Search Results for "sql injection" - Page 2
Sort By:
Showing 169 open source projects for "sql injection"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Automated RMM Tools | RMM SoftwareOut-of-the-box scripts. Around-the-clock monitoring. Unmatched automation capabilities. Start doing more with less and exceed service delivery expectations.
-
1
ThetaDrive is a cross-platform open-source Google Drive alternative, that is an easily configurable full-stack FTP server application that works on both Windows and Linux. It comes ready to deploy with advanced features like two-step authentication via SMTP, SSL/TLS connection encryption, SSL certificate generation, and customizable security and database attributes. The website is hosted live at: https://theta-drive.org [Update] 🆕 Fixed bug regarding the load-up of the AES key 🆕 Moved...
-
2
CerberusCMS5
Cerberus Content Management System
Cerberus Content Management System is a dynamic, secure and infinitely expandable CMS designed after a Unix-Like model. It is a custom written Web Application Framework ( W.A.F. ) with a consistent and custom written Pre-Hyper-Text-Post-Processor Programming Code Framework ( P.C.F. ). This Web Application Software Project' aim is to be the fastest and most secure Web Application Framework, Web Application Programming Code Framework, Text, Voice and Video Communications Platform and Content... -
3
Cerberus Content Management System 6
Cerberus Content Management System
Cerberus Content Management System is a dynamic, secure and infinitely expandable CMS designed after a Unix-Like model complete with a Unix-Like Kernel File named: Cerberus. It is a custom written Web Application Framework ( W.A.F. ) with a consistent and custom written Pre-Hyper-Text-Post-Processor Programming Code Framework ( P.C.F. ). This Web Application Software Project' aim is to be the fastest and most secure Web Application Framework, Web Application Programming Code Framework, Text,... -
4
jsql-injection
jSQL Injection is a Java application for automatic SQL database injec
jSQL project has moved to https://github.com/ron190/jsql-injection jSQL Injection is a lightweight application used to find database information from a distant server. It is free, open source and cross-platform (Windows, Linux, Mac OS X). Kali Linux logo jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in distributions like Pentest Box, Parrot Security OS, ArchStrike or BlackArch Linux. -
Axe Credit Portal - ACP- is axefinance’s future-proof AI-driven solution to digitalize the loan process from KYC to servicing, available as a locally hosted or cloud-based software.Founded in 2004, axefinance is a global market-leading software provider focused on credit risk automation for lenders looking to provide an efficient, competitive, and seamless omnichannel financing journey for all client segments (FI, Retail, Commercial, and Corporate.)
-
5
amber
A Crystal web framework that makes building applications fast
...Instead of having to plan where things go, Amber comes with a set of conventions to guide you in developing your application. Tools are built-in to prevent and mitigate common attacks against web applications. Minimize the risk of SQL injection, form tampering, cross-site request forgery, and several other attacks. Crystal is a type safe, compiled language inspired by the simplicity of Ruby. -
6
sqlid
SQL Injection Detector Modules Program for preventing SQL Injection
SQLID-URAC (SQL Injection Detector using Regex & Aho-Corasick) Current Version: v.3.0.1.8d SQL Injection Detector using Regex and Aho-Corasick algorithm for preventing SQL Injection attack. -
7
Cetus
Cetus is a high performance middleware that provides routing
...Cetus is divided into two versions: read-write separation and sub-library (sub-table is a special form of sub-library). Multi-process lock-free improves operating efficiency. Supports transparent backend connection pooling. Support SQL read-write separation. Support data sub-database. Support distributed transaction processing. Support insert batch operations. Support for conditional distinct operations. Enhanced SQL route parsing and injection. -
8
GraphQLmap
GraphQLmap is a scripting engine to interact with endpoints
GraphQLmap is a Python-based scripting engine designed to interact with GraphQL endpoints for penetration testing purposes. It can connect to a target GraphQL endpoint, dump the schema (if introspection is enabled), query it interactively, and fuzz fields for NoSQL/SQL injection vectors, thereby revealing hidden attack surfaces. GraphQL endpoints represent a relatively newer attack vector compared to REST, and GraphQLmap helps bridge this gap by providing tooling tailored to the GraphQL paradigm. Because many modern applications adopt GraphQL for flexibility, this tool is useful when scanning and attacking API back ends where typical REST-based tools fall short. ... -
9
pH7 Social Dating CMS (pH7Builder)❤️
🚀 Professional Social Dating Web App Builder (formerly pH7CMS)
pH7Builder is a Professional, Free & Open Source PHP Social Dating Builder Software (primarily designed for developers ...). This Social Dating Web App is fully coded in object-oriented PHP (OOP) with the MVC pattern (Model-View-Controller). It is low resource-intensive, extremely powerful and highly secure. pH7Builder is included with over 42 native modules and is based on its homemade pH7 Framework which includes more than 52 packages To summarize, pH7Builder Social Dating Script... -
Incredable is the first DLT-secured platform that allows you to save time, eliminate errors, and ensure your organization is compliant all in one place.Incredable streamlines and simplifies the complex process of medical credentialing for hospitals and medical facilities, helping you save valuable time, reduce costs, and minimize risks. With Incredable, you can effortlessly manage all your healthcare providers and their credentials within a single, unified platform. Our state-of-the-art technology ensures top-notch data security, giving you peace of mind.
-
10
Zero Site Protector
Human verification & attack prevention for website security
...The plugin includes features such as human verification, which ensures that only legitimate users are able to access your site. It also includes protection against various types of attacks such as cross-site scripting (XSS) and SQL injection. Additionally, the plugin allows you to block access to your site from certain geographical regions, IP addresses, and browsers, providing an extra layer of security. It also has a badword sensor feature which will censor inappropriate words from user input. All in all, the zero-site-protector plugin offers a comprehensive security solution for your website, helping to keep your site and its users safe and secure. -
11
GoKart
A static analysis tool for securing Go code
...It is capable of tracing the source of variables and function arguments to determine whether input sources are safe, which reduces the number of false positives compared to other Go security scanners. For instance, a SQL query that is concatenated with a variable might traditionally be flagged as SQL injection; however, GoKart can figure out if the variable is actually a constant or constant equivalent, in which case there is no vulnerability. GoKart also helps to power Chariot, Praetorian's security platform that helps you find, manage, and fix vulnerabilities in your source code and cloud environments. ... -
12
Security Code Scan
Vulnerability Patterns Detector for C# and VB.NET
Detects various security vulnerability patterns. SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc. Inter-procedural taint analysis for input data. Continuous Integration (CI) support for GitHub and GitLab pipelines. Stand-alone runner or through MSBuild for custom integrations. Analyzes .NET and .NET Core projects in the background (IntelliSense) or during a build. -
13
Chloe
A lightweight and high-performance Object/Relational Mapping(ORM)
...You can query data like LINQ and do any things(Join Query | Group Query | Aggregate Query | Insert | Batch Update | Batch Delete) by lambda with Chloe.ORM. Pay attention to splicing lambda expression trees by yourself, do not wrap your variables with ConstantExpression, otherwise, non-parameterized sql will be generated, and there is a risk of sql injection! If the entity does not explicitly specify any auto-increment columns and the primary key is of type Int16, Int32, or Int64, the default primary key is the auto-increment column. If it is not an auto-increment column, it needs to be marked with the attribute NonAutoIncrementAttribute. -
14
kangle is a light, high-performance web server.support fastcgi/isapi/ajp/uwsgi/scgi/hmux protocol.include a http manage console. Full support access control. memory/disk cache. virtual host can run in seperate process and user. and more
-
15
mop-aiv
( APP INVENTOR VERSION ) MOP is a php query handling and manipulation
-
16
FireCX
Open source OWASP penetration testing tool written in Python 3
FireCX is an open source OWASP penetration testing tool written in Python 3, that can speed up the the process of finding common PHP vulnerabilities in PHP code, i.e. command injection, local/remote file inclusion and SQL injection. -
17
Big List of Naughty Strings
List of strings which have a high probability of causing issues
The Big List of Naughty Strings is a community-maintained catalog of “gotcha” inputs that commonly break software, from unusual Unicode to SQL and script injection payloads. It exists so developers and QA engineers can easily test edge cases that normal test data would miss, such as zero-width characters, right-to-left marks, emojis, foreign alphabets, and long or malformed strings. By throwing these strings at forms, APIs, databases, and UIs, teams can discover encoding bugs, sanitizer gaps, rendering issues, and security oversights early. ... -
18
NAXSI module
NGINX compiled with NBS System NAXSI
This image is based on the nginx:mainline image (see on Dockerhub) and recompiled with the same ./configure options from vanilla NGINX sources with the addition of --add-module=naxsi. -
19
Naxsi
Open-source, high performance, low rules maintenance WAF for NGINX
Technically, it is a third-party Nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset of simple (and readable) rules containing 99% of known patterns involved in website vulnerabilities. For example, <, | or drop are not supposed to be part of a URI. Being very simple, those patterns may match legitimate queries, it is Naxsi's administrator duty to add specific rules that will whitelist legitimate behaviors. The administrator can... -
20
raptor_waf
Raptor - Web application firewall [ Stable version ]
Web application firewall in C using DFA to block attacks. read Docs ! http://funguscodes.blogspot.com.br/2016/08/steps-to-create-your-wafweb-application.html -
21
PHP mini vulnerability suite
Multiple server/webapp vulnerability scanner
github: https://github.com/samedog/phpmvs -
22
SQLi-LAB
SQL injection Demo Lab py PentesterLab
-
23
PHPCorrector
XSS and SQLi vulnerabilities corrrector for PHP web applications
PHPCorrector is a tool that scans your PHP code to find Cross-Site Scripting (XSS) and SQL Injection (SQLi) vulnerabilities. When a vulnerability is found, it is corrected automatically. -
24
OWASP ModSecurity CRS
OWASP ModSecurity Core Rule Set (CRS) Project
The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ... -
25
NodeGoat
The OWASP NodeGoat project
A deliberately vulnerable Node.js application designed for security training, helping developers understand common web vulnerabilities and how to mitigate them.
