Hello Stamparm,

I have tried to use this tool for a POC with POST data, but the output is like the parameters are not vulnerable. I have tried on XVWA - SQL Injection, and these parameters are effectively vulnerables.

Can you help me please, I tried the tool with this command:

python3 dsss.py -u "http://X.X.X.X/xvwa/vulnerabilities/sqli/" --data "item=&search=1"

and the output is:

• scanning POST parameter 'item'
• scanning POST parameter 'search'

scan results: no vulnerabilities found

Thanks

1. maybe you need a cookie or smth. i really don't have experience with xvwa
2. just tried on my local SQLi setup and everything works as expected:
   
3. DSSS is just a PoC tool. do not expect miracles