Search Results for "sql injection\" - Page 3
Sort By:
Showing 147 open source projects for "sql injection\"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
1
BlackWidow
Python web scanner for OSINT gathering and OWASP vulnerability fuzzing
...In addition to information gathering, the project includes a built-in fuzzing component called Inject-X, which tests dynamic URLs for common vulnerabilities listed in the OWASP Top 10. The scanner analyzes parameters and injects payloads to detect issues such as SQL injection, cross-site scripting (XSS), and open redirect vulnerabilities. -
2
PHPCorrector
XSS and SQLi vulnerabilities corrrector for PHP web applications
PHPCorrector is a tool that scans your PHP code to find Cross-Site Scripting (XSS) and SQL Injection (SQLi) vulnerabilities. When a vulnerability is found, it is corrected automatically. -
3
JavaEETest
Spring, SpringMVC, MyBatis, Spring Boot cases
JavaEETest is a comprehensive example repository showcasing Java web development using key technologies like Spring, Spring MVC, MyBatis, and Spring Boot. The project contains many small self-contained demo modules that demonstrate specific concepts such as dependency injection, MVC routing, ORM mapping, transaction management, caching, security configuration, and database interaction. It provides ready-to-run code that learners can inspect to understand how Java web apps are structured and how these frameworks collaborate under the hood. Tutorials and example code include working with REST APIs, session management, dynamic SQL with MyBatis, annotation-driven Spring configuration, and more advanced features like caching and Spring Security. ... -
4
OWASP ModSecurity CRS
OWASP ModSecurity Core Rule Set (CRS) Project
The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ... -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
5
NodeGoat
The OWASP NodeGoat project
A deliberately vulnerable Node.js application designed for security training, helping developers understand common web vulnerabilities and how to mitigate them. -
6
Python Taint
Static Analysis Tool for Detecting Security Vulnerabilities in Python
Static analysis of Python web applications based on theoretical foundations (Control flow graphs, fixed point, dataflow analysis) Detect command injection, SSRF, SQL injection, XSS, directory traveral etc. A lot of customization is possible. For functions from builtins or libraries, e.g. url_for or os.path.join, use the -m option to specify whether or not they return tainted values given tainted inputs, by default this file is used. -
7
inspectIT
inspectIT is the leading Open Source APM
inspectIT is the leading open-source APM (application performance management) tool for monitoring and analyzing your Java(EE) software applications. Various sensors capture end-to-end information for every request from the end user, to the business tier all the way to the backends. inspectIT is based on an application-centric, business-focused approach, where each technical request is mapped to an application and to a business use case. With inspectIT you always know about the health of your... -
8
Laudanum is a collection of injectable files, designed to be used in a pentest when SQL injection flaws are found and are in multiple languages for different environments.They provide functionality such as shell, DNS query, LDAP retrieval and others.
-
9
SSM
Build SSM from distributed micro service
SSM is an open-source Java project template that demonstrates how to build web applications using the classic SSM architecture: Spring, Spring MVC, and MyBatis. It offers a structured starting point that combines Spring’s dependency injection and application configuration, Spring MVC’s request handling and view resolution, and MyBatis’s SQL mapping layer for database access, which together form a popular stack for enterprise Java applications. This repository includes sample controllers, service layers, and data access objects configured to work out of the box, helping developers see how each layer interacts and how to organize code for maintainability. ... -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
10
lua-resty-waf
High-performance WAF built on the OpenResty stack
lua-resty-waf is a web application firewall implemented in Lua for OpenResty/NGINX, designed to run inline at the edge with low overhead. It inspects requests and responses during NGINX phases, applying rule logic and anomaly scoring to detect patterns like SQL injection, cross-site scripting, and protocol abuse. Rules are organized into policies with configurable actions—block, log, or allow—and can leverage shared dictionaries for counters, rate limits, and caching decisions. Because it runs inside the NGINX event loop, it scales with the web tier and avoids the latency of external proxies. ... -
11
sqliv
Massive SQL injection vulnerability scanner for automated web testing
SQLiv is a command-line security tool designed to identify SQL injection vulnerabilities in web applications through automated scanning techniques. Written primarily in Python, the project focuses on discovering potentially vulnerable web pages by analyzing URLs that contain database query parameters. It can perform large-scale scanning by using search engine queries known as SQL injection dorks to collect candidate websites and then test them for vulnerabilities. ... -
12
payloadmask
Payload list editor to use techniques to bypass WAF
...A web application firewall (WAF) is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. By customizing the rules to your application, many attacks can be identified and blocked. -
13
MVProc
MVC web platform for Apache and MySQL Stored Procedures
MVProc is a Model-View-Controller module for Apache2 that facilitates using MySQL stored procedures as the controller element. NOTE: Version 2.1 is STABLE and currently in production use. NOTE: Versions 1.4+ are for Apache2.4 - in order to run on Apache2.2, replace request_rec->useragent_ip references with request_rec->connection->remote_ip (there are 3 in the source code) -
14
SQLMate
Rapidly generate a DAO for SQLite
Complete source code, usage example, & a code-generated test case are included in the .jar file. ( See main.java for the usage / code generation example ) -
15
Website built for anti sql injection, that mean prevented your website from the hackers
-
16
webiness
Small PHP MVC Framework
Webiness is lightweight PHP framework based on MVC design pattern. Webiness is free and open source project available under MIT licence. and, in some way, It's inspirated by Yii Framework but it has much less features then Yii. It try to keep good balance between number of features, usability, speed, security options and easy of development. -
17
Vulnerawa stands for vulnerable web application, though I think it should be renamed Vulnerable website. Unlike other vulnerable web apps, this application strives to be close to reality as possible. To know more about Vulnerawa, go here https://www.hackercoolmagazine.com/vulnerawa-vulnerable-web-app-for-practice/ See how to setup Vulnerawa in Wamp server. https://www.hackercoolmagazine.com/how-to-setup-vulnerawa-in-wamp-server/ To see how to set up a web app pen testing lab with...
-
18
MVProc FastCGI
MVProc implemented as a FastCGI
...It's fast and runs great on Lighttpd! Supports application/x-www-form-urlencoded and multipart/form-data! Highly configurable! Very fast templating! Designed to be secure, with SQL injection protection, XSS attack protection, and more! Responsive project admin! -
19
Webiness
Lightweight PHP framework
...Webiness is integrated with jQuery, and it comes with a set of AJAX-enabled features and his own light CSS framework for frontend development. Trying to be secure, it has integrated authetification and authorization module, RBAC user interface, sessions expire feature, input validation, CSRF protection, SQL injection prevention and other security features. -
20
ngx_lua_waf
ngx_lua_waf
ngx_lua_waf is a web application firewall (WAF) module written in Lua for use with OpenResty (Nginx + Lua). It provides protection against common web attacks such as SQL injection, XSS, file uploads, and malicious bots. The WAF is rule-based, easily configurable, and lightweight, offering real-time defense with minimal performance overhead. -
21
miniPHP
A small, simple PHP MVC framework skeleton that encapsulates a lot of
miniPHP A small, simple PHP MVC framework skeleton that encapsulates a lot of features surrounded with powerful security layers. miniPHP is a very simple application, useful for small projects, helps to understand the PHP MVC skeleton, know how to authenticate and authorize, encrypt data and apply security concepts, sanitization and validation, make Ajax calls and more. It's not a full framework, nor a very basic one but it's not complicated. You can easily install, understand, and... -
22
MR.SE SQL Injection Tool
Auto SQL Injection Tool Coded by MR.SE
SQLInjection is one of the basics of hacking. It is also one of the most tedious and most time consuming steps. MR.SE SQL Injection Tool programmed under Perl and hackers can quickly and easily penetrate their desired website databases with this. -
23
Web Application Protection
Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. ... -
24
PAVS
PHP Application Vulnerability Scanner
PAVS scans the PHP based web application source code and identifies the potential security problems in that application. PAVS also identifies the loop holes in PHP configuration file settings. Attacks addressed by PAVS are Cross-site Scripting SQL Injection File Manipulation File Inclusion Command Execution Code Evaluation -
25
Anti SQL Inject
Block SQL Injections as soon as their detected[Alpha]
This PHP Library blocks common SQL injection attacks its as simple as calling some code, as a basic demo of what code shall be put in, require('antiinect.php'); //Import the library antiinject($parameter,true); //call the libraries primary function and true equals to block the attack more info on how to use the library can be found on the wiki Currently Supports(ALPHA 1.2): Apostrophe Based attacks(') union select based detection * order by * based detection example page(no SQL base yet) Planned to do(ALPHA 1.3): Add Tracking(blocked attacks,protected hits. ...
