Here lists of sqlmap Tamper scripts with with explanation

apostrophemask.py

Function: Encoding quotation marks with utf8

apostrophenullencode.py

Function: ‘ ==> %00%27

appendnullbyte.py

Function: Space ==> %00

base64encode.py

Function: base64 encode

between.py

Function: > ==> NOT BETWEEN 0 AND

bluecoat.py

Function: Space ==> %09

chardoubleencode.py

Function: Double url encoding

charencode.py

Function: url encoding

charunicodeencode.py

Function: escape code

commalesslimit.py

Function: limit 2,3 ==> LIMIT 3 OFFSET 2

commalessmid.py

Function: MID(VERSION(), 1, 1) ==> MID(VERSION() FROM 1 FOR 1)

concat2concatws.py

Function: CONCAT() ==> CONCAT_WS()

equaltolike.py

Function: = ==> like

escapequotes.py

Function: ‘ ==> \‘、” ==> \“

greatest.py

Function: > ==> GREATEST

halfversionedmorekeywords.py

Function: Space ==> /*!0

ifnull2ifisnull.py

Function: IFNULL(A, B) ==> IF(ISNULL(A), B, A)

informationschemacomment.py

Function: Space ==> /**/

lowercase.py

Function: INSERT ==> insert

modsecurityversioned.py

Function: AND ==> /!12345AND/

multiplespaces.py

Function: Space==> Multiple spaces

nonrecursivereplacement.py

Function: union ==> uniunionon

overlongutf8.py

Function: unicode encoding

percentage.py

Function: select ==> s%e%l%e%c%t

randomcase.py

Function: INSERT ==> INseRt

randomcomments.py

Function: INSERT ==> I/**/N/**/SERT

securesphere.py

Function: 1 AND 1=1 ==> 1 AND 1=1 and ‘0having’=’0having’

sp_password.py

Function: Space ==> sp_password

space2comment.py

Function: Space ==> /**/

space2dash.py

Function: Space==> -nVNaVoPYeva% 0A

space2hash.py

Function: Space ==> %23nVNaVoPYeva%0A

space2morehash.py

Function: Space ==> %23ngNvzqu%0A

space2mssqlblank.py

Function: Space ==> %0E

space2mssqlblank.py

Function: Space ==> %23%0A

space2mysqlblank.py

Function: Space ==> %2B, %0D, %0C

space2mysqldash.py

Function: Space==> –%0A

space2plus.py

Function: Space ==> +

space2randomblank.py

Function: Space ==> %0D, %0A, %0C, %09

symboliclogical.py

Function: and ==> %26%26

thinkphp.py

Platform: Mysql

unionalltounion.py

Function: Replace All is empty

unmagicquotes.py

Function: ‘ ==> %df%27

uppercase.py

Function: Lower case to upper case

varnish.py

Function: header

versionedkeywords.py

Function: union ==> /!union/

versionedmorekeywords.py

Function: union ==> /!union/

xforwardedfor.py

Function: X-Forwarded-For Random Head

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store