Search Results for "sql injection attack"
Sort By:
Showing 126 open source projects for "sql injection attack"
View related business solutions-
Easily Host LLMs and Web Apps on Cloud RunRun frontend and backend services, batch jobs, host LLMs, and queue processing workloads without the need to manage infrastructure. Cloud Run gives you on-demand GPU access for hosting LLMs and running real-time AI—with 5-second cold starts and automatic scale-to-zero so you only pay for actual usage. New customers get $300 in free credit to start.
-
Build on Google Cloud with $300 in Free CreditStart your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query exabytes in BigQuery, or build AI apps with Vertex AI and Gemini. Once your credits are used, keep building with 20+ products with free monthly usage, including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. Sign up to start building right away.
-
1
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks
bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks. -
2
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. ... -
3
Slonik
A Node.js PostgreSQL client with runtime and build time type safety
Slonik is a PostgreSQL client for Node.js that ensures safe and efficient query execution by using tagged template literals, preventing SQL injection attacks and promoting better query structure. -
4
SQL Injection Automation
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
6
PowerUpSQL
A PowerShell toolkit for attacking SQL Server
PowerUpSQL is a PowerShell toolkit focused on auditing, discovering, and post-exploitation activities for Microsoft SQL Server environments. It bundles a wide range of functions that help enumerate SQL Server instances, configuration settings, and potentially risky features so operators and testers can quickly understand an instance's security posture. The project is aimed at internal penetration testers and red-teamers but is also useful for database administrators and defenders who want to inventory SQL Server attack surface and hunt for misconfigurations. ... -
7
SeaQuery
A dynamic SQL query builder for MySQL, Postgres and SQLite
SeaQuery is a query builder to help you construct dynamic SQL queries in Rust. You can construct expressions, queries and schema as abstract syntax trees using an ergonomic API. We support MySQL, Postgres and SQLite behind a common interface that aligns their behavior where appropriate. -
8
Go SQLBuilder
Powerful SQL string builder library plus a zero-config ORM
Go-SQLBuilder is a flexible and powerful SQL string builder library for the Go programming language. It aids developers in constructing SQL queries programmatically, ensuring code readability and maintainability. -
9
SafeLine
Serve as a reverse proxy to protect your web services from attacks
...A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server. ... -
Cut Cloud Costs with Google Compute EngineSave on compute costs with Compute Engine. Reduce your batch jobs and workload bill 60-91% with Spot VMs. Compute Engine's committed use offers customers up to 70% savings through sustained use discounts. Plus, you get one free e2-micro VM monthly and $300 credit to start.
-
10
node-mssql
Microsoft SQL Server client for Node.js
node-mssql is a Microsoft SQL Server client for Node.js, providing a robust and feature-rich interface for connecting to and interacting with SQL Server databases. -
11
Druid
Database connection pool written in Java
...Druid has been deployed to the maven central repository. Druid provides a monitoring feature that can be implemented through filter-chain. It also comes with WallFilter, that is based on the SQL semantic analysis to protect from SQL injection attacks. Monitor connection leaks and connect to other databases, like Oracle database. -
12
tirith
Your browser catches homograph attacks
Tirith is a terminal security guardrail that inspects what you paste or run in your shell and blocks or warns on suspicious patterns before execution, addressing an area where terminals traditionally provide almost no protection. It targets real-world attack classes like Unicode homograph URLs (lookalike domains), terminal injection tricks (ANSI escape sequences and bidi overrides), and “pipe-to-shell” installation patterns such as curl | bash that attackers frequently abuse. The project emphasizes local-only analysis with no telemetry and no background daemons, so it can run offline and keep sensitive command context on-device. ... -
13
Shannon
Fully autonomous AI hacker to find actual exploits in your web apps
Shannon is an autonomous AI penetration testing system built to find and prove real, exploitable vulnerabilities in web applications rather than stopping at static warnings or best-guess alerts. It focuses on “proof by exploitation,” meaning it actively hunts for attack vectors in your code and then attempts to execute end-to-end exploits to demonstrate impact. The project blends source-aware analysis with automated web interaction so it can validate issues like injection flaws, authentication bypasses, and other exploitable paths in a way that resembles an actual attacker’s workflow. Instead of requiring you to manually reproduce findings, Shannon is designed to produce actionable evidence that a weakness can be weaponized, which helps teams prioritize what truly matters. ... -
14
Medoo
The lightweight PHP database framework to accelerate the development
...A lightweight PHP database framework to accelerate development. Supports MySQL, MSSQL, SQLite, MariaDB, PostgreSQL, Sybase, Oracle, and more. Supports various common and complex SQL queries, data mapping, and prevents SQL injection. Works well with every PHP framework, like Laravel, Yii, Slim, and framework which supports singleton extension or composer. -
15
WCDB
Cross-platform database framework developed by WeChat
WCDB is an efficient, complete, easy-to-use mobile database framework used in the WeChat application. It's currently available on iOS, macOS and Android. Easy-to-use. Through WCDB, you can get objects from database in one line code. WINQ (WCDB language integrated query), WINQ is a native data querying capability which frees developers from writing glue code to concatenate SQL query strings. ORM (Object Relational Mapping), WCDB provides a flexible, easy-to-use ORM for creating tables,... -
16
Sec-Context
AI Code Security Anti-Patterns distilled from 150+ sources
...It compiles insights from over 150 industry and academic sources into structured reference documents that outline real-world security problems such as hardcoded secrets, SQL injection, cross-site scripting, command injection, weak password storage, and other frequent issues that occur when code is auto-generated without context of best practices. Each anti-pattern is paired with a secure coding alternative and explanation, offering educational value for both humans and automated review agents designed to flag or correct unsafe patterns. -
17
EasyDB
Easy-to-use PDO wrapper for PHP projects
EasyDB is a secure, lightweight, and extensible database wrapper for PHP built on top of PDO. It simplifies query building, error handling, and parameter binding while encouraging best practices like prepared statements. EasyDB is designed for small to mid-sized applications that need clean and secure database access. -
18
Django
The Web framework for perfectionists with deadlines
Django is a high-level, free and open-source Python web framework founded on the Model–Template–View (MTV) pattern, designed to facilitate rapid development of secure, maintainable, and scalable database-driven websites. First, read docs/intro/install.txt for instructions on installing Django. Next, work through the tutorials in order (docs/intro/tutorial01.txt, docs/intro/tutorial02.txt, etc.). If you want to set up an actual deployment server, read docs/howto/deployment/index.txt for... -
19
Rules Engine
A Json based Rules Engine with extensive Dynamic expression support
A Json-based Rules Engine with extensive Dynamic expression support. RulesEngine is a highly extensible library to build a rule-based system using C# expressions. Rules Engine is a library/NuGet package for abstracting business logic/rules/policies out of a system. It provides a simple way of giving you the ability to put your rules in a store outside the core logic of the system, thus ensuring that any change in rules don't affect the core system. You need to store the rules based on the... -
20
JeecgBoot
Low-code enterprise web development platform
JeecgBoot is a low-code platform built on Spring Boot that accelerates enterprise application development with online forms, code generation, and a modern Vue-based frontend. It can generate CRUD screens, data dictionaries, and menu structures from database schemas, producing clean starter code that developers can extend. The platform integrates common enterprise features—RBAC permissions, data scopes, dictionary management, logging, and file/OSS integration—so teams start from a... -
21
AWS X-Ray SDK for Go
AWS X-Ray SDK for the Go programming language
AWS X-Ray recommends using AWS Distro for OpenTelemetry (ADOT) to instrument your application instead of this X-Ray SDK due to its wider range of features and instrumentations. See the AWS X-Ray docs on Working with Go for more help with choosing between ADOT and X-Ray SDK. Install the SDK using the following command (The SDK's non-testing dependencies will be installed): Use go get to retrieve the SDK to add it to your GOPATH workspace. X-Ray Go SDK will by default generate no-op trace and... -
22
waymap
Waymap is a fast and optimized web vulnerability scanner
...Waymap is a fast and optimized And Automated web vulnerability scanner designed for penetration testers. It effectively identifies vulnerabilities by testing against a variety of payloads. Features Overview Latest Update v5.2.1 New Sql Injection Scanning Module High Accuracy And Less False Positive Access it using: --scan sqli v5.3.1 Added Boolean Based Sqli Testing (OWN LOGIC) High Accuracy, Can Give False Positive Sometimes Access it using: --scan sqli Waymap Features Vulnerability Scanning Modules: SQL Injection (SQLi) Command Injection Server-Side Template Injection (SSTI) Cross-Site Scripting (XSS) with filter bypass payload testing Local File Inclusion (LFI) Open Redirect Carriage Return and Line Feed (CRLF) Cross-Origin Resource Sharing (CORS) Critical and High-Risk Scan Profiles using CVE exploits (32 CVEs: WordPress - 19, Drupal - 4, Joomla - 7, Generic/Others - 2) -
23
TACTAGES
Version 1.0.2: Added SQLMap, log saving, and UI enhancements.
...A professional banner is now displayed on startup to provide a more polished experience. Bug Fixes: No bug fixes in this release. Known Issues: None reported. This release introduces SQLMap support for advanced SQL injection testing and a robust log-saving system, alongside a more polished UI, significantly improving the tool's functionality and UI. -
24
banana-php
A balanced, adaptable PHP framework for all skill levels.
...It combines beginner-friendly simplicity with professional-grade features like: Smart Routing: Auto-configured with override options. BananaORM: Intuitive database management. Built-in Security: CSRF, XSS, and SQL injection protection. Skill-Adaptive Modes: Switch between beginner, intermediate, and advanced syntax. Perfect for rapid prototyping and scalable applications. -
25
Pentaho
Pentaho offers comprehensive data integration and analytics platform.
Pentaho couples data integration with business analytics in a modern platform to easily access, visualize and explore data that impacts business results. Use it as a full suite or as individual components that are accessible on-premise, in the cloud, or on-the-go (mobile). Pentaho enables IT and developers to access and integrate data from any source and deliver it to your applications all from within an intuitive and easy to use graphical tool. The Pentaho Enterprise Edition Free Trial...
