Search Results for "injection"
Sort By:
Showing 20 open source projects for "injection"
View related business solutions-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
1
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. ... -
2
garak
The LLM vulnerability scanner
garak checks if an LLM can be made to fail in a way we don't want. garak probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other weaknesses. garak's a free tool, we love developing it and are always interested in adding functionality to support applications. garak is a command-line tool, it's developed in Linux and OSX. Just grab it from PyPI and you should be good to go. The standard pip version of garak is updated periodically. garak has its own dependencies, you can to install garak in its own Conda environment. garak needs to know what model to scan, and by default, it'll try all the probes it knows on that model, using the vulnerability detectors recommended by each probe. ... -
3
Maltrail
Malicious traffic detection system
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name, URL, IP address (e.g. 185.130.5.231 for the known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in the discovery of unknown threats (e.g. new malware). Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. ... -
4
Claude Code Security Reviewer
An AI-powered security review GitHub Action using Claude
...Rather than relying purely on pattern matching or static analysis, this action feeds diffs and surrounding context to Claude to reason about potential vulnerabilities (e.g. injection, misconfigurations, secrets exposure, etc). When a PR is opened, the action analyzes only the changed files (diff-aware scanning), generates findings (with explanations, severity, and remediation suggestions), filters false positives using custom prompt logic, and posts comments directly on the PR. It supports configuration inputs (which files/directories to skip, model timeout, whether to comment on the PR, etc). ... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
Digna Web Scanner
A tool to check web apps for vulnerabilty
...Open Ports: Detects open ports on the target web server to understand its potential attack surface. Content Security Policy (CSP): Checks if the website has a properly configured CSP to mitigate XSS and other injection RCE -
6
paramspider
Mine parameterized URLs from web archives for security testing
...Instead of returning every discovered URL, the tool intelligently filters results to highlight parameterized endpoints that are more useful for vulnerability testing. These endpoints are commonly used during reconnaissance because parameters often expose inputs that may be vulnerable to issues like cross-site scripting, SQL injection, or server-side request forgery. ParamSpider automates the process of retrieving archived URLs, cleaning them, and preparing them for fuzzing or further probing. It can process a single domain or multiple domains from a list, making it useful for both targeted testing and large-scale reconnaissance. -
7
BlackWidow
Python web scanner for OSINT gathering and OWASP vulnerability fuzzing
...In addition to information gathering, the project includes a built-in fuzzing component called Inject-X, which tests dynamic URLs for common vulnerabilities listed in the OWASP Top 10. The scanner analyzes parameters and injects payloads to detect issues such as SQL injection, cross-site scripting (XSS), and open redirect vulnerabilities. -
8
VulnX
Intelligent Bot, Shell can achieve automatic injection
vulnx, an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities in CMS systems. It can perform a quick CMS security detection, information collection (including sub-domain name, IP address, country information, organizational information and time zone, etc.), and vulnerability scanning. Vulnx is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms, fast cms detection, information gathering, and vulnerability scanning of the target like subdomains, IP addresses, country, org, timezone, region, and more. ... -
9
Wireless Attack Toolkit (WAT)
A push-button wireless hacking and Man-in-the-Middle attack toolkit
...Some of the tools included in the kit are: Custom regex-based DNS Server DHCP Aircrack-ng suite Browser Exploitation Framework (Preconfigured for metasploit) Metasploit Python-based Transparent Injection Proxy Pushbutton configuration "Limpet Mine" mode for attacking existing networks You basically answer three questions in the start script, wait a bit, then log into the BEEF console to start attacking clients -
8 Monitoring Tools in One APM. Install in 5 Minutes.AppSignal works out of the box for Ruby, Elixir, Node.js, Python, and more. 30-day free trial, no credit card required.
-
10
Mole
Automatic SQL Injection Exploitation Tool
Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. The CLI also provides auto-completion on both commands and command arguments, making the user type as less as possible. -
11
Tyrant SQL
Tyrant SQL is a Havij based cross-platform. It's Sqlmap's gui version.
It's a poweful Sql Injection Tool. It's a GUI version of SqlMap, saving time and getting better results. Was designed basing on Havij. -
12
w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more. This project has been migrated to github! See details in our project site: http://w3af.org/
-
13
Injection Wizard is an application for injecting traffic into WEP protected Wi-Fi networks, like aireplay-ng, but it's much more easy to use and it can work with worse conditions.
-
14
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
-
15
ExploitMyUnion is a tool written in Python with a PyQt user interface made to automate sql injection exploitation.
-
16
Darkjumper.py Developed by : mywisdom & gunslinger_ This tool will try to find every website that host at the same server at your target Then check for every vulnerability of each website that host at the same server
-
17
Libdejector is a database tool which defeats SQL injection attacks by performing context-free validation of queries. While written in C, SWIG wrappers exist for Python and other languages will be following soon.
-
18
antiparser is an API/framework for generating random, malformed data for use in fuzzing and fault injection of network protocols and file formats. antiparser is written in Python and can be imported by scripts that implement additional fuzzing logic.
-
19
-
20
OpenSQLi-NG is the next generation open source sql injection tool. It silently test and exploit (on-demand) SQL injections conditions. Please refer to the project web site to have the complete description: http://opensqling.sourceforge.net/?page_id=8
- Previous
- You're on page 1
- Next
