sql-injection

There are 124 repositories under sql-injection topic.

• sqlmapproject / sqlmap

  Automatic SQL injection and database takeover tool

  sql-injectiondetectionexploitationtakeoverpythondatabasepentestingvulnerability-scannersqlmap
  Language:Python 35731
• SafeLine

  chaitin / SafeLine

  SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

  firewallhttp-floodsecuritysql-injectionwafweb-application-firewallweb-securityxsscaptchaapi-gatewayappseccvecybersecurityhackersvulnerabilitywebsecurityapplication-securitybruteforceblueteamself-hosted
  Language:Go 19101

• Hacker0x01 / hacker101

  Source code for Hacker101.com - a free online web and mobile security class.

  educationhackingsecurityhackeronehacker101xssclickjackingcsrfweb-securitysession-fixationunchecked-redirectssql-injectionmobile-securityvulnerability
  Language:SCSS 14266

• digininja / DVWA

  Damn Vulnerable Web Application (DVWA)

  dvwaphpsql-injectionsecuritytraininginfosechacking
  Language:PHP 12103

• payloadbox / sql-injection-payload-list

  🎯 SQL Injection Payload List

  sql-injectionattackersql-injection-attackssql-injection-proofsql-injection-exploitationsql-injectionssql-injection-payloadsinjection-payloadssql-injection-filterersql-injection-attackowasp-top-10payloadspayloadwebsecuritybugbountysecurity-researchhackingsql-injectinjection-attacksinjection
  5975

• reddelexc / hackerone-reports

  Top disclosed reports from HackerOne

  writeupshackeronebugbountyreportsxssxxesql-injectioncsrfidorrcessrfsecurity
  Language:Python 4989

• andresriancho / w3af

  w3af: web application attack and audit framework, the open source web vulnerability scanner.

  scannersecurityappseccross-site-scriptingsql-injection
  Language:Python 4813

• Arachni / arachni

  Web Application Security Scanner Framework

  arachnidomrubyauditdetectionsecurity-auditanalysismodularjavascriptscannersweb-applicationvulnerability-detectioncrawlerscannerhackhackingpenetration-testingxsssql-injection
  Language:Ruby 3965

• 1N3 / IntruderPayloads

  A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

  burpsuiteintruderpayloadsfuzz-listsfuzzingfuzzinjectionburpsuite-engagementburpsuite-intruderattacksql-injectionbugbounty
  Language:BlitzBasic 3867

• codingo / NoSQLMap

  Automated NoSQL database enumeration and web application exploitation tool.

  nosqlnosql-databasespenetration-testingscannersecurity-auditsecurity-toolssecurity-toolsetoffensive-securityenumerationdatabasesmongodbcouchdbweb-application-securitybugbountyredismongodb-databasesql-injectionhackinghacking-toolhacktoberfest
  Language:Python 3183

• kleiton0x00 / Advanced-SQL-Injection-Cheatsheet

  A cheat sheet that contains advanced queries for SQL Injection of all types.

  sqlcheatsheetsql-injectionmysqldumpmysql-injectionmssql-dump
  3092
• DDoS-Ripper

  palahsu / DDoS-Ripper

  DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic

  ddos-attacksddos-toolddos-attack-toolsddos-protectionddosddos-attack-tooldenial-of-serviceattack-defensedeface-websitehacking-toolshacking-toolddos-ripperddos-attackinternet-trafficprotectionweb-securitysecurityattack-serversql-injectionlinux-tools
  Language:Python 2562

• ron190 / jsql-injection

  jSQL Injection is a Java application for automatic SQL database injection.

  javasql-injectionctf-toolsspring-bootsonarcloudhibernatedockerhackingspockkali-linuxdevopspentest
  Language:Java 1695
• GraphQLmap

  swisskyrepo / GraphQLmap

  GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)

  graphqlsql-injectionnosql-injectiongraphql-injectionfuzzpentestctfcapture-the-flaghacktoberfest
  Language:Python 1567
• uusec-waf

  Safe3 / uusec-waf

  Industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.

  wafapplication-securityweb-application-firewallmodsecurityweb-security-gatewayapi-gatewayapi-securitywaapsecurityddosowasphipsraspdata-maskxsssql-injectionuusecuusec-wafuuwafletsencrypt
  Language:Lua 1489

• the-robot / sqliv

  massive SQL injection vulnerability scanner

  sqlisqli-vulnerability-scannersql-injectionscanningscannercrawlerreverse-ip-scanmultiprocessing
  Language:Python 1225

• Janusec / janusec

  JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关，提供安全的接入，包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。

  wafweb-application-firewallapplication-gatewayload-balancegatewayapplication-securitygolangsecurityweb-application-securitysql-injectionjanusec-application-gatewayweb-sshjanusecport-forwardingacmek8s-ingress-controllercookie-bannergslbcookie-compliance
  Language:Go 1184

• utkusen / leviathan

  wide range mass audit toolkit

  pythonsql-injectionbrute-forceexploitationport-scanningservice-discovery
  Language:Python 1031
• magicRecon

  robotshell / magicRecon

  MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

  subdomainbugbugbounty-toolbugbountyvulnerability-scannersscannertoolinfosecbugbountytricksbash-scriptsubdomains-enumerationxss-vulnerabilitysql-injectionnuclei
  Language:Shell 1017

• Ekultek / Zeus-Scanner

  Advanced reconnaissance utility

  google-dorksdork-scanningip-block-bypasscaptcha-bypassadmin-panel-finderxss-scannervulnerability-scannerspgp-keyserversql-injectionport-scannerrecon
  Language:Python 987
• Cracker-Tool

  cracker911181 / Cracker-Tool

  All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭

  hackingpython-3pentestpythonshellfacebookwebtoolweb-toolsql-injectionsqlisqlinjectiontermuxtermux-hackingtermux-tooltemp-mailcrackercracker911181cracker-toolcracker911181-toolpentesting
  Language:Python 822

• nim4 / DBShield

  Database firewall written in Go

  sql-injectiondatabasegolangmysqldb2postgresqlmariadboracle
  Language:Go 685

• chushuai / wscan

  Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.

  crawlerpassive-vulnerability-scannerpocsql-injectionvulnerability-scannerwebscanchromedpheadlesscel-gomartianwscanxsssubdomainstestwafwaf
  Language:Go 651

• YagamiiLight / Cerberus

  一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

  hacking-toolsql-injectionxsswafproxymiddlewaressrfpenetration-testingsecurity-toolswebsecuritypythonbypass
  Language:Python 648

• DataWithBaraa / sql-ultimate-course

  The most comprehensive SQL guide from a real-world expert! Learn everything from basics to advanced queries, optimizations, and real-world SQL

  datadata-engineeringdata-sciencedatabasedatabase-managementdatabase-migrationsdatabaseslearn-sqlquerysqlsql-databasesql-injectionsql-queriessql-querysql-serversql-server-databasesql-server-management-studiosqlitedata-analyticsproject
  Language:TSQL 642

• ning1022 / SQLInjectionWiki

  一个专注于聚合和记录各种SQL注入方法的wiki

  mysqlmssqlsql-injectionwikisqlserveroracle
  Language:JavaScript 588

• s-shemmee / SQL-101

  Get started with SQL database programming. This beginner's guide provides step-by-step tutorials, practical examples, exercises, and resources to master SQL. Let's unlock the power of data with SQL!

  sqlsql-challengessql-commandssql-databasesql-serverdata-analysisdata-sciencesql-injection
  564

• rizemon / exploit-writing-for-oswe

  Tips on how to write exploit scripts (faster!)

  awaeawae-preposweoswe-preppythonpython3requestsweb-exploitationcross-site-scriptingsql-injectionsqlixss
  522

• Mr-Robert0 / Logsensor

  A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning

  bugbountyloginlogin-automationsql-injectionsql-injection-exploitationsqlisqlinjectionsql-injection-post
  Language:Python 499

• swisskyrepo / DamnWebScanner

  Another web vulnerabilities scanner, this extension works on Chrome and Opera

  sql-injectionpolyglot-vectorweb-vulnerabilities-scannerpluginextensionwebbrowserxss-vulnerabilityrcelfiscans
  Language:Python 462

• zt2 / sqli-hunter

  SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

  sql-injectiondetectionexploitationrubypentestingvulnerability-scannersqlmap
  Language:Ruby 432

• RisingStack / protect

  Proactively protect your Node.js web services

  securityexpressxsssql-injectionnodejs
  Language:JavaScript 400

• OWASP / Vulnerable-Web-Application

  OWASP Vulnerable Web Application Project https://github.com/hummingbirdscyber

  vulnerable-web-appwebphpsql-injectionxss-vulnerabilitycommand-executionfile-uploaddirectory-traversalxsssql
  Language:PHP 396

• brandonprry / gray_hat_csharp_code

  This repository contains full code examples from the book Gray Hat C#

  sql-injectionfuzzermetasploitpayloadc-sharpautomationdotnetmonoxamarinsecuritynessusopenvasnexposesqlmaparachniclamavcuckoo-sandboxpentestingblueteamredteam
  Language:C# 395

• JohnTroony / Blisqy

  Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).

  sqlsql-injectionblind-sql-injectionsql-payloadsexploitationdatabase-securityappsecblisqyjohn-ombagi
  Language:Python 394

• americo / sqlifinder

  SQL Injection Vulnerability Scanner made with Python

  sqlsql-injectionsql-injection-attacksweb-hackingsecurityscannerhackingvulnerability
  Language:Python 378