Search Results for "injection"
Sort By:
Showing 21 open source projects for "injection"
View related business solutions-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
1
NoneBot
Asynchronous multi-platform robot framework written in Python
...Supports multiple platforms and multiple incident response methods. Asynchronous priority development to improve operational efficiency. Simple and clear dependency injection system, built-in dependency functions reduce user code. NoneBot2 is a modern, cross-platform, and extensible Python chatbot framework. It is based on Python's type annotations and asynchronous features, and can provide convenient and flexible support for your needs. NoneBot2 is written based on Python asyncio , and has a certain degree of synchronous function compatibility based on the asynchronous mechanism. ... -
2
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. ... -
3
BlackSheep
Fast ASGI web framework for Python
BlackSheep is an asynchronous web framework to build event-based web applications with Python. A rich code API, based on dependency injection and inspired by Flask and ASP.NET Core. A typing-friendly codebase, which enables a comfortable development experience thanks to hints when coding with IDEs. Built-in generation of OpenAPI Documentation, supporting version 3, YAML, and JSON. A cross-platform framework, using the most modern versions of Python. BlackSheep supports automatic binding of values for request handlers, by type annotation or by conventions. -
4
react2shell-scanner
High Fidelity Detection Mechanism for RSC/Next.js RCE
react2shell-scanner is a security-oriented tool that bridges modern JavaScript (React) applications and shell scripting by auditing web front-ends for exposed interfaces that could be manipulated or controlled through command execution. It scans React codebases, identifies places where user input interacts with shell-executable contexts, and flags risky patterns that might lead to command injection, unvalidated arguments, or unsafe bindings between UI controls and underlying system actions. This is especially valuable for projects that mix web UIs with server-side scripting, developer tooling, or plugin ecosystems where untrusted input could enter execution paths. The scanner integrates with standard CI/CD pipelines, letting teams detect issues early in development rather than discovering them in production or during penetration testing. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
Django
The Web framework for perfectionists with deadlines
Django is a high-level, free and open-source Python web framework founded on the Model–Template–View (MTV) pattern, designed to facilitate rapid development of secure, maintainable, and scalable database-driven websites. First, read docs/intro/install.txt for instructions on installing Django. Next, work through the tutorials in order (docs/intro/tutorial01.txt, docs/intro/tutorial02.txt, etc.). If you want to set up an actual deployment server, read docs/howto/deployment/index.txt for... -
6
LocalStack
Develop and test your cloud apps offline
...LocalStack was built on some of today’s best-of-breed mocking/testing tools, combining them and making them interoperable, and adding important functionality such as error injection and pluggable services. All this happening locally, without ever talking to the cloud. -
7
Maltrail
Malicious traffic detection system
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name, URL, IP address (e.g. 185.130.5.231 for the known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in the discovery of unknown threats (e.g. new malware). Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. ... -
8
Flama
Fire up your models with the flame
Flama is a python library which establishes a standard framework for development and deployment of APIs with special focus on machine learning (ML). The main aim of the framework is to make ridiculously simple the deployment of ML APIs, simplifying (when possible) the entire process to a single line of code. The library builds on Starlette, and provides an easy-to-learn philosophy to speed up the building of highly performant GraphQL, REST and ML APIs. Besides, it comprises an ideal solution... -
9
PydanticAI
Agent Framework / shim to use Pydantic with LLMs
When I first found FastAPI, I got it immediately. I was excited to find something so innovative and ergonomic built on Pydantic. Virtually every Agent Framework and LLM library in Python uses Pydantic, but when we began to use LLMs in Pydantic Logfire, I couldn't find anything that gave me the same feeling. PydanticAI is a Python Agent Framework designed to make it less painful to build production-grade applications with Generative AI. Built by the team behind Pydantic (the validation layer... -
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
10
AWS X-Ray SDK for Python
AWS X-Ray SDK for the Python programming language
...X-Ray Python SDK will by default generate no-op trace and entity id for unsampled requests and secure random trace and entity id for sampled requests. If customer wants to enable generating secure random trace and entity id for all the (sampled/unsampled) requests (this is applicable for trace id injection into logs use case) then they should set the AWS_XRAY_NOOP_ID environment variable as False. Oftentimes, it may be useful to be able to disable X-Ray for specific use cases, whether to stop X-Ray from sending traces at any moment or to test code functionality that originally depended on X-Ray instrumented packages to begin segments prior to the code call. ... -
11
FastAPI CRUD Router
A dynamic FastAPI router that automatically creates CRUD routes
Tired of rewriting generic CRUD routes? Need to rapidly prototype a feature for a presentation or a hackathon? Thankfully, fastapi-crudrouter has your back. As an extension to the APIRouter included with FastAPI, the FastAPI CRUDRouter will automatically generate and document your CRUD routes for you, all you have to do is pass your model and maybe your database connection. fastapi-crudrouter provides a number of features that allow you to get the most out of your automatically generated... -
12
django-summernote
Simply integrate Summernote editor with Django project
...Please mind, that the widget does not provide any escaping. If you expose the widget to external users without taking care of this, it could potentially lead to an injection vulnerability. Therefore you can use the SummernoteTextFormField or SummernoteTextField, which escape all harmful tags through mozilla's package bleach. django-summernote is served with Bootstrap3 by default, but you can choose other options. -
13
Big List of Naughty Strings
List of strings which have a high probability of causing issues
The Big List of Naughty Strings is a community-maintained catalog of “gotcha” inputs that commonly break software, from unusual Unicode to SQL and script injection payloads. It exists so developers and QA engineers can easily test edge cases that normal test data would miss, such as zero-width characters, right-to-left marks, emojis, foreign alphabets, and long or malformed strings. By throwing these strings at forms, APIs, databases, and UIs, teams can discover encoding bugs, sanitizer gaps, rendering issues, and security oversights early. ... -
14
molten
A minimal, extensible, fast and productive framework
molten is a minimal, extensible, fast and productive framework for building HTTP APIs with Python. molten can automatically validate requests according to predefined schemas, ensuring that your handlers only ever run if given valid input. Schemas are PEP484-compatible, which means mypy and molten go hand-in-hand, making your code more easy to maintain. Schema instances are automatically serializable and you can pick and choose which fields to exclude from responses and requests. Write clean,... -
15
Pinject
A pythonic dependency injection library
Pinject is a lightweight dependency-injection library for Python that favors explicit wiring and testability over magic. Instead of global singletons, you declare providers (bindings) that describe how to construct objects, and Pinject resolves the graph by inspecting call signatures. Its container supports constructor injection and fine-grained scoping so you can share expensive resources while keeping tests isolated. -
16
Python Taint
Static Analysis Tool for Detecting Security Vulnerabilities in Python
Static analysis of Python web applications based on theoretical foundations (Control flow graphs, fixed point, dataflow analysis) Detect command injection, SSRF, SQL injection, XSS, directory traveral etc. A lot of customization is possible. For functions from builtins or libraries, e.g. url_for or os.path.join, use the -m option to specify whether or not they return tainted values given tainted inputs, by default this file is used. -
17
Gin Config
Gin provides a lightweight configuration framework for Python
Gin Config is a lightweight and flexible configuration framework for Python built around dependency injection. It enables developers to manage complex parameter hierarchies—particularly common in machine learning experiments—without relying on boilerplate configuration classes or protos. By decorating functions and classes with @gin.configurable, Gin allows their parameters to be overridden using simple configuration files (.gin) or command-line bindings. -
18
Aglyph
Aglyph is a Dependency Injection framework for Python.
Aglyph is a Dependency Injection framework for Python, supporting type 2 (setter) and type 3 (constructor) injection. Aglyph runs on CPython (http://www.python.org/) 2.7 and 3.4+, and on recent versions of the PyPy (http://pypy.org/>),Jython (http://www.jython.org/), IronPython (http://ironpython.net/), and Stackless Python (http://www.stackless.com/) variants. -
19
iSCSIsim is a powerful generic test tool for iSCSI targets. Its capabilities include SCSI command injection, error insertion, and recovery testing: all with built-in validation of test results.
-
20
sitecheck
Modular web site spider for web developers.
More than just a link checker, sitecheck is a website spider (also known as a crawler) which can assist with SEO by testing an entire site plus both inbound links from search engines and outbound links to other sites for the following issues: looping redirects (HTTP 301/302), broken links (HTTP 404), server errors (HTTP 500), spelling mistakes, low readability scores (using the Flesch Reading Ease test), missing/empty/duplicate meta tags, duplicate content, slow page speed, W3C validation errors and accessibility errors. Sitecheck can also spot some common causes of PCI compliance failure such as insecure content on secure pages, SQL injection/cross-site scripting (XSS) vulnerabilities, insecure encryption ciphers and open mail relays. Sources of information leakage such as email addresses and IP addresses in the headers or the page will be logged. Includes a separate module called domaincheck which checks the domain expiry date, SSL certificate expiry date and SPF records. -
21
FIDe is a software-based fault injector designed to validate Fault-Tolerant mechanisms and techniques used by applications. It was first used to measure database recovery coverage and costs, but can be used to test and validate ordinary applications.
- Previous
- You're on page 1
- Next
