Search Results for "sql injection attack"

...Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances.

ThetaDrive is a cross-platform open-source Google Drive alternative, that is an easily configurable full-stack FTP server application that works on both Windows and Linux. It comes ready to deploy with advanced features like two-step authentication via SMTP, SSL/TLS connection encryption, SSL certificate generation, and customizable security and database attributes. The website is hosted live at: https://theta-drive.org [Update] 🆕 Fixed bug regarding the load-up of the AES key 🆕 Moved...

pH7Builder is a Professional, Free & Open Source PHP Social Dating Builder Software (primarily designed for developers ...). This Social Dating Web App is fully coded in object-oriented PHP (OOP) with the MVC pattern (Model-View-Controller). It is low resource-intensive, extremely powerful and highly secure. pH7Builder is included with over 42 native modules and is based on its homemade pH7 Framework which includes more than 52 packages To summarize, pH7Builder Social Dating Script...

Cerberus Content Management System is a dynamic, secure and infinitely expandable CMS designed after a Unix-Like model. It is a custom written Web Application Framework ( W.A.F. ) with a consistent and custom written Pre-Hyper-Text-Post-Processor Programming Code Framework ( P.C.F. ). This Web Application Software Project' aim is to be the fastest and most secure Web Application Framework, Web Application Programming Code Framework, Text, Voice and Video Communications Platform and Content...

Cerberus Content Management System is a dynamic, secure and infinitely expandable CMS designed after a Unix-Like model complete with a Unix-Like Kernel File named: Cerberus. It is a custom written Web Application Framework ( W.A.F. ) with a consistent and custom written Pre-Hyper-Text-Post-Processor Programming Code Framework ( P.C.F. ). This Web Application Software Project' aim is to be the fastest and most secure Web Application Framework, Web Application Programming Code Framework, Text,...

github: https://github.com/samedog/phpmvs

...It's fast and runs great on Lighttpd! Supports application/x-www-form-urlencoded and multipart/form-data! Highly configurable! Very fast templating! Designed to be secure, with SQL injection protection, XSS attack protection, and more! Responsive project admin!

UPDATE: Please do not download until new update or final version 1.1 is out (actual version = 1.0.6.beta)! We found XSS and SQL Injection vulnerabilities and are going to fix them as soon as possible. SimplePress ist ein objektorientiertes Content Management System zum einfachen Erstellen und Verwalten eines Onlineblogs. Das System eignet sich hervorragend zum forken eigener Scripte.

More than just a link checker, sitecheck is a website spider (also known as a crawler) which can assist with SEO by testing an entire site plus both inbound links from search engines and outbound links to other sites for the following issues: looping redirects (HTTP 301/302), broken links (HTTP 404), server errors (HTTP 500), spelling mistakes, low readability scores (using the Flesch Reading Ease test), missing/empty/duplicate meta tags, duplicate content, slow page speed, W3C validation errors and accessibility errors. Sitecheck can also spot some common causes of PCI compliance failure such as insecure content on secure pages, SQL injection/cross-site scripting (XSS) vulnerabilities, insecure encryption ciphers and open mail relays. Sources of information leakage such as email addresses and IP addresses in the headers or the page will be logged. Includes a separate module called domaincheck which checks the domain expiry date, SSL certificate expiry date and SPF records.

w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more. This project has been migrated to github! See details in our project site: http://w3af.org/

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

An simple auction system for students with intermediate knowledge on jQuery, PHP, mySQL to explore. This system is not secure from SQL injection, as this is for educational purpose only.

...Often when responding to a security incident the only files available are web server and proxy server logs. The tools here will aid you in detecting odd traffic such as botnet beaconing and SQL Injection attempts. The large amount of data can be overwhelming and the tools in the Log Analysis Tool Kit can be used to parse these files and build a MySQL database for querying. Currently the log formats supported are: Proxy Logs: Squid Bluecoat Web Server Logs: Apache IIS Your feedback is always appreciated. ...

...Features: User Profiles PM System Admin / Mod Area Spam Protection Captcha & IP-Lock BBCode & Smileys RSS Feeds News-System Announcements User edit / block SHA1 encoding E-Mail verification SQL-Injection-Guard Admin-Notifications Contacts Statistics InfoBox Badword-Filter Counter User List Search MyPostings Moderators Password recovery / change Show Views / Posts in a Topic Protection against XSS

Safe3WVS is one of the most powerful web vulnerability scanner with AI on-the-fly web spider crawling technology,especially web portals ,it is the most fast tool to dig such as sql injection, upload vulnerability, and more.http://www.safe3.com.cn/en

exploit.co.il Vulnerable Web app designed as a learning platform to test various SQL injection Techniques This is a fully functional web site with a content management system based on fckeditor. You can download it as source code or a pre configured

PHPCentaur is a PHP5 driven exploit scanner for webservers. Scope of the project: -SQL exploits, Cros site scripting vulnerabilities, Remote code injection, Encoding vulnerabilities, Session based attacks. And more...

Servlet container extensions that help web developers write full featured Java web applications.

...Fusion is a more user friendly extremely advanced security system with features like no other.Including FTP Security, Complete Logging, IP Protection, Secure GET & POST, Block any kind of SQL injection.

eXlent2k7 is a CMS based on the most modern technologies (XHTML 1.1, CSS 2.1, PHP 5 objects, PDO, XML, DOM) with good security (CSRF protection, XSS prevention in template system, JavaScript can be disabled, SQL injection prevention in database class).

DSP stands for Data Server Pages, the APACHE HTTP server module, that provides PL/SQL Server scripting with variable injection preprocessor and features an efficient authorization and authentication framework on the Oracle database backend.

InsecureWebApp is a web app that includes common web application vulnerabilities including SQL&Html Injection- see owasp.org. It is a target for automated and manual penetration testing, source code analysis, vulnerability assessments and threat modeling.

This project is abandonware. There are numerous SQL injection and XSS vulnerabilities in this product and I haven't the time to repair them at the moment. Please do not download.

...The code in the repository needs some fixing in order to be usable. Also, it needs a security review, especially in the query building part: as it is, %h, %R and %e placeholders could lead to SQL injection. If anyone wishes to maintain the project, just let me know.