Search Results for "injection"
Sort By:
Showing 27 open source projects for "injection"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Go from Code to Production URL in SecondsSkip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
-
1
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. ... -
2
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks
bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks. -
3
Shannon
Fully autonomous AI hacker to find actual exploits in your web apps
...It focuses on “proof by exploitation,” meaning it actively hunts for attack vectors in your code and then attempts to execute end-to-end exploits to demonstrate impact. The project blends source-aware analysis with automated web interaction so it can validate issues like injection flaws, authentication bypasses, and other exploitable paths in a way that resembles an actual attacker’s workflow. Instead of requiring you to manually reproduce findings, Shannon is designed to produce actionable evidence that a weakness can be weaponized, which helps teams prioritize what truly matters. It positions itself as a pre-attacker safety net, aiming to break your web app before someone else does and thereby reduce the gap between “potentially vulnerable” and “confirmed exploitable.” -
4
Digna Web Scanner
A tool to check web apps for vulnerabilty
...Open Ports: Detects open ports on the target web server to understand its potential attack surface. Content Security Policy (CSP): Checks if the website has a properly configured CSP to mitigate XSS and other injection RCE -
Fully Managed MySQL, PostgreSQL, and SQL ServerCloud SQL handles your database ops end to end, so you can focus on your app.
-
5
pH7 Social Dating CMS (pH7Builder)❤️
🚀 Professional Social Dating Web App Builder (formerly pH7CMS)
pH7Builder is a Professional, Free & Open Source PHP Social Dating Builder Software (primarily designed for developers ...). This Social Dating Web App is fully coded in object-oriented PHP (OOP) with the MVC pattern (Model-View-Controller). It is low resource-intensive, extremely powerful and highly secure. pH7Builder is included with over 42 native modules and is based on its homemade pH7 Framework which includes more than 52 packages To summarize, pH7Builder Social Dating Script... -
6
FireCX
Open source OWASP penetration testing tool written in Python 3
FireCX is an open source OWASP penetration testing tool written in Python 3, that can speed up the the process of finding common PHP vulnerabilities in PHP code, i.e. command injection, local/remote file inclusion and SQL injection. -
7
SHAD0W
A post exploitation framework designed to operate covertly
It uses a range of methods to evade EDR and AV while allowing the operator to continue using tooling and tradecraft they are familiar with. Its powered by Python 3.8 and C, and uses Donut for payload generation. By using Donut along with the process injection capabilities of SHAD0W, it provides the operator the ability to execute .NET assemblies, DLLs, EXEs, JS, VBS or XSLs fully inside the memory. Dynamically resolved syscalls are heavily used to avoid userland API hooking, anti-DLL injection to make it harder for EDR to load code into the beacons, and official Microsoft mitigation methods to protect spawn processes. ... -
8
Xenos
Windows dll injector
...As an application rather than a library, it provides a concrete example of how to leverage Blackbone’s robust process and memory manipulation APIs to perform manual and automated DLL injection into both 32-bit and 64-bit Windows applications. Xenos supports a variety of mapping techniques including manual mapping, and it is configured to work across supported Windows versions from Windows 7 to Windows 10 x64, making it useful for developers and modding communities working with older or newer games and applications. By basing its core functionality on Blackbone, Xenos benefits from the underlying library’s advanced memory manipulation capabilities such as process attachment, memory allocation, and loader-agnostic injection methods. -
9
Echo Mirage
Hook into application processes and monitor network interactions
...Unlike typical web proxies, Echo Mirage specializes in local application traffic, including encrypted sessions, providing unique visibility into thick client communications. It employs advanced techniques such as DLL injection and function hooking to capture network interactions effectively. This capability makes it invaluable for security testers analyzing complex client-server interactions to uncover vulnerabilities. Echo Mirage aids in thorough security analysis by allowing testers to identify potential weaknesses and simulate attacks on application communication. -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
10
Vulnerawa stands for vulnerable web application, though I think it should be renamed Vulnerable website. Unlike other vulnerable web apps, this application strives to be close to reality as possible. To know more about Vulnerawa, go here https://www.hackercoolmagazine.com/vulnerawa-vulnerable-web-app-for-practice/ See how to setup Vulnerawa in Wamp server. https://www.hackercoolmagazine.com/how-to-setup-vulnerawa-in-wamp-server/ To see how to set up a web app pen testing lab with...
-
11
phpscanner
An sql injection tools ..
This perl script is functionaly for search the admin page/s. Brute-force from a-z, for login admin corectly. -
12
miniPHP
A small, simple PHP MVC framework skeleton that encapsulates a lot of
miniPHP A small, simple PHP MVC framework skeleton that encapsulates a lot of features surrounded with powerful security layers. miniPHP is a very simple application, useful for small projects, helps to understand the PHP MVC skeleton, know how to authenticate and authorize, encrypt data and apply security concepts, sanitization and validation, make Ajax calls and more. It's not a full framework, nor a very basic one but it's not complicated. You can easily install, understand, and... -
13
Cyborg Essentials
Cyborg Essenitals is Debian based Penetration Testing Distro
Cyborg Essenitals is all new series Debian based Penetration Testing Distro , a product of Cyborg Linux and cousin of Cyborg Hawk Linux . It is different from cyborg hawk as it is based on DEBIAN. It contains all the essentials tools a pro ethical hacker and security expert needs which makes it lightweight and half the size of Cyborg Hawk Linux. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of... -
14
cyborghawk v1.1
Latest-v1.1 of The World's most advanced pen testing distribution ever
updated version of The most advanced, powerful and yet beautiful penetration testing distribution ever created.Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts. Simplify security in your IT infrastructure with Cyborg. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of tools, integrated with a stable linux environment. -
15
bWAPP
an extremely buggy web app !
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific... -
16
Wireless Attack Toolkit (WAT)
A push-button wireless hacking and Man-in-the-Middle attack toolkit
...Some of the tools included in the kit are: Custom regex-based DNS Server DHCP Aircrack-ng suite Browser Exploitation Framework (Preconfigured for metasploit) Metasploit Python-based Transparent Injection Proxy Pushbutton configuration "Limpet Mine" mode for attacking existing networks You basically answer three questions in the start script, wait a bit, then log into the BEEF console to start attacking clients -
17
Hcon Security Testing Framework
Open Source Penetration Testing / Ethical Hacking Framework
HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more. -
18
AHT (Ashiyane Hack Tools Ver) 1.1
Perl Hacking Tools (BackTrack)
...It is For BackTrack This Script Contains This tools : Local File Disclource (LFD) Checker Scanning the whole netmask and returning IP and MAC BackConnect Tools Proxy Checker Reverse IP Add a User With Admin Access (Windows) Add a User With r00t Access (Unix) Grab Cpanel Users Remote Port Scanning With NetCat SQL Injection Scanner MD5 Hash Cracker (Online) Admin Page Finder Make Uploader With Echo Method (Linux Servers) Service Scanning BruteForce Services With Medusa And Hydra (Backtrack) Test Lfi With php:// Bypass Method Cms Analyzer (Beta Version) Server Scanning With Nmap Remote Command Execution Console Fck Editor Scanner -
19
Secure user authentication system
A really secure user authentication system in PHP and MySQL.
-
20
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
-
21
GameOver
Training and educating about the web security
...Section 1 consists of special web applications that are designed especially to teach the basics of Web Security. This seciton will cover XSS CSRF RFI & LFI BruteForce Authentication Directory/Path traversal Command execution SQL injection Section 2 is a collection of dileberately insecure Web applications. This section provides a legal platform to test your skills and to try and exploit the vulnerabilities and sharpen your skills before you pentest live sites. We would advice newbies to try and exploit these web applications. These applications provide real life environments and will boost their confidence. -
22
SQLi Aid is a sleek, compact penetration testing tool for hacking method of Structure Query Language Injection. SQLi Aid comes with a manual, you'll need it. This program aids and suggests for you but will not do all the work for you, that's no fun.
-
23
CookieMonster that demonstrates HTTP session hijacking attacks. It sniff your network interface and hijack all cookie. The hijacked cookies can be edit and/or injected in your Firefox. It include a arp poisoning tool.
-
24
Hexjector is an Opensource,Cross Platform PHP script to automate Site Pentest for SQL Injection Vulnerabilties.
-
25
A web application penetration testing tool that can extract data from SQL Server, MySQL, DB2, Oracle, Sybase, Informix, and Postgres. Further, it can crawl a website as a vulnerability scanner looking for sql injection vulnerabilities.
