Search Results for "jsql-injection"

...It works by abusing the NAT’s Application Level Gateway (ALG) logic and connection tracking, combined with browser capabilities like WebRTC, precise packet fragmentation or boundary control, and packet injection techniques. The attack is able to bypass browser port restrictions by fragmenting or massaging packets so that the “exploit payload” lands in a packet boundary that gets parsed by the NAT/ALG as a legitimate protocol packet (e.g. SIP or H.323). Once successful, the NAT/firewall is deceived into opening a “hole” (port forwarding) back to the internal host, enabling the attacker to connect directly to internal services.

...If the target image exists, it can inject into it; otherwise, it generates a new one. Offers separate utilities per format (e.g., bmp.pl, gif.pl, jpg.pl, png.pl) for injection or creation. Functions as a steganography tool for hiding backdoors or messages in images.

The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ...

lua-resty-waf is a web application firewall implemented in Lua for OpenResty/NGINX, designed to run inline at the edge with low overhead. It inspects requests and responses during NGINX phases, applying rule logic and anomaly scoring to detect patterns like SQL injection, cross-site scripting, and protocol abuse. Rules are organized into policies with configurable actions—block, log, or allow—and can leverage shared dictionaries for counters, rate limits, and caching decisions. Because it runs inside the NGINX event loop, it scales with the web tier and avoids the latency of external proxies. Operators can extend it with custom Lua code, integrate threat feeds, or adapt it to application-specific quirks without recompiling modules. ...

SQLInjection is one of the basics of hacking. It is also one of the most tedious and most time consuming steps. MR.SE SQL Injection Tool programmed under Perl and hackers can quickly and easily penetrate their desired website databases with this.

Sqlninja is an exploitation tool to be used against web apps based on MS SQL Server that are vulnerable to SQL Injection attacks, in order to get a shell or extract data also in very hostile conditions. For more information please check http://sqlninja.sf.net

...It is For BackTrack This Script Contains This tools : Local File Disclource (LFD) Checker Scanning the whole netmask and returning IP and MAC BackConnect Tools Proxy Checker Reverse IP Add a User With Admin Access (Windows) Add a User With r00t Access (Unix) Grab Cpanel Users Remote Port Scanning With NetCat SQL Injection Scanner MD5 Hash Cracker (Online) Admin Page Finder Make Uploader With Echo Method (Linux Servers) Service Scanning BruteForce Services With Medusa And Hydra (Backtrack) Test Lfi With php:// Bypass Method Cms Analyzer (Beta Version) Server Scanning With Nmap Remote Command Execution Console Fck Editor Scanner

Note: WE ARE UNABLE TO UPDATE THE SCANNER AT THIS MOMENT! Note: WE APPRECIATE YOUR CONTRIBUTION. Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site. We'll update it soon. The database update is currently maintained by web-center.si. Send your contributions, recommendations and bugs report to joomscan at yehg.net or creating a ticket at Trac here.

sqlsus is an open source (My)SQL injection tool, written in perl. It focuses on speed and efficiency, optimising the available injection space. It provides an easy to use interface with lots of neat features. For more information, please visit http://sqlsus.sf.net

Darkjumper.py Developed by : mywisdom & gunslinger_ This tool will try to find every website that host at the same server at your target Then check for every vulnerability of each website that host at the same server

Skavenger analyzes HTTP traffic logged by various Web proxies (including WebScarab and Burp) for indications of common web vulnerabilities such as XSS, CRLF injection and various kinds of information disclosure.

Vipul's Razor is a distributed, collaborative, spam detection and filtering network. The primary focus of the system is to identify and disable an email spam before its injection and processing is complete.

Gamja will find XSS(Cross site scripting) & SQL Injection weak point also URL parameter validation error. Who knows that which parameter is weak parameter? Gamja will be helpful for finding vulnerability[ XSS , Validation Error , SQL Injection].