Search Results for "jsql-injection" - Page 2
Sort By:
Showing 65 open source projects for "jsql-injection"
View related business solutions-
Streamline Azure Security with Palo Alto Networks VM-SeriesImprove your security posture and reduce incident response time. Use the VM-Series to natively analyze Azure traffic and dynamically drive policy updates based on workload changes.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
PydanticAI
Agent Framework / shim to use Pydantic with LLMs
When I first found FastAPI, I got it immediately. I was excited to find something so innovative and ergonomic built on Pydantic. Virtually every Agent Framework and LLM library in Python uses Pydantic, but when we began to use LLMs in Pydantic Logfire, I couldn't find anything that gave me the same feeling. PydanticAI is a Python Agent Framework designed to make it less painful to build production-grade applications with Generative AI. Built by the team behind Pydantic (the validation layer... -
2
AWS X-Ray SDK for Python
AWS X-Ray SDK for the Python programming language
...X-Ray Python SDK will by default generate no-op trace and entity id for unsampled requests and secure random trace and entity id for sampled requests. If customer wants to enable generating secure random trace and entity id for all the (sampled/unsampled) requests (this is applicable for trace id injection into logs use case) then they should set the AWS_XRAY_NOOP_ID environment variable as False. Oftentimes, it may be useful to be able to disable X-Ray for specific use cases, whether to stop X-Ray from sending traces at any moment or to test code functionality that originally depended on X-Ray instrumented packages to begin segments prior to the code call. ... -
3
IMS Toucan
Controllable and fast Text-to-Speech for over 7000 languages
...It includes complete pipelines for preprocessing datasets, training models, and running inference, plus a storage configuration system to manage where models and caches are stored. IMS-Toucan ships with several ready-to-run scripts, including GUIs for interactive demos, prosody override tools, zero-shot language embedding injection, and text-to-audio file generation. Pretrained models are automatically downloaded when needed, and there is an online demo instance hosted on GPU that anyone can try. -
4
FastAPI-MCP
Expose your FastAPI endpoints as Model Context Protocol (MCP) tools
fastapi_mcp lets you expose existing FastAPI endpoints as Model Context Protocol (MCP) tools with minimal setup, so AI agents can call your app as first-class tools. Rather than acting as a thin converter, it’s built as a native FastAPI extension that understands dependency injection, so you can reuse Depends() for authentication and authorization across your MCP tools. The server speaks directly to your app over its ASGI interface, avoiding extra HTTP hops between the MCP layer and your API, which reduces latency and simplifies deployment. A tiny bootstrap is enough to stand up an MCP server and, if desired, mount an HTTP transport for remote clients. ... -
Enterprise-grade ITSM, for every businessFreshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
-
5
Claude Code Security Reviewer
An AI-powered security review GitHub Action using Claude
...Rather than relying purely on pattern matching or static analysis, this action feeds diffs and surrounding context to Claude to reason about potential vulnerabilities (e.g. injection, misconfigurations, secrets exposure, etc). When a PR is opened, the action analyzes only the changed files (diff-aware scanning), generates findings (with explanations, severity, and remediation suggestions), filters false positives using custom prompt logic, and posts comments directly on the PR. It supports configuration inputs (which files/directories to skip, model timeout, whether to comment on the PR, etc). ... -
6
Flama
Fire up your models with the flame
Flama is a python library which establishes a standard framework for development and deployment of APIs with special focus on machine learning (ML). The main aim of the framework is to make ridiculously simple the deployment of ML APIs, simplifying (when possible) the entire process to a single line of code. The library builds on Starlette, and provides an easy-to-learn philosophy to speed up the building of highly performant GraphQL, REST and ML APIs. Besides, it comprises an ideal solution... -
7
Digna Web Scanner
A tool to check web apps for vulnerabilty
...Open Ports: Detects open ports on the target web server to understand its potential attack surface. Content Security Policy (CSP): Checks if the website has a properly configured CSP to mitigate XSS and other injection RCE -
8
4allDownloader Converter
Video,audio&Files Downloader&Convert with built-in browser with AI.
...Download videos, Audio, from 10000+ of sites, and also files from any platform with advanced format conversion capabilities. Features a built-in browser with JavaScript injection support that remembers logins while maintaining complete privacy. Five powerful tabs streamline your workflow: Home tab for pasting URLs, channels, playlists, and direct search; Browser tab for seamless web navigation; Downloads tab with resume/cancel support and download history; Utilities tab offering lossless conversion for all file formats plus URL analysis tools; Settings tab for proxy configuration, search limits, download engine selection, and advanced customization. ... -
9
paramspider
Mine parameterized URLs from web archives for security testing
...Instead of returning every discovered URL, the tool intelligently filters results to highlight parameterized endpoints that are more useful for vulnerability testing. These endpoints are commonly used during reconnaissance because parameters often expose inputs that may be vulnerable to issues like cross-site scripting, SQL injection, or server-side request forgery. ParamSpider automates the process of retrieving archived URLs, cleaning them, and preparing them for fuzzing or further probing. It can process a single domain or multiple domains from a list, making it useful for both targeted testing and large-scale reconnaissance. -
Build Agents and Models on One PlatformGemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
-
10
RasaGPT
Headless Rasa chatbot platform with LLM integration and APIs
RasaGPT is a headless chatbot platform that combines Rasa with modern LLM tooling such as Langchain and LlamaIndex. It serves as a reference implementation and boilerplate for building conversational AI systems with retrieval and context injection. RasaGPT includes a FastAPI backend for creating custom bot endpoints, along with document ingestion and a training pipeline. It simplifies integration challenges between Rasa and LLM libraries, including metadata handling and library conflicts. RasaGPT supports multi-tenant deployments, session management, and custom schemas using pgvector. ... -
11
GraphQLmap
GraphQLmap is a scripting engine to interact with endpoints
GraphQLmap is a Python-based scripting engine designed to interact with GraphQL endpoints for penetration testing purposes. It can connect to a target GraphQL endpoint, dump the schema (if introspection is enabled), query it interactively, and fuzz fields for NoSQL/SQL injection vectors, thereby revealing hidden attack surfaces. GraphQL endpoints represent a relatively newer attack vector compared to REST, and GraphQLmap helps bridge this gap by providing tooling tailored to the GraphQL paradigm. Because many modern applications adopt GraphQL for flexibility, this tool is useful when scanning and attacking API back ends where typical REST-based tools fall short. ... -
12
FastAPI CRUD Router
A dynamic FastAPI router that automatically creates CRUD routes
Tired of rewriting generic CRUD routes? Need to rapidly prototype a feature for a presentation or a hackathon? Thankfully, fastapi-crudrouter has your back. As an extension to the APIRouter included with FastAPI, the FastAPI CRUDRouter will automatically generate and document your CRUD routes for you, all you have to do is pass your model and maybe your database connection. fastapi-crudrouter provides a number of features that allow you to get the most out of your automatically generated... -
13
django-summernote
Simply integrate Summernote editor with Django project
...Please mind, that the widget does not provide any escaping. If you expose the widget to external users without taking care of this, it could potentially lead to an injection vulnerability. Therefore you can use the SummernoteTextFormField or SummernoteTextField, which escape all harmful tags through mozilla's package bleach. django-summernote is served with Bootstrap3 by default, but you can choose other options. -
14
Big List of Naughty Strings
List of strings which have a high probability of causing issues
The Big List of Naughty Strings is a community-maintained catalog of “gotcha” inputs that commonly break software, from unusual Unicode to SQL and script injection payloads. It exists so developers and QA engineers can easily test edge cases that normal test data would miss, such as zero-width characters, right-to-left marks, emojis, foreign alphabets, and long or malformed strings. By throwing these strings at forms, APIs, databases, and UIs, teams can discover encoding bugs, sanitizer gaps, rendering issues, and security oversights early. ... -
15
molten
A minimal, extensible, fast and productive framework
molten is a minimal, extensible, fast and productive framework for building HTTP APIs with Python. molten can automatically validate requests according to predefined schemas, ensuring that your handlers only ever run if given valid input. Schemas are PEP484-compatible, which means mypy and molten go hand-in-hand, making your code more easy to maintain. Schema instances are automatically serializable and you can pick and choose which fields to exclude from responses and requests. Write clean,... -
16
BlackWidow
Python web scanner for OSINT gathering and OWASP vulnerability fuzzing
...In addition to information gathering, the project includes a built-in fuzzing component called Inject-X, which tests dynamic URLs for common vulnerabilities listed in the OWASP Top 10. The scanner analyzes parameters and injects payloads to detect issues such as SQL injection, cross-site scripting (XSS), and open redirect vulnerabilities. -
17
Pinject
A pythonic dependency injection library
Pinject is a lightweight dependency-injection library for Python that favors explicit wiring and testability over magic. Instead of global singletons, you declare providers (bindings) that describe how to construct objects, and Pinject resolves the graph by inspecting call signatures. Its container supports constructor injection and fine-grained scoping so you can share expensive resources while keeping tests isolated. -
18
VulnX
Intelligent Bot, Shell can achieve automatic injection
vulnx, an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities in CMS systems. It can perform a quick CMS security detection, information collection (including sub-domain name, IP address, country information, organizational information and time zone, etc.), and vulnerability scanning. Vulnx is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms, fast cms detection, information gathering, and vulnerability scanning of the target like subdomains, IP addresses, country, org, timezone, region, and more. ... -
19
Python Taint
Static Analysis Tool for Detecting Security Vulnerabilities in Python
Static analysis of Python web applications based on theoretical foundations (Control flow graphs, fixed point, dataflow analysis) Detect command injection, SSRF, SQL injection, XSS, directory traveral etc. A lot of customization is possible. For functions from builtins or libraries, e.g. url_for or os.path.join, use the -m option to specify whether or not they return tainted values given tainted inputs, by default this file is used. -
20
Spatial Media
Specifications and tools for 360º video and spatial audio
spatial-media provides tools for working with spherical video and spatial audio metadata so players and platforms can correctly render immersive media. The utilities inject, inspect, and extract metadata in common container formats (MP4/WebM) to signal 360° projection type, stereoscopy mode, and spatial audio layout. Creators use it to prepare 360/VR180 assets for upload so services know whether a video is monoscopic, top-bottom stereo, or side-by-side, and whether ambisonic audio is... -
21
Gin Config
Gin provides a lightweight configuration framework for Python
Gin Config is a lightweight and flexible configuration framework for Python built around dependency injection. It enables developers to manage complex parameter hierarchies—particularly common in machine learning experiments—without relying on boilerplate configuration classes or protos. By decorating functions and classes with @gin.configurable, Gin allows their parameters to be overridden using simple configuration files (.gin) or command-line bindings. -
22
Aglyph
Aglyph is a Dependency Injection framework for Python.
Aglyph is a Dependency Injection framework for Python, supporting type 2 (setter) and type 3 (constructor) injection. Aglyph runs on CPython (http://www.python.org/) 2.7 and 3.4+, and on recent versions of the PyPy (http://pypy.org/>),Jython (http://www.jython.org/), IronPython (http://ironpython.net/), and Stackless Python (http://www.stackless.com/) variants. -
23
iSCSIsim is a powerful generic test tool for iSCSI targets. Its capabilities include SCSI command injection, error insertion, and recovery testing: all with built-in validation of test results.
-
24
sqliv
Massive SQL injection vulnerability scanner for automated web testing
SQLiv is a command-line security tool designed to identify SQL injection vulnerabilities in web applications through automated scanning techniques. Written primarily in Python, the project focuses on discovering potentially vulnerable web pages by analyzing URLs that contain database query parameters. It can perform large-scale scanning by using search engine queries known as SQL injection dorks to collect candidate websites and then test them for vulnerabilities. -
25
NoSQLMap
Automated NoSQL database enumeration and web application exploitation
A security tool for detecting and exploiting vulnerabilities in NoSQL databases, similar to SQLMap for traditional databases.