SQLmap

What do you like best?

It can automatically detect and use the SQL injection vulnerability database and the access server. It has a very powerful detection engine, has a penetration tester variety of characteristics, accesses to the underlying file system to extract the fingerprint database connection and execute commands that take away

What do you dislike?

Difficulty in Interfacing, Having a good user interface (GUI) will help relate better with users.

What problems are you solving with the product? What benefits have you realized?

it helps to retrieve large amounts of records from a database quickly and efficiently. Once it detects one or more SQL injections on the target host, the user can choose to perform an extensive back-end database management system fingerprinting, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specific DBMS tables/columns. Also, anyone can bypass WAF protection easily by using tamper scripts.