Search Results for "sql injection\" - Page 3
Sort By:
Showing 137 open source projects for "sql injection\"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
OWASP ModSecurity CRS
OWASP ModSecurity Core Rule Set (CRS) Project
The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ... -
2
NodeGoat
The OWASP NodeGoat project
A deliberately vulnerable Node.js application designed for security training, helping developers understand common web vulnerabilities and how to mitigate them. -
3
Python Taint
Static Analysis Tool for Detecting Security Vulnerabilities in Python
Static analysis of Python web applications based on theoretical foundations (Control flow graphs, fixed point, dataflow analysis) Detect command injection, SSRF, SQL injection, XSS, directory traveral etc. A lot of customization is possible. For functions from builtins or libraries, e.g. url_for or os.path.join, use the -m option to specify whether or not they return tainted values given tainted inputs, by default this file is used. -
4
inspectIT
inspectIT is the leading Open Source APM
inspectIT is the leading open-source APM (application performance management) tool for monitoring and analyzing your Java(EE) software applications. Various sensors capture end-to-end information for every request from the end user, to the business tier all the way to the backends. inspectIT is based on an application-centric, business-focused approach, where each technical request is mapped to an application and to a business use case. With inspectIT you always know about the health of your... -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
5
Laudanum is a collection of injectable files, designed to be used in a pentest when SQL injection flaws are found and are in multiple languages for different environments.They provide functionality such as shell, DNS query, LDAP retrieval and others.
-
6
SSM
Build SSM from distributed micro service
SSM is an open-source Java project template that demonstrates how to build web applications using the classic SSM architecture: Spring, Spring MVC, and MyBatis. It offers a structured starting point that combines Spring’s dependency injection and application configuration, Spring MVC’s request handling and view resolution, and MyBatis’s SQL mapping layer for database access, which together form a popular stack for enterprise Java applications. This repository includes sample controllers, service layers, and data access objects configured to work out of the box, helping developers see how each layer interacts and how to organize code for maintainability. ... -
7
DbPipeline.NET
OR-Mapper for C# and VB.NET that is better than Entity Framework
The DbPipeline.NET OR-Mapper library was created out of frustration of the shortcomings of Entity Framework in handling stateless web applications and hiding of SQL from skilled developers. The DbPipeline.NET Database Interface Library shields you, the programmer, from having to learn and work with all the ADO.NET or Entity Framework database objects at a low level, and encapsulates all this power into objects with many additional capabilities and features that are not offered in the... -
8
sqliv
Massive SQL injection vulnerability scanner for automated web testing
SQLiv is a command-line security tool designed to identify SQL injection vulnerabilities in web applications through automated scanning techniques. Written primarily in Python, the project focuses on discovering potentially vulnerable web pages by analyzing URLs that contain database query parameters. It can perform large-scale scanning by using search engine queries known as SQL injection dorks to collect candidate websites and then test them for vulnerabilities. ... -
9
SQLMate
Rapidly generate a DAO for SQLite
Complete source code, usage example, & a code-generated test case are included in the .jar file. ( See main.java for the usage / code generation example ) -
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
10
Website built for anti sql injection, that mean prevented your website from the hackers
-
11
webiness
Small PHP MVC Framework
Webiness is lightweight PHP framework based on MVC design pattern. Webiness is free and open source project available under MIT licence. and, in some way, It's inspirated by Yii Framework but it has much less features then Yii. It try to keep good balance between number of features, usability, speed, security options and easy of development. -
12
Vulnerawa stands for vulnerable web application, though I think it should be renamed Vulnerable website. Unlike other vulnerable web apps, this application strives to be close to reality as possible. To know more about Vulnerawa, go here https://www.hackercoolmagazine.com/vulnerawa-vulnerable-web-app-for-practice/ See how to setup Vulnerawa in Wamp server. https://www.hackercoolmagazine.com/how-to-setup-vulnerawa-in-wamp-server/ To see how to set up a web app pen testing lab with...
-
13
Webiness
Lightweight PHP framework
...Webiness is integrated with jQuery, and it comes with a set of AJAX-enabled features and his own light CSS framework for frontend development. Trying to be secure, it has integrated authetification and authorization module, RBAC user interface, sessions expire feature, input validation, CSRF protection, SQL injection prevention and other security features. -
14
miniPHP
A small, simple PHP MVC framework skeleton that encapsulates a lot of
miniPHP A small, simple PHP MVC framework skeleton that encapsulates a lot of features surrounded with powerful security layers. miniPHP is a very simple application, useful for small projects, helps to understand the PHP MVC skeleton, know how to authenticate and authorize, encrypt data and apply security concepts, sanitization and validation, make Ajax calls and more. It's not a full framework, nor a very basic one but it's not complicated. You can easily install, understand, and... -
15
MR.SE SQL Injection Tool
Auto SQL Injection Tool Coded by MR.SE
SQLInjection is one of the basics of hacking. It is also one of the most tedious and most time consuming steps. MR.SE SQL Injection Tool programmed under Perl and hackers can quickly and easily penetrate their desired website databases with this. -
16
Web Application Protection
Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. ... -
17
PAVS
PHP Application Vulnerability Scanner
PAVS scans the PHP based web application source code and identifies the potential security problems in that application. PAVS also identifies the loop holes in PHP configuration file settings. Attacks addressed by PAVS are Cross-site Scripting SQL Injection File Manipulation File Inclusion Command Execution Code Evaluation -
18
Anti SQL Inject
Block SQL Injections as soon as their detected[Alpha]
This PHP Library blocks common SQL injection attacks its as simple as calling some code, as a basic demo of what code shall be put in, require('antiinect.php'); //Import the library antiinject($parameter,true); //call the libraries primary function and true equals to block the attack more info on how to use the library can be found on the wiki Currently Supports(ALPHA 1.2): Apostrophe Based attacks(') union select based detection * order by * based detection example page(no SQL base yet) Planned to do(ALPHA 1.3): Add Tracking(blocked attacks,protected hits. ... -
19
L337 Scanner
Vulnerability Scanner
L337 Scanner is powerful vulnerability scanner.It has both community edition and professional edition. Community edition is free for all. Community edition has only sqli scanner. which means through community edition you can scan a target site for sql injection vulnerability or search google for sqli vulnerable site. Requirements : 1. Java 8 or higher (oracle recommanded) Rules : 1. Don't give trailing slash 2. Put link with protocol like http,https Test Example : 1. http://www.northernoutpost.com 2. http://www.pangang-titanium.com 3. http://www.interaliaproject.com 4. http://northeastnews.in 5. http://www.dias.net.in 5. http://www.realtymasters.co.in Report bug here : http://goo.gl/forms/j8LKR1vbYV -
20
bWAPP
an extremely buggy web app !
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific... -
21
SimplePress
Simple Blog Script
UPDATE: Please do not download until new update or final version 1.1 is out (actual version = 1.0.6.beta)! We found XSS and SQL Injection vulnerabilities and are going to fix them as soon as possible. SimplePress ist ein objektorientiertes Content Management System zum einfachen Erstellen und Verwalten eines Onlineblogs. Das System eignet sich hervorragend zum forken eigener Scripte. -
22
sitecheck
Modular web site spider for web developers.
More than just a link checker, sitecheck is a website spider (also known as a crawler) which can assist with SEO by testing an entire site plus both inbound links from search engines and outbound links to other sites for the following issues: looping redirects (HTTP 301/302), broken links (HTTP 404), server errors (HTTP 500), spelling mistakes, low readability scores (using the Flesch Reading Ease test), missing/empty/duplicate meta tags, duplicate content, slow page speed, W3C validation errors and accessibility errors. Sitecheck can also spot some common causes of PCI compliance failure such as insecure content on secure pages, SQL injection/cross-site scripting (XSS) vulnerabilities, insecure encryption ciphers and open mail relays. Sources of information leakage such as email addresses and IP addresses in the headers or the page will be logged. Includes a separate module called domaincheck which checks the domain expiry date, SSL certificate expiry date and SPF records. -
23
-
24
GHZ Tools v0.6 Build 9645 Release Data (02/09/2014) 7zPass: MHg2NzY4N0E3NDZGNkY2QzczMzAzNj== (base64/hex) Properties: 1)- Brute Forcer: WordPress Joomla 4images osCommerce Drupal, Razor Ftp cPanel Whmcs DirectAdmin Authentication Bypass SSH Authentication vBulletin Kleeja OpenCart WordPress Xmlrpc 2)- Remote Exploits: JCE Webdav 3)- SQL Injector: Auto SQL Injection 4)- Hash Cracker: MD2 MD4 MD5 SHA1 MD5(MD5(PASS)) SHA1(SHA1(PASS)) 5)- URL Fuzzer: URL Fuzzer 6)- Web Scanner: RFI/LFI URL Scanner Web Extractor Open Port Scanner URL Crawler SQLi Scanner
-
25
BTS Pentesting Lab
BTS Pentesting Lab - a deliberately vulnerable Web application
BTS PenTesting Lab is an open source vulnerable web application, created by Cyber Security & Privacy Foundation (www.cysecurity.org). It can be used to learn about many different types of web application vulnerabilities. Currently, the app contains the following types of vulnerabilities: *SQL Injection *XSS(includes Flash Based xss) *CSRF *Clickjacking *SSRF *File Inclusion * Code Execution *Insecure Direct Object Reference *Unrestricted File Upload vulnerability *Open URL Redirection *Server Side Includes(SSI) Injection and more... Java version of this application can be found here: https://sourceforge.net/p/javavulnerablelab/
