Sql Injection

eXlent2k7 is a CMS based on the most modern technologies (XHTML 1.1, CSS 2.1, PHP 5 objects, PDO, XML, DOM) with good security (CSRF protection, XSS prevention in template system, javascript can be disabled, SQL injection prevention in database class).

Using a hash array, a user may escape or un-escape any string using any string.Also unescape it, or customize it for any database, or other application. It prevents(?) or lessens the likelyhood of SQL injection.

Information can be stored in and retrieved from database table records mapped to objects with Persistent Objects for PHP.The different types of database table columns are abstracted with individual data type classes, which help preventing SQL injection security attacks.Persistent Objects for PHP...


Platforms: PHP

Find out why BF Survey Basic is one of the most user friendly Joomla survey extensions available. Don't waste hours trying to figure out other complex extensions, download BF Survey Basic Trail* now and in minutes you will have a professional looking survey in your own Joomla environment.Simply...


Platforms: PHP

Scrubbr is a BSD-licensed database scanning tool that checks numerous database technologies for the presence of possible stored cross-site scripting attacks. The tool was partially inspired by "Scrawlr", a trimmed-down version of HP's WebInspect which was released for free after the so-called...


Platforms: Mac

Laudanum is a collection of injectable files, designed to be used in a pentest when SQL injection flaws are found and are in multiple languages for different environments.They provide functionality such as shell, DNS query, LDAP retrieval and others.


Platforms: Mac

Sheba offers SQL management for people that don't mind SQL. Motivation I can write SQL faster than I can figure out the various library and ORM abstraction layers. Writing SQL directly in code is pretty disgusting. So I stole an idea from the Axamol SQL Library and along with a couple updates...


Platforms: *nix

SpaceMonkey is a Web application auditing tool. It can detect bugs or security flaws without using a knowledge database. It uses fault injection technics ('fuzzing') in order to reveal the flaws (SQL injection, XSS, File inclusion, command execution ).


Platforms: *nix

dotDefender Monitor for Apache is the only way to know who is attacking your web site in real time. Residing on the server as webserver plug-in, dotDefender can be installed and implemented in minutes without influence on traffic or network architecture. dotDefender Monitor provides plug-and-play...


Platforms: *nix

The goal of a vulnerability assessment system is to identify devices on your network that are open to known vulnerabilities. Vulnerabilities if often left undetected pose a serious security risk to enterprise systems and can leave your vital corporate data exposed to malicious attacks. For you it...


Platforms: Windows, *nix

HttpSentry is a free IIS Filter to detect hacker attacks. It prevents common problems such as SQL injection, Directroy traversal and many more. it also supports URL rewrite and Server masking.


Platforms: Windows

Matew provides a valid HTML/CSS generator for static image albums. Matew is a valid HTML/CSS generator for static image albums. It supports retrieving information from EXIF cameras and includes customizable options like character set encoding. Albums may contain sub-albums, and the appearance...


Platforms: *nix

Spike Proxy is an open source HTTP proxy for finding security flaws in web sites. SPIKE Proxy is part of the Spike Application Testing Suite and supports automated SQL injection detection, web site crawling, login form brute forcing, overflow detection, and directory traversal detection. To...


Platforms: *nix

Spey is a smart SMTP proxy that provides an easy way to add greylisting to your mail setup. This can dramatically reduce the amount of spam you get, which is generally considered to be a Good Thing. Spey is very simple to set up, efficient to use, and extremely effective. Why use Spey?...


Platforms: *nix

Xchangeboard is forum software based on PHP and MySQL. The project offers an easy way of administration to handle design and/or user-specific tasks. The look and feel resembles other well known boards. Whats New in This Release: - An issue has been fixed that allowed a user to conduct SQL...


Platforms: *nix

Fire Encrypter is an Firefox extension which gives you encryption/decryption and hashing functionality right from your Firefox browser, mostly useful for developers or for education & fun. The new FireEncrypter is ready! (v-3.0, this version contains the following ciphers: - AES (Rijndael...


Platforms: *nix

A collaboration between the open source community and Rapid7, Metasploit software helps security and IT professionals identify security issues, verify vulnerability mitigations, and manage expert-driven security assessments, providing true security risk intelligence. Capabilities include smart...


Platforms: Windows

A collaboration between the open source community and Rapid7, Metasploit software helps security and IT professionals identify security issues, verify vulnerability mitigations, and manage expert-driven security assessments, providing true security risk intelligence. Capabilities include smart...


Platforms: Linux

A collaboration between the open source community and Rapid7, Metasploit software helps security and IT professionals identify security issues, verify vulnerability mitigations, and manage expert-driven security assessments, providing true security risk intelligence. Capabilities include smart...


Platforms: Linux

The signature-based DragonWAF activates defense mechanism when IIS server is under attack, it records all attack patterns using intellectual filtration techniques, webmasters are able to add more filtration strings by themselves, customize warning messages. The multiple graphic reports facilitate...


Platforms: Windows