Search Results for "sql injection\"

A Json-based Rules Engine with extensive Dynamic expression support. RulesEngine is a highly extensible library to build a rule-based system using C# expressions. Rules Engine is a library/NuGet package for abstracting business logic/rules/policies out of a system. It provides a simple way of giving you the ability to put your rules in a store outside the core logic of the system, thus ensuring that any change in rules don't affect the core system. You need to store the rules based on the...

Detects various security vulnerability patterns. SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc. Inter-procedural taint analysis for input data. Continuous Integration (CI) support for GitHub and GitLab pipelines. Stand-alone runner or through MSBuild for custom integrations. Analyzes .NET and .NET Core projects in the background (IntelliSense) or during a build.

...You can query data like LINQ and do any things(Join Query | Group Query | Aggregate Query | Insert | Batch Update | Batch Delete) by lambda with Chloe.ORM. Pay attention to splicing lambda expression trees by yourself, do not wrap your variables with ConstantExpression, otherwise, non-parameterized sql will be generated, and there is a risk of sql injection! If the entity does not explicitly specify any auto-increment columns and the primary key is of type Int16, Int32, or Int64, the default primary key is the auto-increment column. If it is not an auto-increment column, it needs to be marked with the attribute NonAutoIncrementAttribute.

...Instead of just pattern matching text, CodeQL ingests source code, builds rich representations of structure and data flow, and allows queries that reason about control flow, type systems, and interprocedural relationships. This makes it powerful not just for basic linting but for deep detection of complex security flaws like SQL injection, cross-site scripting, and taint propagation that traditional static analyzers can miss. CodeQL is used by security teams, developers, and open-source tooling to create reusable query libraries, enforce policy across repositories, and automate findings in CI/CD pipelines.

The DbPipeline.NET OR-Mapper library was created out of frustration of the shortcomings of Entity Framework in handling stateless web applications and hiding of SQL from skilled developers. The DbPipeline.NET Database Interface Library shields you, the programmer, from having to learn and work with all the ADO.NET or Entity Framework database objects at a low level, and encapsulates all this power into objects with many additional capabilities and features that are not offered in the...

SQLI Hunter is an automation tool to scan for an Sql Injection vulnerability in a website. It automates the search of sqli vulnerable links from Google using google dorks! SQLI Hunter can also find admin page of any website by using some predefined admin page lists. Fast and Easy to use ! ================ Coded By MAK ================

smartData for Microsoft .Net Framework. This project create on sql and ole factory technology and have injection security, typed query...

SQL DB INJECTOR, Oracle, SQL SERVER BY WINDOWS .NET(2.0)

A graphical application created in C# .Net 1.1 that helps the penetration tester to inject SQL commands on a web page. Its main strength is its capacity to automate tedious blind SQL injection with several threads. Under Clarified Artistic License

Absinthe is an automated SQL injection utility capable of both blind and verbose SQL injections.

SecuBat is a generic and modular web vulnerability scanner that, similar to a port scanner, automatically analyzes web sites with the aim of finding exploitable SQL injection and XSS vulnerabilities.