Search Results for "injection"
Sort By:
Showing 24 open source projects for "injection"
View related business solutions-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
1
SafeLine
Serve as a reverse proxy to protect your web services from attacks
...A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server. ... -
2
Druid
Database connection pool written in Java
...Druid provides a monitoring feature that can be implemented through filter-chain. It also comes with WallFilter, that is based on the SQL semantic analysis to protect from SQL injection attacks. Monitor connection leaks and connect to other databases, like Oracle database. -
3
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
4
Scanner of Death is a network vulnerability scanner.
-
Fully Managed MySQL, PostgreSQL, and SQL ServerCloud SQL handles your database ops end to end, so you can focus on your app.
-
5
OWASP ModSecurity CRS
OWASP ModSecurity Core Rule Set (CRS) Project
The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ... -
6
inspectIT
inspectIT is the leading Open Source APM
...With inspectIT you always know about the health of your software and can easily analyze any problems that arise. For Web applications, the tool integrates the End user monitoring using automatic JavaScript agent injection. This allows easy monitoring of the performance that real users are facing in the browser. In addition, the inspectIT can correlate all user actions in the browser to the backend traces, thus providing a complete picture on the user experience. -
7
Mist Browser
Mist. Browse and use Ðapps on the Ethereum network.
The Mist browser is the tool of choice to browse and use Ðapps. If you want to install the app from a pre-built version on the release page, you can simply run the executable after download. For updating, simply download the new version and copy it over the old one (keep a backup of the old one if you want to be sure). In order to install from .zip files, please install libgconf2-4 first. Once a Mist version is released the Meteor frontend part is bundled using the meteor-build-client npm... -
8
DOClever
The best interface management platform
...Can edit and manage interface information, support five methods of getting, post, put, delete, patch, support HTTP and HTTPS protocols, and support visual editing of query, body, JSON, raw, rest, formdata parameters. At the same time, unlimited levels of visual editing can be performed on JSON. And, additional features like status codes, code injection, markdown documentation, and more. Support the import of postman, rap, and swagger, which is convenient for you to do seamless migration, and also supports the export of HTML files, which is convenient for you to browse offline! -
9
lua-resty-waf
High-performance WAF built on the OpenResty stack
lua-resty-waf is a web application firewall implemented in Lua for OpenResty/NGINX, designed to run inline at the edge with low overhead. It inspects requests and responses during NGINX phases, applying rule logic and anomaly scoring to detect patterns like SQL injection, cross-site scripting, and protocol abuse. Rules are organized into policies with configurable actions—block, log, or allow—and can leverage shared dictionaries for counters, rate limits, and caching decisions. Because it runs inside the NGINX event loop, it scales with the web tier and avoids the latency of external proxies. Operators can extend it with custom Lua code, integrate threat feeds, or adapt it to application-specific quirks without recompiling modules. ... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Wi-Fi Ducky
Upload, save and run keystroke injection payloads with an ESP8266
Upload, save and run keystroke injections remotely with an ESP8266 + ATmega32u4. Using a USB device that act as a keyboard to inject keystrokes is well known these days. The USB Rubber Ducky by Hak5 is THE hacker gadget for this kind of attack. It introduced a simple script language called Ducky Script, which this project uses too. The ESP8266 is a popular Wi-Fi chip used in a lot of projects. Because it's cheap, small, and has its own file system (SPIFFS), it's perfect for enabling an easy... -
11
hexinject
Hexadecimal and raw packet injector and sniffer.
Hexadecimal and raw packet injector and sniffer. Can be easily combined with other tools to provide a powerful cmdline framework for raw network access. -
12
Pop Framework
Use Java bean as model of web page, reference beans in hyperlinks
Pop Framework (or Pop), http://www.popframework.net, is a bean-based MVC framework for Java/J2EE web applications. Pop implements IoC, Dependency Injection, and AOP. Pop provides annotations for users to define and reference a bean. Pop can help users to customize a bean, a scope, a factory and a reference in object-oriented way. Pop treats a bean as the model of a web page (JSP or servlet), the webpage itself is a view of the bean. The model provides the data for the view, the view is responsible for rendering the data. ... -
13
ngx_lua_waf
ngx_lua_waf
ngx_lua_waf is a web application firewall (WAF) module written in Lua for use with OpenResty (Nginx + Lua). It provides protection against common web attacks such as SQL injection, XSS, file uploads, and malicious bots. The WAF is rule-based, easily configurable, and lightweight, offering real-time defense with minimal performance overhead. -
14
IPv6 CARE, "IPv6 Compliant Automatic Runtime Environment", provides an environment where applications instantly become IPv6-compliant ('patch' mode, see RFC6535). It can also generate a diagnosis about the IPv6 compliance of an application ('check' mode). It uses an LD_PRELOAD-based library injection technique.
-
15
Revenssis Ethical Hacking Suite
Fully featured network, wireless and web app pentesting suite.
Nicknamed as the "Smartphone Version of Backtrack", Revenssis Penetration Suite is a set of all the useful types of tools used in Computer and Web Application security. Tools available in it include: Web App scanners, Encode/Decode & Hashing tools, Vulnerability Research Lab, Forensics Lab, plus the must-have utilities (Shell, SSH, DNS/WHOIS Lookup, Traceroute, Port Scanner, Spam DB Lookup, Netstat... etc). All these fitting in an application approx. 10MB (post installation). -
16
DE-ARP
Protect the gateway against the ARP Injection Spoofing Technique.
...With the information about the manufacturer and physical address, you can confirm that information and create a static and permanent (in the registry) protection for "outbound traffic through the gateway" against the Injection ARP Spoof Technique, using static ARP entries. Remind that this application doesn't ensures 100% level of protection by itself, its use must be combined with a solid security information policy and a "good use" about the computer. -
17
Injection Wizard is an application for injecting traffic into WEP protected Wi-Fi networks, like aireplay-ng, but it's much more easy to use and it can work with worse conditions.
-
18
-
19
Gui for aircrack-ng that can crack WEP and WPA networks, automatically scans for available networks, provides fake authentication and injection support.
-
20
This product is no longer maintained: The author created alternative tools: https://databunker.org/ and https://privacybunker.io/ GreenSQL is a database firewall engine used to protect Open Source Databases from SQL injection attacks. It works in proxy mode. Application logic is based on evaluating of SQL commands using risk score factors, as well as blocking of sensitive commands
-
21
-
22
-
23
jpwrite is a set of Java classes which provide a system for creating and injecting arbitrary packets onto a network. jpwrite utilizes libnet (aka. libpwrite), a widely available library for packet creation and injection.
-
24
...The code in the repository needs some fixing in order to be usable. Also, it needs a security review, especially in the query building part: as it is, %h, %R and %e placeholders could lead to SQL injection. If anyone wishes to maintain the project, just let me know.
- Previous
- You're on page 1
- Next
