Search Results for "sql injection\"
Sort By:
Showing 16 open source projects for "sql injection\"
View related business solutions-
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
1
Slonik
A Node.js PostgreSQL client with runtime and build time type safety
Slonik is a PostgreSQL client for Node.js that ensures safe and efficient query execution by using tagged template literals, preventing SQL injection attacks and promoting better query structure. -
2
SafeLine
Serve as a reverse proxy to protect your web services from attacks
...A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server. ... -
3
Druid
Database connection pool written in Java
...Druid has been deployed to the maven central repository. Druid provides a monitoring feature that can be implemented through filter-chain. It also comes with WallFilter, that is based on the SQL semantic analysis to protect from SQL injection attacks. Monitor connection leaks and connect to other databases, like Oracle database. -
4
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
5
Scanner of Death is a network vulnerability scanner.
-
6
PHP mini vulnerability suite
Multiple server/webapp vulnerability scanner
github: https://github.com/samedog/phpmvs -
7
OWASP ModSecurity CRS
OWASP ModSecurity Core Rule Set (CRS) Project
The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ... -
8
inspectIT
inspectIT is the leading Open Source APM
inspectIT is the leading open-source APM (application performance management) tool for monitoring and analyzing your Java(EE) software applications. Various sensors capture end-to-end information for every request from the end user, to the business tier all the way to the backends. inspectIT is based on an application-centric, business-focused approach, where each technical request is mapped to an application and to a business use case. With inspectIT you always know about the health of your... -
9
lua-resty-waf
High-performance WAF built on the OpenResty stack
lua-resty-waf is a web application firewall implemented in Lua for OpenResty/NGINX, designed to run inline at the edge with low overhead. It inspects requests and responses during NGINX phases, applying rule logic and anomaly scoring to detect patterns like SQL injection, cross-site scripting, and protocol abuse. Rules are organized into policies with configurable actions—block, log, or allow—and can leverage shared dictionaries for counters, rate limits, and caching decisions. Because it runs inside the NGINX event loop, it scales with the web tier and avoids the latency of external proxies. ... -
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
10
ngx_lua_waf
ngx_lua_waf
ngx_lua_waf is a web application firewall (WAF) module written in Lua for use with OpenResty (Nginx + Lua). It provides protection against common web attacks such as SQL injection, XSS, file uploads, and malicious bots. The WAF is rule-based, easily configurable, and lightweight, offering real-time defense with minimal performance overhead. -
11
bWAPP
an extremely buggy web app !
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific... -
12
GHZ Tools v0.6 Build 9645 Release Data (02/09/2014) 7zPass: MHg2NzY4N0E3NDZGNkY2QzczMzAzNj== (base64/hex) Properties: 1)- Brute Forcer: WordPress Joomla 4images osCommerce Drupal, Razor Ftp cPanel Whmcs DirectAdmin Authentication Bypass SSH Authentication vBulletin Kleeja OpenCart WordPress Xmlrpc 2)- Remote Exploits: JCE Webdav 3)- SQL Injector: Auto SQL Injection 4)- Hash Cracker: MD2 MD4 MD5 SHA1 MD5(MD5(PASS)) SHA1(SHA1(PASS)) 5)- URL Fuzzer: URL Fuzzer 6)- Web Scanner: RFI/LFI URL Scanner Web Extractor Open Port Scanner URL Crawler SQLi Scanner
-
13
wavsep
Web Application Vulnerability Scanner Evaluation Project
...Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST) Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST) Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST) Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST) Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST) -
14
Witchxtool is a perl script that consists of a port scanner, LFI scanner, MD5 bruteforcer, dork SQL injection scanner, proxy fresh scanner, yahoo pass checker
-
15
This product is no longer maintained: The author created alternative tools: https://databunker.org/ and https://privacybunker.io/ GreenSQL is a database firewall engine used to protect Open Source Databases from SQL injection attacks. It works in proxy mode. Application logic is based on evaluating of SQL commands using risk score factors, as well as blocking of sensitive commands
-
16
...The code in the repository needs some fixing in order to be usable. Also, it needs a security review, especially in the query building part: as it is, %h, %R and %e placeholders could lead to SQL injection. If anyone wishes to maintain the project, just let me know.
- Previous
- You're on page 1
- Next
