Search Results for "command injection" - Page 2

Showing 88 open source projects for "command injection"

View related business solutions
  • $300 Free Credits for Your Google Cloud Projects Icon
    $300 Free Credits for Your Google Cloud Projects

    Start building on Google Cloud with $300 in free credits. No commitment, no credit card required until you're ready to scale.

    Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
    Start Free Trial
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • 1
    cerberuscms2

    cerberuscms2

    Cerberus Content Management System

    Cerberus Content Management System is a dynamic, secure and infinitely expandable CMS designed after a Unix-Like model. It is a custom written Web Application Framework ( W.A.F. ) with a consistent and custom written Pre-Hyper-Text-Post-Processor Programming Code Framework ( P.C.F. ). This Web Application Software Project' aim is to be the fastest and most secure Web Application Framework, Web Application Programming Code Framework, Text, Voice and Video Communications Platform and Content...
    Downloads: 2 This Week
    Last Update:
    See Project
  • 2
    Nativefier

    Nativefier

    Make any web page a desktop application

    Tired of having to search through numerous open tabs on your browser just to view a web page that you regularly view? Make things easier and more convenient for yourself with Nativefier! Nativefier is a command-line tool that easily creates a desktop app for any web site with minimal configuration. It creates an Electron (which uses Chromium under the hood) based native wrapper in an OS executable (.app, .exe, etc) for use on Windows, macOS and Linux. Using Nativefier is absurdly simple....
    Downloads: 38 This Week
    Last Update:
    See Project
  • 3
    Nativefier

    Nativefier

    Make any web page a desktop application

    Nativefier is a command-line tool designed to create a desktop app for any web site with minimal configuration. Apps are wrapped by Electron (using Chromium under the hood) in an OS executable (.app, .exe, etc) for use on Windows, macOS and Linux. Nativefier will try to determine the app name, and well as lots of other options. If desired, these options can be overwritten. For example, to override the name, nativefier --name 'My Medium App' 'medium.com' Read the API documentation or run...
    Downloads: 5 This Week
    Last Update:
    See Project
  • 4
    paramspider

    paramspider

    Mine parameterized URLs from web archives for security testing

    ...These endpoints are commonly used during reconnaissance because parameters often expose inputs that may be vulnerable to issues like cross-site scripting, SQL injection, or server-side request forgery. ParamSpider automates the process of retrieving archived URLs, cleaning them, and preparing them for fuzzing or further probing. It can process a single domain or multiple domains from a list, making it useful for both targeted testing and large-scale reconnaissance.
    Downloads: 3 This Week
    Last Update:
    See Project
  • Fully Managed MySQL, PostgreSQL, and SQL Server Icon
    Fully Managed MySQL, PostgreSQL, and SQL Server

    Automatic backups, patching, replication, and failover. Focus on your app, not your database.

    Cloud SQL handles your database ops end to end, so you can focus on your app.
    Try Free
  • 5
    KumoMTA

    KumoMTA

    The first Open-Source high-performance MTA for high-volume senders

    KumoMTA is an Open-Source, enterprise-grade email message transfer agent (MTA) software for sending high-volume, business-critical emails. KumoMTA is typically chosen by high-volume email users looking to replace PowerMTA, Momentum, or traditional Open Source MTAs. KumoMTA offers high-performance message relay to the tune of millions of messages per hour per server, combined with extreme flexibility and configurability through its use of a Lua scripting engine for configuration and...
    Downloads: 5 This Week
    Last Update:
    See Project
  • 6
    GraphQLmap

    GraphQLmap

    GraphQLmap is a scripting engine to interact with endpoints

    GraphQLmap is a Python-based scripting engine designed to interact with GraphQL endpoints for penetration testing purposes. It can connect to a target GraphQL endpoint, dump the schema (if introspection is enabled), query it interactively, and fuzz fields for NoSQL/SQL injection vectors, thereby revealing hidden attack surfaces. GraphQL endpoints represent a relatively newer attack vector compared to REST, and GraphQLmap helps bridge this gap by providing tooling tailored to the GraphQL...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 7
    Bank Vaults

    Bank Vaults

    K8s operator, Go client with automatic token renewal

    The Vault Swiss Army knife, which makes enterprise-grade security attainable on Kubernetes. It has many 'blades' that cut through the security problem: the Bank-Vaults operator provides automation; a Go client with automatic token renewal that provides dynamic secret generation, multiple unseal options, and more; a CLI tool to initialize, unseal and configure Vault with authentication methods and secret engines; and direct secret injection into Pods to reduce the attack surface. Automates...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 8
    Pixload

    Pixload

    Image Payload Creating/Injecting tools

    Pixload is a collection of tools for creating and injecting payloads into image files using steganographic techniques to embed hidden content in common image formats. It supports BMP, GIF, JPG, PNG, and WebP formats and offers command-line utility for generating or modifying images with embedded payloads. If the target image exists, it can inject into it; otherwise, it generates a new one. Offers separate utilities per format (e.g., bmp.pl, gif.pl, jpg.pl, png.pl) for injection or creation. Functions as a steganography tool for hiding backdoors or messages in images.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 9
    NoSQLi

    NoSQLi

    NoSql Injection CLI tool, for finding vulnerable websites

    NoSQLi is a penetration testing tool designed for detecting and exploiting NoSQL injection vulnerabilities. It allows security researchers and ethical hackers to assess the security of NoSQL databases by identifying injection flaws in applications using MongoDB and similar technologies.
    Downloads: 0 This Week
    Last Update:
    See Project
  • Go from Code to Production URL in Seconds Icon
    Go from Code to Production URL in Seconds

    Cloud Run deploys apps in any language instantly. Scales to zero. Pay only when code runs.

    Skip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
    Try it free
  • 10

    FireCX

    Open source OWASP penetration testing tool written in Python 3

    FireCX is an open source OWASP penetration testing tool written in Python 3, that can speed up the the process of finding common PHP vulnerabilities in PHP code, i.e. command injection, local/remote file inclusion and SQL injection.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 11
    Swoft

    Swoft

    PHP Microservice full Coroutine framework

    ...Built-in high-performance network server(HTTP/Websocket/RPC/TCP). Flexible componentization. Flexible annotation function. Diversified command terminal(Console). Powerful Aspect-Oriented Programming. Perfect Container management, Dependency Injection (DI). Flexible event mechanism.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 12
    OfficeFloor

    OfficeFloor

    inversion of coupling control

    OfficeFloor provides inversion of coupling control, with its: - dependency injection - continuation injection - thread injection For more information visit the OfficeFloor web site ( http://officefloor.net )
    Downloads: 18 This Week
    Last Update:
    See Project
  • 13
    RED HAWK

    RED HAWK

    All-in-one reconnaissance and vulnerability scanning toolkit for sites

    RED HAWK is an open source command-line security tool designed for information gathering, vulnerability scanning, and web reconnaissance tasks. It combines multiple scanning and analysis capabilities into a single toolkit to help security researchers and penetration testers quickly analyze a target website. It can collect a wide range of information about domains, servers, and web applications, including network details, hosting configuration, and content management system detection. ...
    Downloads: 7 This Week
    Last Update:
    See Project
  • 14

    PHPCorrector

    XSS and SQLi vulnerabilities corrrector for PHP web applications

    PHPCorrector is a tool that scans your PHP code to find Cross-Site Scripting (XSS) and SQL Injection (SQLi) vulnerabilities. When a vulnerability is found, it is corrected automatically.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 15
    OWASP ModSecurity CRS

    OWASP ModSecurity CRS

    OWASP ModSecurity Core Rule Set (CRS) Project

    The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ...
    Downloads: 4 This Week
    Last Update:
    See Project
  • 16
    Python Taint

    Python Taint

    Static Analysis Tool for Detecting Security Vulnerabilities in Python

    Static analysis of Python web applications based on theoretical foundations (Control flow graphs, fixed point, dataflow analysis) Detect command injection, SSRF, SQL injection, XSS, directory traveral etc. A lot of customization is possible. For functions from builtins or libraries, e.g. url_for or os.path.join, use the -m option to specify whether or not they return tainted values given tainted inputs, by default this file is used.
    Downloads: 3 This Week
    Last Update:
    See Project
  • 17
    ansvif

    ansvif

    An advanced cross platform fuzzing framework suited to find code bugs.

    ansvif, or A Not So Very Intelligent Fuzzer, suited to find bugs in code by throwing garbage arguments, files, and environment variables at the target program, that you may or may not have the source code to. It supports many features, such as buffer size, randomization of the buffer size, random data injection, templates, and much more. The purpose of this project is to identify bugs in software, specifically bugs that can induce a segmentation fault under various conditions. This aids...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 18
    Spatial Media

    Spatial Media

    Specifications and tools for 360º video and spatial audio

    spatial-media provides tools for working with spherical video and spatial audio metadata so players and platforms can correctly render immersive media. The utilities inject, inspect, and extract metadata in common container formats (MP4/WebM) to signal 360° projection type, stereoscopy mode, and spatial audio layout. Creators use it to prepare 360/VR180 assets for upload so services know whether a video is monoscopic, top-bottom stereo, or side-by-side, and whether ambisonic audio is...
    Downloads: 69 This Week
    Last Update:
    See Project
  • 19
    Gin Config

    Gin Config

    Gin provides a lightweight configuration framework for Python

    Gin Config is a lightweight and flexible configuration framework for Python built around dependency injection. It enables developers to manage complex parameter hierarchies—particularly common in machine learning experiments—without relying on boilerplate configuration classes or protos. By decorating functions and classes with @gin.configurable, Gin allows their parameters to be overridden using simple configuration files (.gin) or command-line bindings.
    Downloads: 10 This Week
    Last Update:
    See Project
  • 20
    Mist Browser

    Mist Browser

    Mist. Browse and use Ðapps on the Ethereum network.

    The Mist browser is the tool of choice to browse and use Ðapps. If you want to install the app from a pre-built version on the release page, you can simply run the executable after download. For updating, simply download the new version and copy it over the old one (keep a backup of the old one if you want to be sure). In order to install from .zip files, please install libgconf2-4 first. Once a Mist version is released the Meteor frontend part is bundled using the meteor-build-client npm...
    Downloads: 6 This Week
    Last Update:
    See Project
  • 21
    iSCSIsim is a powerful generic test tool for iSCSI targets. Its capabilities include SCSI command injection, error insertion, and recovery testing: all with built-in validation of test results.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 22
    sqliv

    sqliv

    Massive SQL injection vulnerability scanner for automated web testing

    SQLiv is a command-line security tool designed to identify SQL injection vulnerabilities in web applications through automated scanning techniques. Written primarily in Python, the project focuses on discovering potentially vulnerable web pages by analyzing URLs that contain database query parameters. It can perform large-scale scanning by using search engine queries known as SQL injection dorks to collect candidate websites and then test them for vulnerabilities. ...
    Downloads: 5 This Week
    Last Update:
    See Project
  • 23
    payloadmask

    payloadmask

    Payload list editor to use techniques to bypass WAF

    Payload mask tool to edit web payload lists to try bypass web application firewall. A web application firewall (WAF) is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. By customizing the rules to your application, many attacks can be identified and blocked.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 24
    hexinject

    hexinject

    Hexadecimal and raw packet injector and sniffer.

    Hexadecimal and raw packet injector and sniffer. Can be easily combined with other tools to provide a powerful cmdline framework for raw network access.
    Downloads: 3 This Week
    Last Update:
    See Project
  • 25
    A webapp hacking game, where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc
    Downloads: 4 This Week
    Last Update:
    See Project