Search Results for "injection" - Page 2
Sort By:
Showing 62 open source projects for "injection"
View related business solutions-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
1
IMS Toucan
Controllable and fast Text-to-Speech for over 7000 languages
...It includes complete pipelines for preprocessing datasets, training models, and running inference, plus a storage configuration system to manage where models and caches are stored. IMS-Toucan ships with several ready-to-run scripts, including GUIs for interactive demos, prosody override tools, zero-shot language embedding injection, and text-to-audio file generation. Pretrained models are automatically downloaded when needed, and there is an online demo instance hosted on GPU that anyone can try. -
2
FastAPI-MCP
Expose your FastAPI endpoints as Model Context Protocol (MCP) tools
fastapi_mcp lets you expose existing FastAPI endpoints as Model Context Protocol (MCP) tools with minimal setup, so AI agents can call your app as first-class tools. Rather than acting as a thin converter, it’s built as a native FastAPI extension that understands dependency injection, so you can reuse Depends() for authentication and authorization across your MCP tools. The server speaks directly to your app over its ASGI interface, avoiding extra HTTP hops between the MCP layer and your API, which reduces latency and simplifies deployment. A tiny bootstrap is enough to stand up an MCP server and, if desired, mount an HTTP transport for remote clients. ... -
3
Claude Code Security Reviewer
An AI-powered security review GitHub Action using Claude
...Rather than relying purely on pattern matching or static analysis, this action feeds diffs and surrounding context to Claude to reason about potential vulnerabilities (e.g. injection, misconfigurations, secrets exposure, etc). When a PR is opened, the action analyzes only the changed files (diff-aware scanning), generates findings (with explanations, severity, and remediation suggestions), filters false positives using custom prompt logic, and posts comments directly on the PR. It supports configuration inputs (which files/directories to skip, model timeout, whether to comment on the PR, etc). ... -
4
Digna Web Scanner
A tool to check web apps for vulnerabilty
...Open Ports: Detects open ports on the target web server to understand its potential attack surface. Content Security Policy (CSP): Checks if the website has a properly configured CSP to mitigate XSS and other injection RCE -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
4allDownloader Converter
Video,audio&Files Downloader&Convert with built-in browser with AI.
...Download videos, Audio, from 10000+ of sites, and also files from any platform with advanced format conversion capabilities. Features a built-in browser with JavaScript injection support that remembers logins while maintaining complete privacy. Five powerful tabs streamline your workflow: Home tab for pasting URLs, channels, playlists, and direct search; Browser tab for seamless web navigation; Downloads tab with resume/cancel support and download history; Utilities tab offering lossless conversion for all file formats plus URL analysis tools; Settings tab for proxy configuration, search limits, download engine selection, and advanced customization. ... -
6
paramspider
Mine parameterized URLs from web archives for security testing
...Instead of returning every discovered URL, the tool intelligently filters results to highlight parameterized endpoints that are more useful for vulnerability testing. These endpoints are commonly used during reconnaissance because parameters often expose inputs that may be vulnerable to issues like cross-site scripting, SQL injection, or server-side request forgery. ParamSpider automates the process of retrieving archived URLs, cleaning them, and preparing them for fuzzing or further probing. It can process a single domain or multiple domains from a list, making it useful for both targeted testing and large-scale reconnaissance. -
7
RasaGPT
Headless Rasa chatbot platform with LLM integration and APIs
RasaGPT is a headless chatbot platform that combines Rasa with modern LLM tooling such as Langchain and LlamaIndex. It serves as a reference implementation and boilerplate for building conversational AI systems with retrieval and context injection. RasaGPT includes a FastAPI backend for creating custom bot endpoints, along with document ingestion and a training pipeline. It simplifies integration challenges between Rasa and LLM libraries, including metadata handling and library conflicts. RasaGPT supports multi-tenant deployments, session management, and custom schemas using pgvector. ... -
8
GraphQLmap
GraphQLmap is a scripting engine to interact with endpoints
GraphQLmap is a Python-based scripting engine designed to interact with GraphQL endpoints for penetration testing purposes. It can connect to a target GraphQL endpoint, dump the schema (if introspection is enabled), query it interactively, and fuzz fields for NoSQL/SQL injection vectors, thereby revealing hidden attack surfaces. GraphQL endpoints represent a relatively newer attack vector compared to REST, and GraphQLmap helps bridge this gap by providing tooling tailored to the GraphQL paradigm. Because many modern applications adopt GraphQL for flexibility, this tool is useful when scanning and attacking API back ends where typical REST-based tools fall short. ... -
9
FastAPI CRUD Router
A dynamic FastAPI router that automatically creates CRUD routes
Tired of rewriting generic CRUD routes? Need to rapidly prototype a feature for a presentation or a hackathon? Thankfully, fastapi-crudrouter has your back. As an extension to the APIRouter included with FastAPI, the FastAPI CRUDRouter will automatically generate and document your CRUD routes for you, all you have to do is pass your model and maybe your database connection. fastapi-crudrouter provides a number of features that allow you to get the most out of your automatically generated... -
8 Monitoring Tools in One APM. Install in 5 Minutes.AppSignal works out of the box for Ruby, Elixir, Node.js, Python, and more. 30-day free trial, no credit card required.
-
10
django-summernote
Simply integrate Summernote editor with Django project
...Please mind, that the widget does not provide any escaping. If you expose the widget to external users without taking care of this, it could potentially lead to an injection vulnerability. Therefore you can use the SummernoteTextFormField or SummernoteTextField, which escape all harmful tags through mozilla's package bleach. django-summernote is served with Bootstrap3 by default, but you can choose other options. -
11
Big List of Naughty Strings
List of strings which have a high probability of causing issues
The Big List of Naughty Strings is a community-maintained catalog of “gotcha” inputs that commonly break software, from unusual Unicode to SQL and script injection payloads. It exists so developers and QA engineers can easily test edge cases that normal test data would miss, such as zero-width characters, right-to-left marks, emojis, foreign alphabets, and long or malformed strings. By throwing these strings at forms, APIs, databases, and UIs, teams can discover encoding bugs, sanitizer gaps, rendering issues, and security oversights early. ... -
12
molten
A minimal, extensible, fast and productive framework
molten is a minimal, extensible, fast and productive framework for building HTTP APIs with Python. molten can automatically validate requests according to predefined schemas, ensuring that your handlers only ever run if given valid input. Schemas are PEP484-compatible, which means mypy and molten go hand-in-hand, making your code more easy to maintain. Schema instances are automatically serializable and you can pick and choose which fields to exclude from responses and requests. Write clean,... -
13
BlackWidow
Python web scanner for OSINT gathering and OWASP vulnerability fuzzing
...In addition to information gathering, the project includes a built-in fuzzing component called Inject-X, which tests dynamic URLs for common vulnerabilities listed in the OWASP Top 10. The scanner analyzes parameters and injects payloads to detect issues such as SQL injection, cross-site scripting (XSS), and open redirect vulnerabilities. -
14
Pinject
A pythonic dependency injection library
Pinject is a lightweight dependency-injection library for Python that favors explicit wiring and testability over magic. Instead of global singletons, you declare providers (bindings) that describe how to construct objects, and Pinject resolves the graph by inspecting call signatures. Its container supports constructor injection and fine-grained scoping so you can share expensive resources while keeping tests isolated. -
15
VulnX
Intelligent Bot, Shell can achieve automatic injection
vulnx, an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities in CMS systems. It can perform a quick CMS security detection, information collection (including sub-domain name, IP address, country information, organizational information and time zone, etc.), and vulnerability scanning. Vulnx is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms, fast cms detection, information gathering, and vulnerability scanning of the target like subdomains, IP addresses, country, org, timezone, region, and more. ... -
16
Python Taint
Static Analysis Tool for Detecting Security Vulnerabilities in Python
Static analysis of Python web applications based on theoretical foundations (Control flow graphs, fixed point, dataflow analysis) Detect command injection, SSRF, SQL injection, XSS, directory traveral etc. A lot of customization is possible. For functions from builtins or libraries, e.g. url_for or os.path.join, use the -m option to specify whether or not they return tainted values given tainted inputs, by default this file is used. -
17
Spatial Media
Specifications and tools for 360º video and spatial audio
spatial-media provides tools for working with spherical video and spatial audio metadata so players and platforms can correctly render immersive media. The utilities inject, inspect, and extract metadata in common container formats (MP4/WebM) to signal 360° projection type, stereoscopy mode, and spatial audio layout. Creators use it to prepare 360/VR180 assets for upload so services know whether a video is monoscopic, top-bottom stereo, or side-by-side, and whether ambisonic audio is... -
18
Gin Config
Gin provides a lightweight configuration framework for Python
Gin Config is a lightweight and flexible configuration framework for Python built around dependency injection. It enables developers to manage complex parameter hierarchies—particularly common in machine learning experiments—without relying on boilerplate configuration classes or protos. By decorating functions and classes with @gin.configurable, Gin allows their parameters to be overridden using simple configuration files (.gin) or command-line bindings. -
19
Aglyph
Aglyph is a Dependency Injection framework for Python.
Aglyph is a Dependency Injection framework for Python, supporting type 2 (setter) and type 3 (constructor) injection. Aglyph runs on CPython (http://www.python.org/) 2.7 and 3.4+, and on recent versions of the PyPy (http://pypy.org/>),Jython (http://www.jython.org/), IronPython (http://ironpython.net/), and Stackless Python (http://www.stackless.com/) variants. -
20
iSCSIsim is a powerful generic test tool for iSCSI targets. Its capabilities include SCSI command injection, error insertion, and recovery testing: all with built-in validation of test results.
-
21
sqliv
Massive SQL injection vulnerability scanner for automated web testing
SQLiv is a command-line security tool designed to identify SQL injection vulnerabilities in web applications through automated scanning techniques. Written primarily in Python, the project focuses on discovering potentially vulnerable web pages by analyzing URLs that contain database query parameters. It can perform large-scale scanning by using search engine queries known as SQL injection dorks to collect candidate websites and then test them for vulnerabilities. -
22
NoSQLMap
Automated NoSQL database enumeration and web application exploitation
A security tool for detecting and exploiting vulnerabilities in NoSQL databases, similar to SQLMap for traditional databases. -
23
sitecheck
Modular web site spider for web developers.
More than just a link checker, sitecheck is a website spider (also known as a crawler) which can assist with SEO by testing an entire site plus both inbound links from search engines and outbound links to other sites for the following issues: looping redirects (HTTP 301/302), broken links (HTTP 404), server errors (HTTP 500), spelling mistakes, low readability scores (using the Flesch Reading Ease test), missing/empty/duplicate meta tags, duplicate content, slow page speed, W3C validation errors and accessibility errors. Sitecheck can also spot some common causes of PCI compliance failure such as insecure content on secure pages, SQL injection/cross-site scripting (XSS) vulnerabilities, insecure encryption ciphers and open mail relays. Sources of information leakage such as email addresses and IP addresses in the headers or the page will be logged. Includes a separate module called domaincheck which checks the domain expiry date, SSL certificate expiry date and SPF records. -
24
Wireless Attack Toolkit (WAT)
A push-button wireless hacking and Man-in-the-Middle attack toolkit
...Some of the tools included in the kit are: Custom regex-based DNS Server DHCP Aircrack-ng suite Browser Exploitation Framework (Preconfigured for metasploit) Metasploit Python-based Transparent Injection Proxy Pushbutton configuration "Limpet Mine" mode for attacking existing networks You basically answer three questions in the start script, wait a bit, then log into the BEEF console to start attacking clients -
25
Mole
Automatic SQL Injection Exploitation Tool
Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. The CLI also provides auto-completion on both commands and command arguments, making the user type as less as possible.
