Search Results for "jsql-injection"

sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. ...

node-chaos-monkey brings chaos engineering to Node.js by injecting controlled failures into running services to validate resilience. It lets teams rehearse real-world incidents—latency spikes, random process exits, resource exhaustion—and observe how circuits, retries, and backoff strategies behave. The tool is designed to be safe and configurable, enabling narrow blast radii and scheduled experiments during non-critical windows. It integrates naturally with staging or even carefully guarded...

iSCSIsim is a powerful generic test tool for iSCSI targets. Its capabilities include SCSI command injection, error insertion, and recovery testing: all with built-in validation of test results.

Vulnerawa stands for vulnerable web application, though I think it should be renamed Vulnerable website. Unlike other vulnerable web apps, this application strives to be close to reality as possible. To know more about Vulnerawa, go here https://www.hackercoolmagazine.com/vulnerawa-vulnerable-web-app-for-practice/ See how to setup Vulnerawa in Wamp server. https://www.hackercoolmagazine.com/how-to-setup-vulnerawa-in-wamp-server/ To see how to set up a web app pen testing lab with...

Cyborg Essenitals is all new series Debian based Penetration Testing Distro , a product of Cyborg Linux and cousin of Cyborg Hawk Linux . It is different from cyborg hawk as it is based on DEBIAN. It contains all the essentials tools a pro ethical hacker and security expert needs which makes it lightweight and half the size of Cyborg Hawk Linux. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of...

updated version of The most advanced, powerful and yet beautiful penetration testing distribution ever created.Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts. Simplify security in your IT infrastructure with Cyborg. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of tools, integrated with a stable linux environment.

More than just a link checker, sitecheck is a website spider (also known as a crawler) which can assist with SEO by testing an entire site plus both inbound links from search engines and outbound links to other sites for the following issues: looping redirects (HTTP 301/302), broken links (HTTP 404), server errors (HTTP 500), spelling mistakes, low readability scores (using the Flesch Reading Ease test), missing/empty/duplicate meta tags, duplicate content, slow page speed, W3C validation errors and accessibility errors. Sitecheck can also spot some common causes of PCI compliance failure such as insecure content on secure pages, SQL injection/cross-site scripting (XSS) vulnerabilities, insecure encryption ciphers and open mail relays. Sources of information leakage such as email addresses and IP addresses in the headers or the page will be logged. Includes a separate module called domaincheck which checks the domain expiry date, SSL certificate expiry date and SPF records.

...This project is developed in my spare time and currently updated actively. Core features: 1. Separation of test data from test code 2. Annotation support 3. Automated test parameter injection 4. Dedicated test runner

...Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST) Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST) Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST) Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST) Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST)

Needle is a lightweight framework for testing Java EE components outside of the container in isolation. It reduces the test setup code by analysing dependencies and automatic injection of mock objects. It will thus maximize the speed of development as well as the execution of unit tests. Follow us on Twitter (@NeedleProject)

jMINT is a integration fault injection tool which identifies data exchanges across classes and inject faults along those path. It is primarily based on the idea of program analysis and code mutation. The cross boundary data exchanges are identified by performing data flow analysis using java byte code analysis and transformation framework-soot. Mutant injection is also done via the soot framework. jMINT tool can be used to measure the effectiveness of integration test suites.

...The tool permits the stress-testing, performance characterization and correct transaction semantics of distributed transactions across Three XA resource managers by Exception Injection. The thin-client can be run from the command-line or inside the IDE. The server side component includes EJB packaging and some simple Web servlet support for retrieving diagnostic and performance data from the testbed.

PHPCentaur is a PHP5 driven exploit scanner for webservers. Scope of the project: -SQL exploits, Cros site scripting vulnerabilities, Remote code injection, Encoding vulnerabilities, Session based attacks. And more...

Skavenger analyzes HTTP traffic logged by various Web proxies (including WebScarab and Burp) for indications of common web vulnerabilities such as XSS, CRLF injection and various kinds of information disclosure.

PowerMock allows you to unit test code normally regarded as untestable. For instance it is possible to mock static methods, remove static initializers, allow mocking without dependency injection and more.

SpringUnit is an open source framework for unit and integration testing of Java software. It marries Spring's Dependency Injection container with JUnit's test framework to enable data-driven testing.

A simple toolkit targeting to ease the testing of Java Persistence API (JPA) applications. The primary goal is to provide easy creating and injection of test fixtures.

A bundle of tools for fault injection and -experiments with scope on the emulation of programming faults. Software faults are introduced in the sources of Java applications and can be toggled during runtime.

JAva Fault Injection and MONitoring tool