Search Results for "jsql-injection"

node-chaos-monkey brings chaos engineering to Node.js by injecting controlled failures into running services to validate resilience. It lets teams rehearse real-world incidents—latency spikes, random process exits, resource exhaustion—and observe how circuits, retries, and backoff strategies behave. The tool is designed to be safe and configurable, enabling narrow blast radii and scheduled experiments during non-critical windows. It integrates naturally with staging or even carefully guarded...

Vulnerawa stands for vulnerable web application, though I think it should be renamed Vulnerable website. Unlike other vulnerable web apps, this application strives to be close to reality as possible. To know more about Vulnerawa, go here https://www.hackercoolmagazine.com/vulnerawa-vulnerable-web-app-for-practice/ See how to setup Vulnerawa in Wamp server. https://www.hackercoolmagazine.com/how-to-setup-vulnerawa-in-wamp-server/ To see how to set up a web app pen testing lab with...

IPv6 CARE, "IPv6 Compliant Automatic Runtime Environment", provides an environment where applications instantly become IPv6-compliant ('patch' mode, see RFC6535). It can also generate a diagnosis about the IPv6 compliance of an application ('check' mode). It uses an LD_PRELOAD-based library injection technique.

More than just a link checker, sitecheck is a website spider (also known as a crawler) which can assist with SEO by testing an entire site plus both inbound links from search engines and outbound links to other sites for the following issues: looping redirects (HTTP 301/302), broken links (HTTP 404), server errors (HTTP 500), spelling mistakes, low readability scores (using the Flesch Reading Ease test), missing/empty/duplicate meta tags, duplicate content, slow page speed, W3C validation errors and accessibility errors. Sitecheck can also spot some common causes of PCI compliance failure such as insecure content on secure pages, SQL injection/cross-site scripting (XSS) vulnerabilities, insecure encryption ciphers and open mail relays. Sources of information leakage such as email addresses and IP addresses in the headers or the page will be logged. Includes a separate module called domaincheck which checks the domain expiry date, SSL certificate expiry date and SPF records.

...This project is developed in my spare time and currently updated actively. Core features: 1. Separation of test data from test code 2. Annotation support 3. Automated test parameter injection 4. Dedicated test runner

jMINT is a integration fault injection tool which identifies data exchanges across classes and inject faults along those path. It is primarily based on the idea of program analysis and code mutation. The cross boundary data exchanges are identified by performing data flow analysis using java byte code analysis and transformation framework-soot. Mutant injection is also done via the soot framework. jMINT tool can be used to measure the effectiveness of integration test suites.

...The tool permits the stress-testing, performance characterization and correct transaction semantics of distributed transactions across Three XA resource managers by Exception Injection. The thin-client can be run from the command-line or inside the IDE. The server side component includes EJB packaging and some simple Web servlet support for retrieving diagnostic and performance data from the testbed.

PHPCentaur is a PHP5 driven exploit scanner for webservers. Scope of the project: -SQL exploits, Cros site scripting vulnerabilities, Remote code injection, Encoding vulnerabilities, Session based attacks. And more...

A simple toolkit targeting to ease the testing of Java Persistence API (JPA) applications. The primary goal is to provide easy creating and injection of test fixtures.

A bundle of tools for fault injection and -experiments with scope on the emulation of programming faults. Software faults are introduced in the sources of Java applications and can be toggled during runtime.

JAva Fault Injection and MONitoring tool