From c9a64b9e82eea5470169cc7dd6e72dd371da31d7 Mon Sep 17 00:00:00 2001
From: Mike McCabe <mccabe615@gmail.com>
Date: Wed, 9 Oct 2013 11:09:15 -0400
Subject: [PATCH] adding simple sqlmap gauntlt script, WIP

---
 gauntlt_scripts/sqlmap.attack | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 gauntlt_scripts/sqlmap.attack

diff --git a/gauntlt_scripts/sqlmap.attack b/gauntlt_scripts/sqlmap.attack
new file mode 100644
index 0000000..f766c61
--- /dev/null
+++ b/gauntlt_scripts/sqlmap.attack
@@ -0,0 +1,17 @@
+#sqlmap.attack
+Feature: Run sqlmap against a target
+  # See:
+  #   https://github.com/sqlmapproject/sqlmap/wiki/Usage
+
+  Scenario: Identify SQL injection vulnerabilities
+  	Given "sqlmap" is installed
+  	And the following profile:
+    	| target_url  | http://localhost:300/|
+  	When I launch a "sqlmap" attack with:
+    	"""
+    	/usr/bin/python <sqlmap_path> -u <target_url> --dbms sqlite
+    	"""
+  	Then the output should contain:
+    	"""
+    	sqlmap identified the following injection points
+    	"""
\ No newline at end of file