Search Results for "sql injection"
Sort By:
41 projects for "sql injection" with 1 filter applied:
-
Gen AI apps are built with MongoDB AtlasMongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
-
The #1 AI-Powered eLearning PlatformTransform your content into engaging eLearning experiences with Coursebox, the #1 AI-powered eLearning authoring tool. Our platform automates the course creation process, allowing you to design a structured course in seconds. Simply make edits, add any missing elements, and your course is ready to go. Whether you want to publish privately, share publicly, sell your course, or export it to your LMS, Coursebox has you covered.
-
1
Go SQLBuilder
Powerful SQL string builder library plus a zero-config ORM
Go-SQLBuilder is a flexible and powerful SQL string builder library for the Go programming language. It aids developers in constructing SQL queries programmatically, ensuring code readability and maintainability. -
2
Sec-Context
AI Code Security Anti-Patterns distilled from 150+ sources
...It compiles insights from over 150 industry and academic sources into structured reference documents that outline real-world security problems such as hardcoded secrets, SQL injection, cross-site scripting, command injection, weak password storage, and other frequent issues that occur when code is auto-generated without context of best practices. Each anti-pattern is paired with a secure coding alternative and explanation, offering educational value for both humans and automated review agents designed to flag or correct unsafe patterns. -
3
Django
The Web framework for perfectionists with deadlines
Django is a high-level, free and open-source Python web framework founded on the Model–Template–View (MTV) pattern, designed to facilitate rapid development of secure, maintainable, and scalable database-driven websites. First, read docs/intro/install.txt for instructions on installing Django. Next, work through the tutorials in order (docs/intro/tutorial01.txt, docs/intro/tutorial02.txt, etc.). If you want to set up an actual deployment server, read docs/howto/deployment/index.txt for... -
4
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
PageDNA: Web-to-Print eCommerce SoftwarePageDNA enables successful eCommerce strategies for commercial print sales organizations, internal print shops, and brand owners. PageDNA’s online ordering platform increases print volume while decreasing touch costs for all stakeholders: clientele, print operations, and the organizations they support.
-
5
banana-php
A balanced, adaptable PHP framework for all skill levels.
...It combines beginner-friendly simplicity with professional-grade features like: Smart Routing: Auto-configured with override options. BananaORM: Intuitive database management. Built-in Security: CSRF, XSS, and SQL injection protection. Skill-Adaptive Modes: Switch between beginner, intermediate, and advanced syntax. Perfect for rapid prototyping and scalable applications. -
6
Pentaho
Pentaho offers comprehensive data integration and analytics platform.
Pentaho couples data integration with business analytics in a modern platform to easily access, visualize and explore data that impacts business results. Use it as a full suite or as individual components that are accessible on-premise, in the cloud, or on-the-go (mobile). Pentaho enables IT and developers to access and integrate data from any source and deliver it to your applications all from within an intuitive and easy to use graphical tool. The Pentaho Enterprise Edition Free Trial...">
-
7
CerberusCMS5
Cerberus Content Management System
Cerberus Content Management System is a dynamic, secure and infinitely expandable CMS designed after a Unix-Like model. It is a custom written Web Application Framework ( W.A.F. ) with a consistent and custom written Pre-Hyper-Text-Post-Processor Programming Code Framework ( P.C.F. ). This Web Application Software Project' aim is to be the fastest and most secure Web Application Framework, Web Application Programming Code Framework, Text, Voice and Video Communications Platform and Content... -
8
Cerberus Content Management System 6
Cerberus Content Management System
Cerberus Content Management System is a dynamic, secure and infinitely expandable CMS designed after a Unix-Like model complete with a Unix-Like Kernel File named: Cerberus. It is a custom written Web Application Framework ( W.A.F. ) with a consistent and custom written Pre-Hyper-Text-Post-Processor Programming Code Framework ( P.C.F. ). This Web Application Software Project' aim is to be the fastest and most secure Web Application Framework, Web Application Programming Code Framework, Text,... -
9
Big List of Naughty Strings
List of strings which have a high probability of causing issues
The Big List of Naughty Strings is a community-maintained catalog of “gotcha” inputs that commonly break software, from unusual Unicode to SQL and script injection payloads. It exists so developers and QA engineers can easily test edge cases that normal test data would miss, such as zero-width characters, right-to-left marks, emojis, foreign alphabets, and long or malformed strings. By throwing these strings at forms, APIs, databases, and UIs, teams can discover encoding bugs, sanitizer gaps, rendering issues, and security oversights early. ... -
EasySend is a no-code platform that transforms customer journeysEvolve forms into smart, AI-powered digital workflows that streamline your data intake and elevate customer experiences.
-
10
CodeQL
Libraries and queries that power security researchers
...Instead of just pattern matching text, CodeQL ingests source code, builds rich representations of structure and data flow, and allows queries that reason about control flow, type systems, and interprocedural relationships. This makes it powerful not just for basic linting but for deep detection of complex security flaws like SQL injection, cross-site scripting, and taint propagation that traditional static analyzers can miss. CodeQL is used by security teams, developers, and open-source tooling to create reusable query libraries, enforce policy across repositories, and automate findings in CI/CD pipelines. -
11
PHP mini vulnerability suite
Multiple server/webapp vulnerability scanner
github: https://github.com/samedog/phpmvs -
12
JavaEETest
Spring, SpringMVC, MyBatis, Spring Boot cases
JavaEETest is a comprehensive example repository showcasing Java web development using key technologies like Spring, Spring MVC, MyBatis, and Spring Boot. The project contains many small self-contained demo modules that demonstrate specific concepts such as dependency injection, MVC routing, ORM mapping, transaction management, caching, security configuration, and database interaction. It provides ready-to-run code that learners can inspect to understand how Java web apps are structured and how these frameworks collaborate under the hood. Tutorials and example code include working with REST APIs, session management, dynamic SQL with MyBatis, annotation-driven Spring configuration, and more advanced features like caching and Spring Security. ... -
13
OWASP ModSecurity CRS
OWASP ModSecurity Core Rule Set (CRS) Project
The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ... -
14
NodeGoat
The OWASP NodeGoat project
A deliberately vulnerable Node.js application designed for security training, helping developers understand common web vulnerabilities and how to mitigate them. -
15
Squel
SQL query string builder for Javascript
Squel is a JavaScript library for fluent and safe SQL query string building, usable both in Node.js environments and in the browser. Works in Node.js and in the browser. Supports the standard SQL queries: SELECT, UPDATE, INSERT, and DELETE. Supports non-standard commands for popular DB engines such as MySQL. Supports parameterized queries for safe value escaping. It can be customized to build any query or command of your choosing. Uses method chaining for ease of use. -
16
SSM
Build SSM from distributed micro service
SSM is an open-source Java project template that demonstrates how to build web applications using the classic SSM architecture: Spring, Spring MVC, and MyBatis. It offers a structured starting point that combines Spring’s dependency injection and application configuration, Spring MVC’s request handling and view resolution, and MyBatis’s SQL mapping layer for database access, which together form a popular stack for enterprise Java applications. This repository includes sample controllers, service layers, and data access objects configured to work out of the box, helping developers see how each layer interacts and how to organize code for maintainability. ... -
17
SQLMate
Rapidly generate a DAO for SQLite
Complete source code, usage example, & a code-generated test case are included in the .jar file. ( See main.java for the usage / code generation example ) -
18
webiness
Small PHP MVC Framework
Webiness is lightweight PHP framework based on MVC design pattern. Webiness is free and open source project available under MIT licence. and, in some way, It's inspirated by Yii Framework but it has much less features then Yii. It try to keep good balance between number of features, usability, speed, security options and easy of development. -
19
Vulnerawa stands for vulnerable web application, though I think it should be renamed Vulnerable website. Unlike other vulnerable web apps, this application strives to be close to reality as possible. To know more about Vulnerawa, go here https://www.hackercoolmagazine.com/vulnerawa-vulnerable-web-app-for-practice/ See how to setup Vulnerawa in Wamp server. https://www.hackercoolmagazine.com/how-to-setup-vulnerawa-in-wamp-server/ To see how to set up a web app pen testing lab with...
-
20
Webiness
Lightweight PHP framework
...Webiness is integrated with jQuery, and it comes with a set of AJAX-enabled features and his own light CSS framework for frontend development. Trying to be secure, it has integrated authetification and authorization module, RBAC user interface, sessions expire feature, input validation, CSRF protection, SQL injection prevention and other security features. -
21
sitecheck
Modular web site spider for web developers.
More than just a link checker, sitecheck is a website spider (also known as a crawler) which can assist with SEO by testing an entire site plus both inbound links from search engines and outbound links to other sites for the following issues: looping redirects (HTTP 301/302), broken links (HTTP 404), server errors (HTTP 500), spelling mistakes, low readability scores (using the Flesch Reading Ease test), missing/empty/duplicate meta tags, duplicate content, slow page speed, W3C validation errors and accessibility errors. Sitecheck can also spot some common causes of PCI compliance failure such as insecure content on secure pages, SQL injection/cross-site scripting (XSS) vulnerabilities, insecure encryption ciphers and open mail relays. Sources of information leakage such as email addresses and IP addresses in the headers or the page will be logged. Includes a separate module called domaincheck which checks the domain expiry date, SSL certificate expiry date and SPF records. -
22
Minecraft-PSC
Minecraft private Skin Center
Hello everyone! So what is this? well, i just made a cms for private servers, to manage their own premium skins. its a PHP based CMS, players can register, login, upload, delete, edit their own skins.(it contains the latest Skincraft too for editing) Remember its in beta status there WILL be updates!! but it works great! It has a wardrobe too! since 0.9 Beta. Current version: MC-PSC V1.0.0 RC1 WARNING! ALL THOSE WHO USES THE PREVIOUS VERSION(0.9 and lower), I HAVE TO ANNOUNCE THAT... -
23
Outpost
A first defense of web application security
It rejects/redirects the user agent that are known to be with bad intention, such as sql injection payload from sqlmap, scanners and so on. -
24
Mole
Automatic SQL Injection Exploitation Tool
Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. The CLI also provides auto-completion on both commands and command arguments, making the user type as less as possible. -
25
w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more. This project has been migrated to github! See details in our project site: http://w3af.org/