Search Results for "sql injection attack"
Sort By:
44 projects for "sql injection attack" with 1 filter applied:
-
Managed MySQL, PostgreSQL, and SQL Databases on Google CloudCloud SQL is a fully managed relational database for MySQL, PostgreSQL, and SQL Server. We handle patching, backups, replication, encryption, and failover—so you can focus on your app. Migrate from on-prem or other clouds with free Database Migration Service. IDC found customers achieved 246% ROI. New customers get $300 in credits plus a 30-day free trial.
-
Cut Data Warehouse Costs up to 54% with BigQueryBigQuery delivers up to 54% lower TCO than cloud alternatives. Migrate from legacy or competing warehouses using free BigQuery Migration Service with automated SQL translation. Get serverless scale with no infrastructure to manage, compressed storage, and flexible pricing—pay per query or commit for deeper discounts. New customers get $300 in free credit.
-
1
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
2
PowerUpSQL
A PowerShell toolkit for attacking SQL Server
PowerUpSQL is a PowerShell toolkit focused on auditing, discovering, and post-exploitation activities for Microsoft SQL Server environments. It bundles a wide range of functions that help enumerate SQL Server instances, configuration settings, and potentially risky features so operators and testers can quickly understand an instance's security posture. The project is aimed at internal penetration testers and red-teamers but is also useful for database administrators and defenders who want to inventory SQL Server attack surface and hunt for misconfigurations. ... -
3
Go SQLBuilder
Powerful SQL string builder library plus a zero-config ORM
Go-SQLBuilder is a flexible and powerful SQL string builder library for the Go programming language. It aids developers in constructing SQL queries programmatically, ensuring code readability and maintainability. -
4
Sec-Context
AI Code Security Anti-Patterns distilled from 150+ sources
...It compiles insights from over 150 industry and academic sources into structured reference documents that outline real-world security problems such as hardcoded secrets, SQL injection, cross-site scripting, command injection, weak password storage, and other frequent issues that occur when code is auto-generated without context of best practices. Each anti-pattern is paired with a secure coding alternative and explanation, offering educational value for both humans and automated review agents designed to flag or correct unsafe patterns. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
Django
The Web framework for perfectionists with deadlines
Django is a high-level, free and open-source Python web framework founded on the Model–Template–View (MTV) pattern, designed to facilitate rapid development of secure, maintainable, and scalable database-driven websites. First, read docs/intro/install.txt for instructions on installing Django. Next, work through the tutorials in order (docs/intro/tutorial01.txt, docs/intro/tutorial02.txt, etc.). If you want to set up an actual deployment server, read docs/howto/deployment/index.txt for... -
6
banana-php
A balanced, adaptable PHP framework for all skill levels.
...It combines beginner-friendly simplicity with professional-grade features like: Smart Routing: Auto-configured with override options. BananaORM: Intuitive database management. Built-in Security: CSRF, XSS, and SQL injection protection. Skill-Adaptive Modes: Switch between beginner, intermediate, and advanced syntax. Perfect for rapid prototyping and scalable applications. -
7
Pentaho
Pentaho offers comprehensive data integration and analytics platform.
Pentaho couples data integration with business analytics in a modern platform to easily access, visualize and explore data that impacts business results. Use it as a full suite or as individual components that are accessible on-premise, in the cloud, or on-the-go (mobile). Pentaho enables IT and developers to access and integrate data from any source and deliver it to your applications all from within an intuitive and easy to use graphical tool. The Pentaho Enterprise Edition Free Trial... -
8
Wapiti
Wapiti is a web-application vulnerability scanner
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language. -
9
CerberusCMS5
Cerberus Content Management System
Cerberus Content Management System is a dynamic, secure and infinitely expandable CMS designed after a Unix-Like model. It is a custom written Web Application Framework ( W.A.F. ) with a consistent and custom written Pre-Hyper-Text-Post-Processor Programming Code Framework ( P.C.F. ). This Web Application Software Project' aim is to be the fastest and most secure Web Application Framework, Web Application Programming Code Framework, Text, Voice and Video Communications Platform and Content... -
Run Any Workload on Compute Engine VMsCompute Engine delivers high-performance virtual machines for web apps, databases, containers, and AI workloads. Choose from general-purpose, compute-optimized, or GPU/TPU-accelerated machine types—or build custom VMs to match your exact specs. With live migration and automatic failover, your workloads stay online. New customers get $300 in free credits.
-
10
Cerberus Content Management System 6
Cerberus Content Management System
Cerberus Content Management System is a dynamic, secure and infinitely expandable CMS designed after a Unix-Like model complete with a Unix-Like Kernel File named: Cerberus. It is a custom written Web Application Framework ( W.A.F. ) with a consistent and custom written Pre-Hyper-Text-Post-Processor Programming Code Framework ( P.C.F. ). This Web Application Software Project' aim is to be the fastest and most secure Web Application Framework, Web Application Programming Code Framework, Text,... -
11
Big List of Naughty Strings
List of strings which have a high probability of causing issues
The Big List of Naughty Strings is a community-maintained catalog of “gotcha” inputs that commonly break software, from unusual Unicode to SQL and script injection payloads. It exists so developers and QA engineers can easily test edge cases that normal test data would miss, such as zero-width characters, right-to-left marks, emojis, foreign alphabets, and long or malformed strings. By throwing these strings at forms, APIs, databases, and UIs, teams can discover encoding bugs, sanitizer gaps, rendering issues, and security oversights early. ... -
12
CodeQL
Libraries and queries that power security researchers
...Instead of just pattern matching text, CodeQL ingests source code, builds rich representations of structure and data flow, and allows queries that reason about control flow, type systems, and interprocedural relationships. This makes it powerful not just for basic linting but for deep detection of complex security flaws like SQL injection, cross-site scripting, and taint propagation that traditional static analyzers can miss. CodeQL is used by security teams, developers, and open-source tooling to create reusable query libraries, enforce policy across repositories, and automate findings in CI/CD pipelines. -
13
PHP mini vulnerability suite
Multiple server/webapp vulnerability scanner
github: https://github.com/samedog/phpmvs -
14
OWASP ModSecurity CRS
OWASP ModSecurity Core Rule Set (CRS) Project
The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. ... -
15
JavaEETest
Spring, SpringMVC, MyBatis, Spring Boot cases
JavaEETest is a comprehensive example repository showcasing Java web development using key technologies like Spring, Spring MVC, MyBatis, and Spring Boot. The project contains many small self-contained demo modules that demonstrate specific concepts such as dependency injection, MVC routing, ORM mapping, transaction management, caching, security configuration, and database interaction. It provides ready-to-run code that learners can inspect to understand how Java web apps are structured and how these frameworks collaborate under the hood. Tutorials and example code include working with REST APIs, session management, dynamic SQL with MyBatis, annotation-driven Spring configuration, and more advanced features like caching and Spring Security. ... -
16
NodeGoat
The OWASP NodeGoat project
A deliberately vulnerable Node.js application designed for security training, helping developers understand common web vulnerabilities and how to mitigate them. -
17
Squel
SQL query string builder for Javascript
Squel is a JavaScript library for fluent and safe SQL query string building, usable both in Node.js environments and in the browser. Works in Node.js and in the browser. Supports the standard SQL queries: SELECT, UPDATE, INSERT, and DELETE. Supports non-standard commands for popular DB engines such as MySQL. Supports parameterized queries for safe value escaping. It can be customized to build any query or command of your choosing. Uses method chaining for ease of use. -
18
SSM
Build SSM from distributed micro service
SSM is an open-source Java project template that demonstrates how to build web applications using the classic SSM architecture: Spring, Spring MVC, and MyBatis. It offers a structured starting point that combines Spring’s dependency injection and application configuration, Spring MVC’s request handling and view resolution, and MyBatis’s SQL mapping layer for database access, which together form a popular stack for enterprise Java applications. This repository includes sample controllers, service layers, and data access objects configured to work out of the box, helping developers see how each layer interacts and how to organize code for maintainability. ... -
19
SQLMate
Rapidly generate a DAO for SQLite
Complete source code, usage example, & a code-generated test case are included in the .jar file. ( See main.java for the usage / code generation example ) -
20
webiness
Small PHP MVC Framework
Webiness is lightweight PHP framework based on MVC design pattern. Webiness is free and open source project available under MIT licence. and, in some way, It's inspirated by Yii Framework but it has much less features then Yii. It try to keep good balance between number of features, usability, speed, security options and easy of development. -
21
Vulnerawa stands for vulnerable web application, though I think it should be renamed Vulnerable website. Unlike other vulnerable web apps, this application strives to be close to reality as possible. To know more about Vulnerawa, go here https://www.hackercoolmagazine.com/vulnerawa-vulnerable-web-app-for-practice/ See how to setup Vulnerawa in Wamp server. https://www.hackercoolmagazine.com/how-to-setup-vulnerawa-in-wamp-server/ To see how to set up a web app pen testing lab with...
-
22
Webiness
Lightweight PHP framework
...Webiness is integrated with jQuery, and it comes with a set of AJAX-enabled features and his own light CSS framework for frontend development. Trying to be secure, it has integrated authetification and authorization module, RBAC user interface, sessions expire feature, input validation, CSRF protection, SQL injection prevention and other security features. -
23
sitecheck
Modular web site spider for web developers.
More than just a link checker, sitecheck is a website spider (also known as a crawler) which can assist with SEO by testing an entire site plus both inbound links from search engines and outbound links to other sites for the following issues: looping redirects (HTTP 301/302), broken links (HTTP 404), server errors (HTTP 500), spelling mistakes, low readability scores (using the Flesch Reading Ease test), missing/empty/duplicate meta tags, duplicate content, slow page speed, W3C validation errors and accessibility errors. Sitecheck can also spot some common causes of PCI compliance failure such as insecure content on secure pages, SQL injection/cross-site scripting (XSS) vulnerabilities, insecure encryption ciphers and open mail relays. Sources of information leakage such as email addresses and IP addresses in the headers or the page will be logged. Includes a separate module called domaincheck which checks the domain expiry date, SSL certificate expiry date and SPF records. -
24
Minecraft-PSC
Minecraft private Skin Center
Hello everyone! So what is this? well, i just made a cms for private servers, to manage their own premium skins. its a PHP based CMS, players can register, login, upload, delete, edit their own skins.(it contains the latest Skincraft too for editing) Remember its in beta status there WILL be updates!! but it works great! It has a wardrobe too! since 0.9 Beta. Current version: MC-PSC V1.0.0 RC1 WARNING! ALL THOSE WHO USES THE PREVIOUS VERSION(0.9 and lower), I HAVE TO ANNOUNCE THAT... -
25
Outpost
A first defense of web application security
It rejects/redirects the user agent that are known to be with bad intention, such as sql injection payload from sqlmap, scanners and so on.
