Hack a Website using Havij (Noob Friendly)


Now-a-days, it is quite easier to build a website and promote the business. Now, even you do not need to learn various languages and scripts like HTML, CSS, Java Script, DHTML etc. to make a web page. There are numerous Web Building tools already available on Internet which make your work quite easier. You just need to Drag and Drop elements to create a beautiful webpage. Various platforms like Blogger, Word Press, Joomla can easily host your website and provide a free Domain Name. Similarly, it is also too easy to hack a website today. There are many ways to hack a website like DoS (Denial of Service), DDoS (Distributed Denial of Service), SQL Injection, XSS (Cross Site Scripting) attack. And, to make the job easier for you, there are numerous tools also available on the Internet. These tools having GUI (Graphical User Interface) are automated and you just need to press a few buttons to hack the target.

One such awesome hacking tool is Havij. It is devloped by ITSecTeam and it uses SQL (Structured Query Language) Injection method to hack a website. And, now I am going to provide a step-by-step tutorial to hack a website using Havij.


Step 1-


At first, you need to download the Havij tool. You can download it from http://www.itsecteam.com. Once downloaded, install the Havij in your system.

Step 2-

Now you need to find a vulnerable site to hack it with Havij. Remember one thing that you can not hack each and every site using this method but at least you can hack a few. You can easily find vulnerable site using Google Dorks like-



inurl:.pk/page id=


You can find more such Google Dorks on Internet easily.

Now, simply Copy and Paste these dorks in Google Search box. Within seconds, you will get thousands of site which might be vulnerable to Sql Injection. You need to find one such vulnerable site. To do so, open the site and add a ' in the address of the website and press Enter. For example, I have found a site http://www.txi.co.in/article.php?id=3. And I inserted ' in the address as follows- http://www.txi.co.in/article.php?id=3'. If the site is vulnerable then you will find an error message like-
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1

Step 3-


Once you get the address of vulnerable site then open Havij. Input the web address of the vulnerable site in Target section. In my case, it is http://www.txi.co.in/article.php?id=3 and click on Analyze button.

Step 4-


After that, Havij will take some time to analyze the target and get some information about it. So, be patient. Once Havij complete the analysis then click on Tables.

Step 5-


Now, click on Get Tables to find the tables present in website's database.

Step 6-


Once Havij find the Table, click on '+' icon to expand the entry. Here you will find many tables like Admin, Login, Users etc. Select the suitable table like Users to get user name and password of users on that site. In my case it is 'Users' as I want the user name and password of users.

Step 7-


After selecting the suitable table, click on the option Get Columns to get Columns present in the table.

Step 8-


Within minutes, Havij will find Columns. Now, select the column like username, password, email id and Click on Get Data.

Step 9-


Now, Havij will retrieve all the data like User name, Password and Email Id of users from the Column. You can use this data to Log In to the user accounts on the site and control it. You can also save these data for further use by clicking on Save Data.

NOTE- It might be tough to understand everything provided in the tutorial at once. So, if you face any problem, feel free to contact me.

The tutorial provided here is only for the educational purpose. Apply the method/tutorial/trick at your own risk. Amazing Hacking Tricks and Sanjeet Kashyap will not be responsible for the harm caused by User's action in any way.

A personal message to You
It is nice to see that you have gone through "Hack A Website using Havij (Noob Friendly)" completely. I hope you have enjoyed the article. However, if you want me to deliver more interesting hacking tutorials and article then please share my post(s). You can use Social Sharing Widget provided at the end of every post. After all, Sharing is Caring!!!
Thank you. Have a nice day ahead!!!


  1. i will try this trick but no one any track me??

    1. Surely Mohsin,
      You can use this trick frequently and do comment if you face problem. When the matter comes to tracking, I suggest you to go through my article "Hide Yourself on Internet". There I shared almost all possible way to hide yourself.

  2. Nice tutorial on Website Hacking. I like it.

  3. Can we get the admin login of the website. To edit website like placing our ads on website will be possible when we are admin. so, can we get it? #Sanjeet

  4. Nice ,is there any mobile tool like this

  5. Is there any mobile tool like this

  6. Yes, Anvesh. You can surely get Admin log using this method. You just need to choose right table to get right data.
    Hope you got me. Keep visiting.
    With Regards,
    Sanjeet Kashyap

  7. Surely, Amarjeet Prakash. Droidsqli is such a tool available for Android.