GitPlanet
All Categories → Security → sql-injection

Top 58 sql-injection open source projects

Intruderpayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
✭ 2,779
BlitzBasicPHPshellHTMLbugbountyfuzzinginjectionattackburpsuitesql-injectionpayloadsfuzzintruderfuzz-listsburpsuite-engagementburpsuite-intruder
Autosqli
An automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.
✭ 222
pythonosintinfosectorwafsql-injectionautomated
Bobby Tables
bobby-tables.com, the site for preventing SQL injections
✭ 220
perlhacktoberfestsqlsql-injection
Inject Some Sql
Have fun injecting SQL into a Ruby on Rails application!
✭ 211
rubysecurityrailsruby-on-railssql-injectionsqli
Blisqy
Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).
✭ 179
pythonsqlexploitationappsecsql-injection
Hacker101
Source code for Hacker101.com - a free online web and mobile security class.
✭ 12,246
SCSSHTMLjavascriptshellrubysecurityhackingeducationxssweb-securitysql-injectioncsrfvulnerabilitymobile-securityclickjackinghackeronesession-fixationhacker101unchecked-redirects
So Sql Injections
SQL injection vulnerabilities in Stack Overflow PHP questions
✭ 154
mysqlsql-injection
Phpvuln
Audit tool to find common vulnerabilities in PHP source code
✭ 146
pythonhackingpenetration-testingvulnerabilityxssauditowaspsql-injectionsqli
Sqlite Lab
This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
✭ 140
pentestingsecurity-auditsql-injection
Nosqlmap
Automated NoSQL database enumeration and web application exploitation tool.
✭ 1,928
pythonPHPhacktoberfestredismongodbhackingsecurity-toolspenetration-testingscannerbugbountynosqlhacking-toolsecurity-auditenumerationdatabasesoffensive-securitycouchdbsql-injectionnosql-databasesmongodb-databaseweb-application-securitysecurity-toolset
Black Widow
GUI based offensive penetration testing tool (Open Source)
✭ 124
pythondockersecuritydockerfileopen-sourceguiparsertoolcrawlerpenetration-testingclustercybersecurityoffensive-securitysql-injectionsniffing
Fawkes
Fawkes is a tool to search for targets vulnerable to SQL Injection. Performs the search using Google search engine.
✭ 108
pythonsecurityhackinggooglecrawlersql-injection
Sourcecodesniffer
The Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
✭ 87
javaccsharphtmlsecurityanalysisstatic-code-analysisxssasp-netsql-injection
Mssqli Duet
SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
✭ 82
pythonwindowspenetration-testingactive-directorymssqlsql-injectionapplication-securityburp-extensionsburp-plugin
Sap exploit
Here you can get full exploit for SAP NetWeaver AS JAVA
✭ 60
pythonexploitvulnerabilitysql-injection
Pentesting Bible
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
✭ 8,981
linuxwindowsawesomeawesome-listhackingpentestingmalwareosintresourcesbugbountyhacking-toolmalware-analysisredteamkali-linuxinformation-gatheringsql-injectioncsrfdorkxxeosint-resources
Local File Disclosure Sql Injection Lab
This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. If you have any doubt, ping me at https://twitter.com/IndiShell1046 :)
✭ 41
sql-injectionvulnerability-assessment
Leviathan
wide range mass audit toolkit
✭ 862
pythonexploitationservice-discoverybrute-forcesql-injection
Sqliv
massive SQL injection vulnerability scanner
✭ 840
pythoncrawlerscannerscanningmultiprocessingsql-injectionsqli
Jsql Injection
jSQL Injection is a Java application for automatic SQL database injection.
✭ 891
javadockerspring-bootdevopshackingpentesttravis-cihibernatekali-linuxctf-toolssql-injection
Xojo Sqlbuilder
Xojo classes to build a SQL statement
✭ 6
sqlsql-injection
Janusec
Janusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关,提供快速、安全的应用交付。
✭ 771
gogolangsecuritygatewayxssreverse-proxywafsql-injectionapplication-security
Sql Injection Payload List
🎯 SQL Injection Payload List
✭ 716
hackingbugbountyinjectionpayloadsql-injectionwebsecuritypayloads
Zeus Scanner
Advanced reconnaissance utility
✭ 706
pythonreconvulnerability-scannerssql-injectionport-scanner
Blazy
Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
✭ 637
pythonscannercloudflarebruteforcebrute-forcewafsql-injectiondetectorcsrf
Dbshield
Database firewall written in Go
✭ 620
gogolangdatabasemysqlpostgresqloraclemariadbsql-injectiondb2
Dvwa
Damn Vulnerable Web Application (DVWA)
✭ 5,727
PHPjavascriptCSSpythonsecurityhackinginfosectrainingsql-injectiondvwa
Hackerone Reports
Top disclosed reports from HackerOne
✭ 458
pythonbugbountyxssrcesql-injectioncsrfreports
Graphqlmap
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.
✭ 434
pythonhacktoberfestgraphqlpentestctfsql-injection
Sqlinjectionwiki
一个专注于聚合和记录各种SQL注入方法的wiki
✭ 402
javascriptmysqlwikioraclesqlservermssqlsql-injection
Protect
Proactively protect your Node.js web services
✭ 394
javascriptnodejssecurityexpressxsssql-injection
Cerberus
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
✭ 389
pythonproxysecurity-toolsmiddlewarepenetration-testinghacking-toolxsswafbypasssql-injectionwebsecurity
Sqlmap
Automatic SQL injection and database takeover tool
✭ 21,907
pythoncshellHTMLperlC++databasepentestingdetectionexploitationsql-injectionvulnerability-scannersqlmaptakeover
W3af
w3af: web application attack and audit framework, the open source web vulnerability scanner.
✭ 3,804
pythonHTMLRoffjavascriptshellcsecurityscannerappsecsql-injectioncross-site-scripting
Sqli Hunter
SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
✭ 340
rubypentestingdetectionexploitationsql-injectionvulnerability-scanner
Gray hat csharp code
This repository contains full code examples from the book Gray Hat C#
✭ 301
securitydotnetautomationpentestingxamarinredteammonopayloadmetasploitfuzzersql-injectionblueteam
Arachni
Web Application Security Scanner Framework
✭ 2,942
javascriptrubyHTMLhackingcrawlerpenetration-testingdetectionscanneranalysisdomsecurity-auditmodularweb-applicationxssauditvulnerability-detectionsql-injectionarachniscanners
Damnwebscanner
Another web vulnerabilities scanner, this extension works on Chrome and Opera
✭ 254
pythonpluginextensionrcesql-injectionscans
SQLbit
Just another script for automatize boolean-based blind SQL injections. (Demo)
✭ 30
pythonsqlsql-injectionpentesting
vulnerabilities
List of every possible vulnerabilities in computer security.
✭ 14
securityhackingxsspenetration-testingsql-injectioncsrfpentestingvulnerabilitieshacktoberfestinclusionunintended-data-leakage
Resources
No description or website provided.
✭ 38
osintscannerphishingxssresourcessql-injectionbugbountyhoneyhoney-pots
gDorks
Vulnerable website scraper
✭ 25
pythonsqlinjectionsql-injectionsql-scannergoogle-dorksdorks
SQL-nightmare
SQL SERVER Exploitation.
✭ 27
C#sql-serversql-injection
Flag-Capture
Solutions and write-ups from security-based competitions also known as Capture The Flag competition
✭ 84
HTMLpythonJupyter NotebookcPHPjavascriptcompetitionwebsql-injectioncsrfctfcapture-the-flagssrfxss-injectioncss-injection
sqlinjection-training-app
A simple PHP application to learn SQL Injection detection and exploitation techniques.
✭ 56
PHPCSSDockerfileexploitsql-injectionapplication-securityweb-securityappsecvulnerable-web-appowasp-top-10owasp-top-tenvulnerable-appstraining-app
Cracker-Tool
All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭
✭ 181
pythonshellfacebookhackingsqlitemp-mailsql-injectionpentestingcrackerweb-toolwebtooltermuxpentestsqlinjectiontermux-tooltermux-hackingcracker911181cracker-toolcracker911181-tool
cyber-gym
Deliberately vulnerable scripts for Web Security training
✭ 19
HTMLPHPCSSjavascriptDockerfileslidesqlwebslidesinjectionsql-injectionxss-vulnerabilityweb-securityxss-exploitationdirectory-traversal
diwa
A Deliberately Insecure Web Application
✭ 32
PHPtrainingeducationsecuritypracticehackingxssbrute-force-attackslearnsql-injectioncsrfinfosecweb-securitywebappsecsecurity-threatsowasp-top-10session-fixationsensitive-data-exposuresession-hijackinglocal-file-inclusionpath-traversal
tensorflow-tbcnn
Tree-based Convolutional Neural Network for SQL Injection Detect
✭ 33
pythontensorflowsql-injectiontbcnn
soar-php
SQL optimizer and rewriter. - SQL 优化、重写器(辅助 SQL 调优)。
✭ 140
PHPmysqlsqlalchemysqloptimizersql-querydebugsql-injectionoptimization-toolssoarsql-optimizer
bane
this is a python module that contains functions and classes which are used to test the security of web/network applications. it's coded on pure python and it's very intelligent tool ! It can easily detect: XSS (relected/stored), RCE (Remote Code/Command Execution), SSTI, SSRF, CORS Misconfigurations, File Upload, CSRF, Path Traversal,.... Also, …
✭ 167
pythontorhackingddos-attackssql-injectionxss-scannerclickjackingencryption-decryptionbruteforce-attacksinformation-gathering-toolshacking-toolsremote-code-executioncsrf-scannerwordpress-vulnerability-scannerproxies-scrapercors-misconfiguration-scanneriot-hackingremote-command-executionpath-traversal-scannerrce-scannerssrf-scanner
aws-waf
Deep Security's APIs make it simple to integration with a variety of AWS Services
✭ 42
sql-injectionsecurity-automationiplistaws-wafcross-site-scriptingdeep-security
filter-var-sqli
Bypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )
✭ 29
penetration-testingbug-bountysql-injectionwaf-bypass
magicRecon
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
✭ 478
shelltoolscannerbugsubdomainsql-injectionxss-vulnerabilityinfosecnucleibugbountybash-scriptvulnerability-scannersbugbounty-toolbugbountytrickssubdomains-enumeration
hackable
A python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks
✭ 61
pythonHTMLjavascriptCSSsecuritydemohackingxsssql-injectionpython-flaskxss-attacks
solutions-bwapp
In progress rough solutions to bWAPP / bee-box
✭ 158
HTMLxsshtml-injectionsql-injectioncsrfappsecdirectory-traversalbwappxpath-injection
sqlscan
Quick SQL Scanner, Dorker, Webshell injector PHP
✭ 140
PHPframeworksqlfuzzy-searchhackingpenetration-testingsql-injectionpentestinggeektoolpentesthacktoberfestpentest-toolscanner-webdefacementdorkingdeface-tools
hasherbasher
SQL injection via bruteforced MD5 hash reflection of random strings
✭ 40
gosecuritysql-injectionpentesting
1-58 of 58 sql-injection projects