#Sql-injection

Showing 60 of 78 repositories tagged #sql-injection, ranked by stars

sqlmapproject
sqlmapproject
sqlmap

Automatic SQL injection and database takeover tool

Score
100
★ 37.8k ⑂ 6.3k +43/day
Python
chaitin
chaitin
SafeLine

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

Score
100
★ 21.7k ⑂ 1.4k +40/day
Go
Hacker0x01
Hacker0x01
hacker101

Source code for Hacker101.com - a free online web and mobile security class.

Score
91
★ 14.5k ⑂ 2.7k +3/day
SCSS
digininja
digininja
DVWA

Damn Vulnerable Web Application (DVWA)

Score
100
★ 13.3k ⑂ 5.0k +20/day
PHP
reddelexc
reddelexc
hackerone-reports

Top disclosed reports from HackerOne

Score
80
★ 6.3k ⑂ 1.1k +14/day
Python
andresriancho
andresriancho
w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.

Score
89
★ 4.9k ⑂ 1.2k +1/day
Python
Arachni
Arachni
arachni

Web Application Security Scanner Framework

Score
98
★ 4.0k ⑂ 785 +2/day
Ruby
codingo
codingo
NoSQLMap

Automated NoSQL database enumeration and web application exploitation tool.

Score
95
★ 3.3k ⑂ 625
Python
palahsu
palahsu
DDoS-Ripper

DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic

Score
97
★ 2.8k ⑂ 685 +9/day
Python
ron190
ron190
jsql-injection

jSQL Injection is a Java application for automatic SQL database injection.

Score
94
★ 1.8k ⑂ 440 +2/day
Java
Safe3
Safe3
uusec-waf

Industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.

Score
92
★ 1.7k ⑂ 168 +2/day
Shell
swisskyrepo
swisskyrepo
GraphQLmap

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)

Score
79
★ 1.7k ⑂ 225
Python
DataWithBaraa
DataWithBaraa
sql-ultimate-course

The most comprehensive SQL guide from a real-world expert! Learn everything from basics to advanced queries, optimizations, and real-world SQL

Score
100
★ 1.3k ⑂ 584 +12/day
TSQL
Janusec
Janusec
janusec

JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关,提供安全的接入,包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。

Score
80
★ 1.2k ⑂ 268
Go
Ekultek
Ekultek
Zeus-Scanner

Advanced reconnaissance utility

Score
40
★ 992 ⑂ 247
Python
cracker911181
cracker911181
Cracker-Tool

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭

Score
20
★ 921 ⑂ 123
Python
s-shemmee
s-shemmee
SQL-101

Get started with SQL database programming. This beginner's guide provides step-by-step tutorials, practical examples, exercises, and resources to master SQL. Let's unlock the power of data with SQL!

Score
0
★ 734 ⑂ 151 +3/day
nim4
nim4
DBShield

Database firewall written in Go

Score
0
★ 683 ⑂ 161
Go
YagamiiLight
YagamiiLight
Cerberus

一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

Score
77
★ 647 ⑂ 129
Python
rizemon
rizemon
exploit-writing-for-oswe

Tips on how to write exploit scripts (faster!)

Score
0
★ 587 ⑂ 111 +1/day
RisingStack
RisingStack
protect

Proactively protect your Node.js web services

Score
62
★ 399 ⑂ 23
JavaScript
brandonprry
brandonprry
gray_hat_csharp_code

This repository contains full code examples from the book Gray Hat C#

Score
70
★ 397 ⑂ 123
C#
americo
americo
sqlifinder

SQL Injection Vulnerability Scanner made with Python

Score
88
★ 393 ⑂ 73
Python
dev-angelist
dev-angelist
eJPTv2-Notes

eLearnSecurity Junior Penetration Tester (eJPT) v2 Notes

Score
65
★ 370 ⑂ 86 +2/day
JiuZero
JiuZero
z0scan

A lightweight active and passive scanner that combines the advantages of local and distributed models, supports dynamic external plugin import, and is dedicated to exploring web black-box vulnerabilities.

Score
60
★ 365 ⑂ 28 +1/day
Python
AlaBouali
AlaBouali
bane

The "bane" Python library stands out as a robust toolkit catering to a wide spectrum of cybersecurity and networking tasks. Its versatile range of functionalities covers various aspects, including bruteforce attacks, cryptographic methods, DDoS attacks, information gathering, botnet creation and management, and CMS vulnerability scanning and more..

Score
64
★ 358 ⑂ 70 +1/day
Python
youki992
youki992
VscanPlus

[VscanPlus内外网漏洞扫描工具]已更新HW热门漏洞检测POC。基于veo师傅的漏扫工具vscan二次开发的版本,端口扫描、指纹检测、目录fuzz、漏洞扫描功能工具,批量快速检测网站安全隐患。An open-source, cross-platform website vulnerability scanning tool that helps you quickly detect website security vulnerabilities.

Score
82
★ 346 ⑂ 26 +1/day
Go
OSTEsayed
OSTEsayed
OSTE-Meta-Scan

The OSTE meta scanner is a comprehensive web vulnerability scanner that combines multiple DAST scanners, including Nikto Scanner, ZAP, Nuclei, SkipFish, and Wapiti.

Score
71
★ 306 ⑂ 43
Python
dragonked2
dragonked2
Egyscan

Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:

Score
85
★ 301 ⑂ 60
Python
Cvar1984
Cvar1984
sqlscan

Quick SQL Scanner, Dorker, Webshell injector PHP

Score
58
★ 259 ⑂ 39
PHP
errorfiathck
errorfiathck
IDOR-Forge

IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.

Score
73
★ 236 ⑂ 43 +2/day
Python
offensive-hub
offensive-hub
black-widow

GUI based offensive penetration testing tool (Open Source)

Score
56
★ 224 ⑂ 46
Python
AikidoSec
AikidoSec
firewall-node

Zen protects your Node app against attacks with one line of code. Get peace of mind— at runtime.

Score
83
★ 199 ⑂ 43
TypeScript
SecAegis
SecAegis
SecReport

ChatGPT加持的,多人在线协同信息安全报告编写平台。目前支持的报告类型:渗透测试报告,APP隐私合规报告。

Score
0
★ 183 ⑂ 21
Python
ImStillDeadinside
ImStillDeadinside
LinuxCheatSheet

Linux Cheat Sheet

Score
42
★ 128 ⑂ 17
terjanq
terjanq
Flag-Capture

Solutions and write-ups from security-based competitions also known as Capture The Flag competition

Score
36
★ 105 ⑂ 15
HTML
Warxim
Warxim
vucsa

Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.

Score
41
★ 101 ⑂ 28
Java
Keramas
Keramas
mssqli-duet

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

Score
33
★ 91 ⑂ 18
Python
abunuwas
abunuwas
fencer

Automated API security testing

Score
32
★ 87 ⑂ 12
Python
jackaduma
jackaduma
NLP4CyberSecurity

NLP model and tech for cyber security tasks

Score
38
★ 86 ⑂ 26
Jupyter Notebook
UCYBERS
UCYBERS
Bug-Bounty-Beginner-Roadmap

This repository is a curated resource for aspiring bug hunters, offering hands-on labs, tools, and structured guidance to support your learning and practical development in the field of ethical hacking and vulnerability research.

Score
24
★ 80 ⑂ 4
ronin-rb
ronin-rb
ronin-vulns

Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.

Score
68
★ 78 ⑂ 21
Ruby
arpeetrathii
arpeetrathii
50-Days-Of-SQLi

Learning and hunting SQL injection bugs for 50 continuous days

Score
29
★ 75 ⑂ 16
miladrezanezhad
miladrezanezhad
web-security-scanner-pro

Advanced web security scanner with 49 modules, evasion engine, and CVE database.

Score
74
★ 75 ⑂ 1 +1/day
Python
snsttr
snsttr
diwa

A Deliberately Insecure Web Application

Score
53
★ 73 ⑂ 90
PHP
Teycir
Teycir
BurpAPISecuritySuite

Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration, and automated reconnaissance. Supports REST/GraphQL/SOAP APIs with Nuclei, Turbo Intruder, and external tool integration. OWASP API Top 10 coverage.

Score
76
★ 73 ⑂ 9
Python
payload-box
payload-box
sql-injection-payload-list

The primary goal of this project is to explain SQL Injection (one of the OWASP Top 10 vulnerabilities) and to provide a beneficial resource for the security community.

Score
67
★ 72 ⑂ 25 +3/day
PHP
JasonHinds13
JasonHinds13
hackable

A python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks

Score
48
★ 72 ⑂ 62
Python
askbuddie
askbuddie
vulnerabilities

List of every possible vulnerabilities in computer security.

Score
39
★ 71 ⑂ 38
quadcoreside
quadcoreside
QuadCore-Web-SQLi-Injecter-DB-Dumper

WEB SQLi Injection DB Dumper DATA Hacking Tool

Score
44
★ 63 ⑂ 58
PHP
Piyush-2975
Piyush-2975
Advanced-WAF-WAFinity

An Advanced Web Application Firewall that protects against threats like SQL injection and XSS by filtering HTTP traffic. It combines signature-based detection and machine learning-based anomaly detection to identify obfuscated, zero-day, and unknown attacks through behavioral analysis.

Score
23
★ 56 ⑂ 14
Python
Ninja-Yubaraj
Ninja-Yubaraj
SQL-Injection-Payloads-List

SQL Injection Payloads List.

Score
21
★ 43 ⑂ 9
vizzdoom
vizzdoom
sqlmap-command-builder

Advanced SQLMap command builder with an intuitive cheatsheet UI. Works locally in your browser as a single HTML file (no data sent anywhere).

Score
12
★ 38 ⑂ 3
HTML
CyberNilsen
CyberNilsen
CyberInject

A comprehensive browser extension designed for authorized security testing and penetration testing activities. CyberInject provides quick access to common security payloads across multiple vulnerability categories.

Score
61
★ 36 ⑂ 5 +5/day
HTML
keusuanl-sec
keusuanl-sec
Advanced-Web-Application-Firewall

An Advanced Web Application Firewall that protects against threats like SQL injection and XSS by filtering HTTP traffic. It combines signature-based detection and machine learning-based anomaly detection to identify obfuscated, zero-day, and unknown attacks through behavioral analysis.

Score
18
★ 34 ⑂ 4
HTML
AnonKryptiQuz
AnonKryptiQuz
CoupDeWeb

CoupDeWeb is an automated web vulnerability scanner designed for security researchers and developers. It scans for potential vulnerable endpoints, targeting various types of vulnerabilities such as XSS, SQL Injection, and more.

Score
14
★ 34 ⑂ 6
Shell
Ranginang67
Ranginang67
WSS

gathering or searching websites that are vulnerable to sql injection ( GUI Tools )

Score
17
★ 34 ⑂ 10
Xib3rR4dAr
Xib3rR4dAr
filter-var-sqli

Bypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )

Score
8
★ 32 ⑂ 1
4xyy
4xyy
AI-Vuln-Scanner

An AI-powered web application vulnerability scanner that automates the detection of common security flaws and provides AI-driven insights for impact assessment and remediation suggestions.

Score
15
★ 32 ⑂ 9
Python
AhmedMohamedDev
AhmedMohamedDev
Godzilla

Godzilla is an automated scanner tool for bug hunters/pentesters that can scan website for vulnerabilities, Do Information gathering in Network range, exploit and attack network.

Score
20
★ 30 ⑂ 14
Python
Related Topics
#security#xss#penetration-testing#hacking#cybersecurity#python#web-security#security-tools#pentesting#vulnerability#waf#csrf

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly