Search Results for "jsql-injection"

...Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances.

The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ...

Hexadecimal and raw packet injector and sniffer. Can be easily combined with other tools to provide a powerful cmdline framework for raw network access.

IPv6 CARE, "IPv6 Compliant Automatic Runtime Environment", provides an environment where applications instantly become IPv6-compliant ('patch' mode, see RFC6535). It can also generate a diagnosis about the IPv6 compliance of an application ('check' mode). It uses an LD_PRELOAD-based library injection technique.

Injection Wizard is an application for injecting traffic into WEP protected Wi-Fi networks, like aireplay-ng, but it's much more easy to use and it can work with worse conditions.

The Fault Injection Toolkit is a sophisticated modern protocol fuzzing platform.

Gui for aircrack-ng that can crack WEP and WPA networks, automatically scans for available networks, provides fake authentication and injection support.

This product is no longer maintained: The author created alternative tools: https://databunker.org/ and https://privacybunker.io/ GreenSQL is a database firewall engine used to protect Open Source Databases from SQL injection attacks. It works in proxy mode. Application logic is based on evaluating of SQL commands using risk score factors, as well as blocking of sensitive commands

Airpwn is a tool for generic packet injection on an 802.11 network.

jpwrite is a set of Java classes which provide a system for creating and injecting arbitrary packets onto a network. jpwrite utilizes libnet (aka. libpwrite), a widely available library for packet creation and injection.

...The code in the repository needs some fixing in order to be usable. Also, it needs a security review, especially in the query building part: as it is, %h, %R and %e placeholders could lead to SQL injection. If anyone wishes to maintain the project, just let me know.