chen <[email protected]>

for providing with the multithreading patch for the inference

algorithm

Y P Chien <[email protected]>

for reporting a minor bug

Pierre Chifflier <[email protected]> and Mark Hymers <[email protected]>

for uploading and accepting the sqlmap Debian package to the official

Debian project repository

Andreas Constantinides <[email protected]>

for reporting a minor bug

Ulises U. Cune <[email protected]>

for reporting a bug

Alessandro Curio <[email protected]>

for reporting a minor bug

Stefano Di Paola <[email protected]>

for suggesting good features

Mosk Dmitri <[email protected]>

for reporting a minor bug

Dan Guido <[email protected]>

for promoting sqlmap in the context of the Penetration Testing and

Vulnerability Analysis class at the Polytechnic University of New York,

http://isisblogs.poly.edu/courses/pentest/

Adam Faheem <[email protected]>

for reporting a few bugs

James Fisher <[email protected]>

for providing me with two very good feature requests

for his great tool too brute force directories and files names on

web/application servers, Dir Buster, http://tinyurl.com/dirbuster

Jim Forster <[email protected]>

for reporting a bug

Rong-En Fan <[email protected]>

for commiting the sqlmap 0.5 port to the official FreeBSD project

repository

Giorgio Fedon <[email protected]>

for suggesting a speed improvement for bisection algorithm

for reporting a bug when running against Microsoft SQL Server 2005

Kasper Fons <[email protected]>

for reporting several bugs

Jose Fonseca <[email protected]>

for his Gprof2Dot utility for converting profiler output to dot

graph(s) and for his XDot utility to render nicely dot graph(s),

both included in sqlmap tree inside extra folder. These libraries

are used for sqlmap development purposes only

http://code.google.com/p/jrfonseca/wiki/Gprof2Dot

http://code.google.com/p/jrfonseca/wiki/XDot

Alan Franzoni <[email protected]>

for helping me out with Python subprocess library

Daniel G. Gamonal <[email protected]>

for reporting a minor bug

Ivan Giacomelli <[email protected]>

for reporting a bug

for suggesting a minor enhancement

for reviewing the documentation

Oliver Gruskovnjak <[email protected]>

for reporting a bug

for providing me with a minor patch

Davide Guerri <[email protected]>

for suggesting an enhancement

David Guimaraes <[email protected]>

for reporting several bugs

Chris Hall <[email protected]>

for coding the prettyprint.py library

Kristian Erik Hermansen <[email protected]>

for reporting a bug

for donating to sqlmap development

Jorge Hoya <[email protected]>

for suggesting a minor enhancement

Will Holcomb <[email protected]>

for his MultipartPostHandler class to handle multipart POST forms and

permission to include it within sqlmap source code

Daniel Huckmann <[email protected]>

for reporting a couple of bugs

Mounir Idrassi <[email protected]>

for his compiled version of UPX for Mac OS X

Daliev Ilya <[email protected]>

for reporting a bug

Dirk Jagdmann <[email protected]>

for reporting a typo in the documentation

Luke Jahnke <[email protected]>

for reporting a bug when running against MySQL < 5.0

David Klein <[email protected]>

for reporting a minor code improvement

Sven Klemm <[email protected]>

for reporting two minor bugs with PostgreSQL

Anant Kochhar <[email protected]>

for providing me with feedback on the user's manual

Alexander Kornbrust <[email protected]>

for reporting a couple of bugs

Krzysztof Kotowicz <[email protected]>

for reporting a minor bug

Nicolas Krassas <[email protected]>

for reporting a bug

Alex Landa <[email protected]>

for providing a patch adding support for XML output

Guido Landi <[email protected]>

for reporting a couple of bugs

for the great technical discussions

for Microsoft SQL Server 2000 and Microsoft SQL Server 2005

'sp_replwritetovarbin' stored procedure heap-based buffer overflow

(MS09-004) exploit development

for presenting with me at SOURCE Conference 2009 in Barcelona (Spain)

on September 21, 2009 and at CONfidence 2009 in Warsaw (Poland) on

November 20, 2009

Lee Lawson <[email protected]>

for reporting a minor bug

Nico Leidecker <[email protected]>

for providing me with feedback on a few features

for reporting a couple of bugs

Gabriel Lima <[email protected]>

for reporting a couple of bugs

Pavol Luptak <[email protected]>

for reporting a bug when injecting on a POST data parameter

Michael Majchrowicz <[email protected]>

for extensively beta-testing sqlmap on various MySQL DBMS

for providing really appreciated feedback

for suggesting a lot of ideas and features

Ferruh Mavituna <[email protected]>

for providing me with ideas on the implementation of a couple of

new features

Enrico Milanese <[email protected]>

for reporting a bugs when using (-a) a single line User-Agent file

for providing me with some ideas for the PHP backdoor

Alejo Murillo Moya <[email protected]>

for suggesting a feature

Roberto Nemirovsky <[email protected]>

for pointing me out some enhancements

Markus Oberhumer <[email protected]>

Laszlo Molnar <[email protected]>

John F. Reiser <[email protected]>

for their great tool UPX (Ultimate Packer for eXecutables) included

in sqlmap tree as a contrib library and used mainly to pack the

Metasploit Framework 3 payload stager portable executable,

http://upx.sourceforge.net

Simone Onofri <[email protected]>

for patching the PHP web backdoor to make it work properly also on

Windows

Shaohua Pan <[email protected]>

for reporting few bugs

for suggesting a feature

Antonio Parata <[email protected]>

for providing me with some ideas for the PHP backdoor

Adrian Pastor <[email protected]>

for donating to sqlmap development

Chris Patten <[email protected]>

for reporting a bug in the blind SQL injection bisection algorithm

Adam Pridgen <[email protected]>

for suggesting some features

Phat R. <[email protected]>

for reporting a minor bug

Ole Rasmussen <[email protected]>

for reporting a bug

for suggesting a feature

Alberto Revelli <[email protected]>

for inspiring me to write sqlmap user's manual in SGML

for his great Microsoft SQL Server take over tool, sqlninja,

http://sqlninja.sourceforge.net

Andres Riancho <[email protected]>

for beta-testing sqlmap

for reporting a bug and suggesting some features

for including sqlmap in his great web application audit and attack

framework, w3af, http://w3af.sourceforge.net

Antonio Riva <[email protected]>

for reporting a bug when running with python 2.5

Ethan Robish <[email protected]>

for reporting a bug

Richard Safran <[email protected]>

for donating the sqlmap.org domain control

Tomoyuki Sakurai <[email protected]>

for submitting to the FreeBSD project the sqlmap 0.5 port

Marek Sarvas <[email protected]>

for reporting a couple of bugs

Philippe A. R. Schaeffer <[email protected]>

for reporting a minor bug

Sven Schluter <[email protected]>

for providing with a patch for waiting a number of seconds between

each HTTP request

Uemit Seren <[email protected]>

for reporting a minor adjustment when running with python 2.6

Brian Shura <[email protected]>

for reporting a bug

Sumit Siddharth <[email protected]>

for providing me with ideas on the implementation of a couple of

features

M Simkin <[email protected]>

for suggesting a feature

Konrads Smelkovs <[email protected]>

for reporting a few bugs in --sql-shell and --sql-query on Microsoft

SQL Server

Marek Stiefenhofer <[email protected]>

for reporting a bug

Jason Swan <[email protected]>

for reporting a bug when enumerating columns on Microsoft SQL Server

for suggesting a couple of improvements

Chilik Tamir <[email protected]>

for providing a patch for initial support SOAP requests

Alessandro Tanasi <[email protected]>

for extensively beta-testing sqlmap

for suggesting many features and reporting some bugs

for reviewing the documentation

Andres Tarasco <[email protected]>

for providing me with good feedback

Efrain Torres <[email protected]>

for helping me out to improve the Metasploit Framework 3 sqlmap

auxiliary module and for commiting it on the Metasploit official

subversion repository

for his great Metasploit WMAP Framework

Sandro Tosi <[email protected]>

for helping to create sqlmap Debian package correctly

Vitaly Turenko <[email protected]>

for reporting a bug

Augusto Urbieta <[email protected]>

for reporting a minor bug

Bedirhan Urgun <[email protected]>

for reporting a few bugs

for suggesting some features and improvements

for benchmarking sqlmap in the context of his SQL injection

benchmark project, OWASP SQLiBench, http://code.google.com/p/sqlibench

Kyprianos Vasilopoulos <[email protected]>

for reporting an unhandled connection exception

Anthony Zboralski <[email protected]>

for providing me with detailed feedback

for reporting a few minor bugs

for donating to sqlmap development

Thierry Zoller <[email protected]>

for reporting a couple of major bugs

dragoun dash <[email protected]>

for reporting a minor bug

fufuh <[email protected]>

for reporting a bug when running on Windows

m4l1c3 <[email protected]>

for reporting a minor bug

mariano <[email protected]>

for reporting a bug

mitchell <[email protected]>

for reporting a bug

pacman730 <[email protected]>

for reporting a bug

shiftzwei <[email protected]>

for reporting a couple of bugs

Stuffe <[email protected]>

for reporting a minor bug and a feature request

Sylphid <[email protected]>

for suggesting some features

== Organizations ==

Black Hat team <[email protected]>

for the opportunity to present my research on 'Advanced SQL injection

to operating system full control' at Black Hat Europe 2009 Briefings on

April 16, 2009 in Amsterdam (NL). I unveiled and demonstrated some of

the sqlmap 0.7 release candidate version new features during my

presentation

Metasploit LLC <[email protected]>

for their powerful tool Metasploit Framework 3, used by sqlmap, among

others things, to create the shellcode and establish an out-of-band

connection between sqlmap and the database server,

http://www.metasploit.com/framework

OWASP Board <http://www.owasp.org>

for sponsoring part of the sqlmap development in the context of OWASP

Spring of Code 2007