Search Results for "sql injection\"
Sort By:
Showing 39 open source projects for "sql injection\"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
1
Go SQLBuilder
Powerful SQL string builder library plus a zero-config ORM
Go-SQLBuilder is a flexible and powerful SQL string builder library for the Go programming language. It aids developers in constructing SQL queries programmatically, ensuring code readability and maintainability. -
2
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. ... -
3
Medoo
The lightweight PHP database framework to accelerate the development
...A lightweight PHP database framework to accelerate development. Supports MySQL, MSSQL, SQLite, MariaDB, PostgreSQL, Sybase, Oracle, and more. Supports various common and complex SQL queries, data mapping, and prevents SQL injection. Works well with every PHP framework, like Laravel, Yii, Slim, and framework which supports singleton extension or composer. -
4
1Panel
1Panel provides an intuitive web interface and MCP Server
1Panel is a comprehensive Linux server management dashboard and MCP server built in Go. It offers UI control over websites, containers, databases, file systems, LLMs, backups, and monitoring, streamlining typical admin workflows via web. -
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
5
Django
The Web framework for perfectionists with deadlines
Django is a high-level, free and open-source Python web framework founded on the Model–Template–View (MTV) pattern, designed to facilitate rapid development of secure, maintainable, and scalable database-driven websites. First, read docs/intro/install.txt for instructions on installing Django. Next, work through the tutorials in order (docs/intro/tutorial01.txt, docs/intro/tutorial02.txt, etc.). If you want to set up an actual deployment server, read docs/howto/deployment/index.txt for... -
6
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
7
Rules Engine
A Json based Rules Engine with extensive Dynamic expression support
A Json-based Rules Engine with extensive Dynamic expression support. RulesEngine is a highly extensible library to build a rule-based system using C# expressions. Rules Engine is a library/NuGet package for abstracting business logic/rules/policies out of a system. It provides a simple way of giving you the ability to put your rules in a store outside the core logic of the system, thus ensuring that any change in rules don't affect the core system. You need to store the rules based on the... -
8
Maltrail
Malicious traffic detection system
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name, URL, IP address (e.g. 185.130.5.231 for the known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in the discovery of unknown threats (e.g. new malware). Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. ... -
9
AWS X-Ray SDK for Go
AWS X-Ray SDK for the Go programming language
AWS X-Ray recommends using AWS Distro for OpenTelemetry (ADOT) to instrument your application instead of this X-Ray SDK due to its wider range of features and instrumentations. See the AWS X-Ray docs on Working with Go for more help with choosing between ADOT and X-Ray SDK. Install the SDK using the following command (The SDK's non-testing dependencies will be installed): Use go get to retrieve the SDK to add it to your GOPATH workspace. X-Ray Go SDK will by default generate no-op trace and... -
Train ML Models With SQL You Already KnowBuild and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
-
10
JeecgBoot
Low-code enterprise web development platform
JeecgBoot is a low-code platform built on Spring Boot that accelerates enterprise application development with online forms, code generation, and a modern Vue-based frontend. It can generate CRUD screens, data dictionaries, and menu structures from database schemas, producing clean starter code that developers can extend. The platform integrates common enterprise features—RBAC permissions, data scopes, dictionary management, logging, and file/OSS integration—so teams start from a... -
11
banana-php
A balanced, adaptable PHP framework for all skill levels.
...It combines beginner-friendly simplicity with professional-grade features like: Smart Routing: Auto-configured with override options. BananaORM: Intuitive database management. Built-in Security: CSRF, XSS, and SQL injection protection. Skill-Adaptive Modes: Switch between beginner, intermediate, and advanced syntax. Perfect for rapid prototyping and scalable applications. -
12
pH7 Social Dating CMS (pH7Builder)❤️
🚀 Professional Social Dating Web App Builder (formerly pH7CMS)
pH7Builder is a Professional, Free & Open Source PHP Social Dating Builder Software (primarily designed for developers ...). This Social Dating Web App is fully coded in object-oriented PHP (OOP) with the MVC pattern (Model-View-Controller). It is low resource-intensive, extremely powerful and highly secure. pH7Builder is included with over 42 native modules and is based on its homemade pH7 Framework which includes more than 52 packages To summarize, pH7Builder Social Dating Script... -
13
amber
A Crystal web framework that makes building applications fast
...Instead of having to plan where things go, Amber comes with a set of conventions to guide you in developing your application. Tools are built-in to prevent and mitigate common attacks against web applications. Minimize the risk of SQL injection, form tampering, cross-site request forgery, and several other attacks. Crystal is a type safe, compiled language inspired by the simplicity of Ruby. -
14
Zero Site Protector
Human verification & attack prevention for website security
...The plugin includes features such as human verification, which ensures that only legitimate users are able to access your site. It also includes protection against various types of attacks such as cross-site scripting (XSS) and SQL injection. Additionally, the plugin allows you to block access to your site from certain geographical regions, IP addresses, and browsers, providing an extra layer of security. It also has a badword sensor feature which will censor inappropriate words from user input. All in all, the zero-site-protector plugin offers a comprehensive security solution for your website, helping to keep your site and its users safe and secure. -
15
GoKart
A static analysis tool for securing Go code
...It is capable of tracing the source of variables and function arguments to determine whether input sources are safe, which reduces the number of false positives compared to other Go security scanners. For instance, a SQL query that is concatenated with a variable might traditionally be flagged as SQL injection; however, GoKart can figure out if the variable is actually a constant or constant equivalent, in which case there is no vulnerability. GoKart also helps to power Chariot, Praetorian's security platform that helps you find, manage, and fix vulnerabilities in your source code and cloud environments. ... -
16
Security Code Scan
Vulnerability Patterns Detector for C# and VB.NET
Detects various security vulnerability patterns. SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc. Inter-procedural taint analysis for input data. Continuous Integration (CI) support for GitHub and GitLab pipelines. Stand-alone runner or through MSBuild for custom integrations. Analyzes .NET and .NET Core projects in the background (IntelliSense) or during a build. -
17
Chloe
A lightweight and high-performance Object/Relational Mapping(ORM)
...You can query data like LINQ and do any things(Join Query | Group Query | Aggregate Query | Insert | Batch Update | Batch Delete) by lambda with Chloe.ORM. Pay attention to splicing lambda expression trees by yourself, do not wrap your variables with ConstantExpression, otherwise, non-parameterized sql will be generated, and there is a risk of sql injection! If the entity does not explicitly specify any auto-increment columns and the primary key is of type Int16, Int32, or Int64, the default primary key is the auto-increment column. If it is not an auto-increment column, it needs to be marked with the attribute NonAutoIncrementAttribute. -
18
Big List of Naughty Strings
List of strings which have a high probability of causing issues
The Big List of Naughty Strings is a community-maintained catalog of “gotcha” inputs that commonly break software, from unusual Unicode to SQL and script injection payloads. It exists so developers and QA engineers can easily test edge cases that normal test data would miss, such as zero-width characters, right-to-left marks, emojis, foreign alphabets, and long or malformed strings. By throwing these strings at forms, APIs, databases, and UIs, teams can discover encoding bugs, sanitizer gaps, rendering issues, and security oversights early. ... -
19
CodeQL
Libraries and queries that power security researchers
...Instead of just pattern matching text, CodeQL ingests source code, builds rich representations of structure and data flow, and allows queries that reason about control flow, type systems, and interprocedural relationships. This makes it powerful not just for basic linting but for deep detection of complex security flaws like SQL injection, cross-site scripting, and taint propagation that traditional static analyzers can miss. CodeQL is used by security teams, developers, and open-source tooling to create reusable query libraries, enforce policy across repositories, and automate findings in CI/CD pipelines. -
20
PHPCorrector
XSS and SQLi vulnerabilities corrrector for PHP web applications
PHPCorrector is a tool that scans your PHP code to find Cross-Site Scripting (XSS) and SQL Injection (SQLi) vulnerabilities. When a vulnerability is found, it is corrected automatically. -
21
JavaEETest
Spring, SpringMVC, MyBatis, Spring Boot cases
JavaEETest is a comprehensive example repository showcasing Java web development using key technologies like Spring, Spring MVC, MyBatis, and Spring Boot. The project contains many small self-contained demo modules that demonstrate specific concepts such as dependency injection, MVC routing, ORM mapping, transaction management, caching, security configuration, and database interaction. It provides ready-to-run code that learners can inspect to understand how Java web apps are structured and how these frameworks collaborate under the hood. Tutorials and example code include working with REST APIs, session management, dynamic SQL with MyBatis, annotation-driven Spring configuration, and more advanced features like caching and Spring Security. ... -
22
NodeGoat
The OWASP NodeGoat project
A deliberately vulnerable Node.js application designed for security training, helping developers understand common web vulnerabilities and how to mitigate them. -
23
Python Taint
Static Analysis Tool for Detecting Security Vulnerabilities in Python
Static analysis of Python web applications based on theoretical foundations (Control flow graphs, fixed point, dataflow analysis) Detect command injection, SSRF, SQL injection, XSS, directory traveral etc. A lot of customization is possible. For functions from builtins or libraries, e.g. url_for or os.path.join, use the -m option to specify whether or not they return tainted values given tainted inputs, by default this file is used. -
24
SSM
Build SSM from distributed micro service
SSM is an open-source Java project template that demonstrates how to build web applications using the classic SSM architecture: Spring, Spring MVC, and MyBatis. It offers a structured starting point that combines Spring’s dependency injection and application configuration, Spring MVC’s request handling and view resolution, and MyBatis’s SQL mapping layer for database access, which together form a popular stack for enterprise Java applications. This repository includes sample controllers, service layers, and data access objects configured to work out of the box, helping developers see how each layer interacts and how to organize code for maintainability. ... -
25
webiness
Small PHP MVC Framework
Webiness is lightweight PHP framework based on MVC design pattern. Webiness is free and open source project available under MIT licence. and, in some way, It's inspirated by Yii Framework but it has much less features then Yii. It try to keep good balance between number of features, usability, speed, security options and easy of development.
