SaaSHub helps you find the best software and product alternatives Learn more →
Top 20 sql-injection Open-Source Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
DDoS-Ripper
DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic
-
GraphQLmap
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
-
Vulnerable-Web-Application
OWASP Vulnerable Web Application Project https://github.com/hummingbirdscyber
-
OSTE-Meta-Scan
The OSTE meta scanner is a comprehensive web vulnerability scanner that combines multiple DAST scanners, including Nikto Scanner, ZAP, Nuclei, SkipFish, and Wapiti.
-
Egyscan
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
-
ronin-vulns
Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
-
safeql
Composable / async / functional / type-safe / parallel-pipelined queries and relations without SQL injection or N+1s. (by karmakaze)
-
OSTE-Vulnerable-Web-Application
Vulnerable Web application made with PHP/SQL designed to help new web testers gain some experience and test DAST tools for identifying web vulnerabilities. Containing some of the most well-known vulnerabilities such as SQL, cross-site scripting (XSS), OS command injections, our intention to expand more vulnerabilities for learning purposes.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
sqlmap
Project mention: If you're looking for resources pertaining to hands-on practical demonstrations of learned skills and tools/techniques, look no further. | /r/Kalilinux | 2023-11-15There's also a bunch of intentionally vulnerable Webapps and VMs aimed at demonstrating potential footholds and common exploits leading to owning of the host including but not limited to: bWAPP, Damn Vulnerable Web App, WebGoat, Metasploitable 3, Mutillidae, Juice Shop
Project mention: HoneyPot – I Made a Text Field Only Bots Use – Heres What Happened | news.ycombinator.com | 2023-11-18Yes, a lot of tools, including some like w3af do:
https://github.com/andresriancho/w3af/blob/fb345a5/w3af/core...
This one sends the payload reversed as a test to see if the delay is due to the SQLi attempt
sudo apt install git git clone https://github.com/palahsu/DDoS-Ripper.git cd DDoS-Ripper $ ls $ python3 DRipper.pyИЛИpython2 DRipper.py
Something similar to OWASP's Vulnerable-Web-Application to see them in action and frame exercises for fixing them might work really well.
Project mention: OSTE META SCANNER a new comprehensive web vulnerability scanner | /r/programming | 2023-08-22
I want sum types.
I want a statically-typed way of constructing composable queries that follow SQL rather than reinvent a different thing. It doesn't have to be the same syntax but it has to be the same structuring.
I started writing one[0] and stopped before doing all the boilerplate code generation, having moved on from the JVM ecosystem for the time being. One thing it does is treat most things like sets so we don't end up with N+1 queries. Another trick it uses is collapsing constant expressions via an expression evaluation library[1].
[0] https://github.com/karmakaze/safeql
[1] https://github.com/karmakaze/moja
sql-injection related posts
- Restful API Testing (my way) with Express, Maria DB, Docker Compose and Github Action
- Seeking Insights on Django Antipatterns Book
- Is this sql query in django safe?
- OSTE META SCANNER a new comprehensive web vulnerability scanner
- [Question] Best practices and protecting ubuntu
- Enhancing Code Quality and Security: Building a Rock-Solid CI Test Suite for Seamless Development
- 👨🏻💻Securing Your Web Applications from SQL Injection with SQLMap
-
A note from our sponsor - SaaSHub
www.saashub.com | 26 Apr 2024
Index
What are some of the best open-source sql-injection projects? This list will help you:
Project | Stars | |
---|---|---|
1 | SQLMap | 30,560 |
2 | hacker101 | 13,603 |
3 | DVWA | 9,291 |
4 | w3af | 4,409 |
5 | sql-injection-payload-list | 4,304 |
6 | arachni | 3,639 |
7 | IntruderPayloads | 3,526 |
8 | hackerone-reports | 3,195 |
9 | DDoS-Ripper | 1,897 |
10 | GraphQLmap | 1,289 |
11 | Cracker-Tool | 615 |
12 | exploit-writing-for-oswe | 331 |
13 | Vulnerable-Web-Application | 325 |
14 | OSTE-Meta-Scan | 212 |
15 | Egyscan | 179 |
16 | ronin-vulns | 53 |
17 | metamaska | 19 |
18 | safeql | 15 |
19 | Blinder | 10 |
20 | OSTE-Vulnerable-Web-Application | 9 |
Sponsored