Search Results for "jsql-injection"
Sort By:
Showing 65 open source projects for "jsql-injection"
View related business solutions-
Fully Managed MySQL, PostgreSQL, and SQL ServerCloud SQL handles your database ops end to end, so you can focus on your app.
-
Ship Agents FasterGemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
-
1
HunyuanVideo-Avatar
Tencent Hunyuan Multimodal diffusion transformer (MM-DiT) model
HunyuanVideo-Avatar is a multimodal diffusion transformer (MM-DiT) model by Tencent Hunyuan for animating static avatar images into dynamic, emotion-controllable, and multi-character dialogue videos, conditioned on audio. It addresses challenges of motion realism, identity consistency, and emotional alignment. Innovations include a character image injection module, an Audio Emotion Module for transferring emotion cues, and a Face-Aware Audio Adapter to isolate audio effects on faces, enabling multiple characters to be animated in a scene. Character image injection module for better consistency between training and inference conditioning. Emotion control by extracting emotion reference images and transferring emotional style into video sequences. -
2
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. ... -
3
NoneBot
Asynchronous multi-platform robot framework written in Python
...Supports multiple platforms and multiple incident response methods. Asynchronous priority development to improve operational efficiency. Simple and clear dependency injection system, built-in dependency functions reduce user code. NoneBot2 is a modern, cross-platform, and extensible Python chatbot framework. It is based on Python's type annotations and asynchronous features, and can provide convenient and flexible support for your needs. NoneBot2 is written based on Python asyncio , and has a certain degree of synchronous function compatibility based on the asynchronous mechanism. ... -
4
Agent Control
Centralized agent control plane for governing runtime agent behavior
...It lets teams define controls once and apply them consistently to agents without rewriting the agent’s core code. The platform evaluates agent inputs and outputs against configurable policies to reduce risks such as prompt injection, unsafe responses, sensitive data exposure, and policy drift. It is designed for production environments where organizations need observability, enforcement, and governance around autonomous or semi-autonomous AI systems. The repository includes SDKs, a server, telemetry components, examples, and integrations for common agent frameworks. ... -
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
5
BlackSheep
Fast ASGI web framework for Python
BlackSheep is an asynchronous web framework to build event-based web applications with Python. A rich code API, based on dependency injection and inspired by Flask and ASP.NET Core. A typing-friendly codebase, which enables a comfortable development experience thanks to hints when coding with IDEs. Built-in generation of OpenAPI Documentation, supporting version 3, YAML, and JSON. A cross-platform framework, using the most modern versions of Python. BlackSheep supports automatic binding of values for request handlers, by type annotation or by conventions. -
6
MiroFish
A Simple and Universal Swarm Intelligence Engine
MiroFish is a next-generation artificial intelligence prediction engine that leverages multi-agent technology and swarm-intelligence simulation to model, simulate, and forecast complex real-world scenarios. The system extracts “seed” information from sources such as breaking news, policy documents, and market signals to construct a high-fidelity digital parallel world populated by thousands of virtual agents with independent memory and behavior rules. Users can inject variables or conditions... -
7
HunyuanCustom
Multimodal-Driven Architecture for Customized Video Generation
...It supports conditioning via image, audio, video, and text, and can perform subject replacement in videos, generate avatars speaking given audio, or combine multiple subject images. The architecture builds on HunyuanVideo, with added modules for identity reinforcement and modality-specific condition injection. Text-image fusion module based on LLaVA for improved multimodal understanding. Applicable to single- and multi-subject scenarios, video editing/replacement, singing avatars etc. -
8
react2shell-scanner
High Fidelity Detection Mechanism for RSC/Next.js RCE
react2shell-scanner is a security-oriented tool that bridges modern JavaScript (React) applications and shell scripting by auditing web front-ends for exposed interfaces that could be manipulated or controlled through command execution. It scans React codebases, identifies places where user input interacts with shell-executable contexts, and flags risky patterns that might lead to command injection, unvalidated arguments, or unsafe bindings between UI controls and underlying system actions. This is especially valuable for projects that mix web UIs with server-side scripting, developer tooling, or plugin ecosystems where untrusted input could enter execution paths. The scanner integrates with standard CI/CD pipelines, letting teams detect issues early in development rather than discovering them in production or during penetration testing. -
9
Django
The Web framework for perfectionists with deadlines
Django is a high-level, free and open-source Python web framework founded on the Model–Template–View (MTV) pattern, designed to facilitate rapid development of secure, maintainable, and scalable database-driven websites. First, read docs/intro/install.txt for instructions on installing Django. Next, work through the tutorials in order (docs/intro/tutorial01.txt, docs/intro/tutorial02.txt, etc.). If you want to set up an actual deployment server, read docs/howto/deployment/index.txt for... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
LLM Guard
The Security Toolkit for LLM Interactions
...The library acts as a protective layer between users and language models by analyzing inputs and outputs before they reach or leave the model. It includes scanning mechanisms that detect malicious prompts, prompt injection attempts, toxic content, and other harmful inputs that could compromise AI systems. The toolkit also helps prevent sensitive information leaks by identifying secrets such as API keys or credentials before they are processed by the model. LLM Guard supports both input and output filtering pipelines, allowing developers to sanitize prompts and validate generated responses in real time. ... -
11
AgentOps
Python SDK for agent monitoring, LLM cost tracking, benchmarking, etc.
...Visually track events such as LLM calls, tools, and multi-agent interactions. Rewind and replay agent runs with point-in-time precision. Keep a full data trail of logs, errors, and prompt injection attacks from prototype to production. Native integrations with the top agent frameworks. -
12
FuzzyAI Fuzzer
A powerful tool for automated LLM fuzzing
FuzzyAI is an open-source fuzzing framework designed to test the security and reliability of large language model applications. The tool automates the process of generating adversarial prompts and input variations to identify vulnerabilities such as jailbreaks, prompt injections, or unsafe model responses. It allows developers and security researchers to systematically evaluate the robustness of LLM-based systems by simulating a wide range of malicious or unexpected inputs. The framework can... -
13
garak
The LLM vulnerability scanner
garak checks if an LLM can be made to fail in a way we don't want. garak probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other weaknesses. garak's a free tool, we love developing it and are always interested in adding functionality to support applications. garak is a command-line tool, it's developed in Linux and OSX. Just grab it from PyPI and you should be good to go. The standard pip version of garak is updated periodically. garak has its own dependencies, you can to install garak in its own Conda environment. garak needs to know what model to scan, and by default, it'll try all the probes it knows on that model, using the vulnerability detectors recommended by each probe. ... -
14
Guardrails
Framework for validating and controlling LLM outputs in AI apps
...It provides mechanisms for validating and constraining both the inputs sent to a model and the outputs generated by it, helping reduce risks such as harmful content, prompt injection, or inaccurate responses. Guardrails works by applying configurable guards that intercept and evaluate interactions with the model before results are returned to the end user. These guards can detect and mitigate specific issues by applying validators that analyze content, enforce rules, or ensure structured output formats. Guardrails also supports generating structured data from language models, allowing developers to enforce schemas or type constraints on responses. ... -
15
Maltrail
Malicious traffic detection system
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name, URL, IP address (e.g. 185.130.5.231 for the known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in the discovery of unknown threats (e.g. new malware). Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. ... -
16
pg-aiguide
MCP server and Claude plugin for Postgres skills and documentation
pg-aiguide is a tool designed to enhance AI-assisted development with PostgreSQL by providing structured knowledge and skills directly to coding agents. It acts as a bridge between database documentation and AI tools, enabling more accurate generation of SQL queries and database interactions. The system integrates with Claude Code through an MCP server, allowing agents to access curated PostgreSQL knowledge in real time. It focuses on improving developer productivity by reducing errors and... -
17
RecAI
Bridging LLM and Recommender System
RecAI is an open-source research platform developed by Microsoft to explore how large language models can be integrated into modern recommender systems. Traditional recommender systems rely on structured behavioral data such as user interactions and item embeddings, while large language models excel at understanding language and reasoning about user preferences. RecAI aims to bridge these two domains by creating architectures and training methods that allow LLMs to function as intelligent... -
18
papermill
Parameterize, execute, and analyze notebooks
papermill is a Python library and command-line tool that transforms Jupyter Notebooks into repeatable, parameterized workflows by allowing users to define editable parameters within notebooks and then programmatically execute them with different inputs. Instead of manually opening and running a notebook inside JupyterLab or Notebook every time, Papermill lets you inject new values into a specially tagged parameters cell and execute the entire notebook automatically via a script or automation... -
19
LocalStack
Develop and test your cloud apps offline
...LocalStack was built on some of today’s best-of-breed mocking/testing tools, combining them and making them interoperable, and adding important functionality such as error injection and pluggable services. All this happening locally, without ever talking to the cloud. -
20
promptmap2
A security scanner for custom LLM applications
promptmap is an automated security scanner for custom LLM applications that focuses on prompt injection and related attack classes. The project supports both white-box and black-box testing, which means it can either run tests directly against a known model and system prompt configuration or attack an external HTTP endpoint without internal access. Its scanning workflow uses a dual-LLM architecture in which one model acts as the target being tested and another acts as a controller that evaluates whether an attack succeeded. ... -
21
OpenAI Sublime Text Plugin
First class Sublime Text AI assistant with gpt-5, Opus 4.6, Gemini 3
OpenAI Sublime Text is a full-featured AI assistant plugin designed to bring advanced language model capabilities into the Sublime Text editor with a deeply integrated user experience. It supports a wide range of providers, including OpenAI, Anthropic, Google Gemini, and local backends like Ollama or llama.cpp, making it highly flexible for different deployment scenarios. The plugin offers both chat-based interaction and inline assistance through “phantoms,” which display non-intrusive... -
22
AICGSecEval
A.S.E (AICGSecEval) is a repository-level AI-generated code security
AICGSecEval is an open-source benchmark framework designed to evaluate the security of code generated by artificial intelligence systems. The project was developed to address concerns that AI-assisted programming tools may produce insecure code containing vulnerabilities such as injection flaws or unsafe logic. The framework constructs evaluation tasks based on real-world software repositories and known vulnerability cases derived from CVE records. By simulating realistic development scenarios, the benchmark assesses how well AI code generation systems handle security-sensitive programming tasks. AICGSecEval combines static and dynamic evaluation techniques to analyze generated code for vulnerabilities and functional correctness. ... -
23
Text-to-LoRA (T2L)
Hypernetworks that adapt LLMs for specific benchmark tasks
Text-to-LoRA is a research project that introduces a method for dynamically adapting large language models using hypernetworks that generate LoRA parameters directly from textual descriptions. Instead of training a new LoRA adapter for every task or dataset, the system can produce task-specific adaptations based solely on a text description of the desired capability. This approach enables models to rapidly internalize new contextual knowledge without performing traditional fine-tuning steps.... -
24
SafeClaw
Chat with it via text and voice
...The assistant offers features such as voice control using fully local speech-to-text (Whisper) and text-to-speech (Piper) capabilities, news aggregation with extractive summarization, and smart home or Bluetooth device control. SafeClaw supports multiple channels, including CLI and Telegram, and avoids prompt injection risk because it doesn’t rely on LLMs for core operations. -
25
Agent SOP
Natural language workflows for AI agents
Agent SOP is a framework that implements structured operational procedures (SOPs) for autonomous agents so that they can carry out complex multi-step tasks reliably and in a defined order. Instead of relying solely on broad language model reasoning, this project enforces explicit step sequences with checkpoints, conditional transitions, and rollback logic, making agent workflows more predictable and auditable. It defines reusable SOP templates that agents can instantiate with...