{"id":13420310,"url":"https://github.com/client9/libinjection","last_synced_at":"2025-05-16T03:02:12.123Z","repository":{"id":3888207,"uuid":"4975438","full_name":"client9/libinjection","owner":"client9","description":"SQL / SQLI tokenizer parser analyzer","archived":false,"fork":false,"pushed_at":"2023-10-04T14:35:31.000Z","size":5579,"stargazers_count":1011,"open_issues_count":62,"forks_count":275,"subscribers_count":71,"default_branch":"master","last_synced_at":"2025-04-08T13:07:16.680Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/client9.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG","contributing":null,"funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2012-07-10T14:45:25.000Z","updated_at":"2025-04-08T11:14:49.000Z","dependencies_parsed_at":"2022-06-26T10:31:16.043Z","dependency_job_id":"7cac3472-3478-43d2-9104-34dbe8d3bf2e","html_url":"https://github.com/client9/libinjection","commit_stats":{"total_commits":1892,"total_committers":28,"mean_commits":67.57142857142857,"dds":0.08509513742071884,"last_synced_commit":"e86ff4019a4343579cc307d96d79272d5efcd1be"},"previous_names":[],"tags_count":27,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/client9%2Flibinjection","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/client9%2Flibinjection/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/client9%2Flibinjection/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/client9%2Flibinjection/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/client9","download_url":"https://codeload.github.com/client9/libinjection/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254459077,"owners_count":22074604,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-30T22:01:30.983Z","updated_at":"2025-05-16T03:02:12.104Z","avatar_url":"https://github.com/client9.png","language":"C","funding_links":[],"categories":["TODO scan for Android support in followings","C","others","应用程序 Applications"],"sub_categories":["安全工具 Security tools"],"readme":"[![Build Status](https://travis-ci.org/client9/libinjection.svg?branch=master)](https://travis-ci.org/client9/libinjection)\n[![Coverage Status](https://coveralls.io/repos/client9/libinjection/badge.svg?branch=master\u0026service=github)](https://coveralls.io/github/client9/libinjection?branch=master)  [![license](https://img.shields.io/badge/license-BSD_3--Clause-blue.svg?style=flat)](https://raw.githubusercontent.com/client9/libinjection/master/COPYING)\n\nlibinjection\n============\n\nSQL / SQLI tokenizer parser analyzer. For\n\n* C and C++\n* [PHP](https://libinjection.client9.com/doc-sqli-php)\n* [Python](https://libinjection.client9.com/doc-sqli-python)\n* [Lua](/lua)\n* [Java](https://github.com/jeonglee/Libinjection) (external port)\n* [LuaJIT/FFI] (https://github.com/p0pr0ck5/lua-ffi-libinjection) (external port)\n\nSee\n[https://www.client9.com/](https://www.client9.com/)\nfor details and presentations.\n\nSimple example:\n\n```c\n#include \u003cstdio.h\u003e\n#include \u003cstrings.h\u003e\n#include \u003cerrno.h\u003e\n#include \"libinjection.h\"\n#include \"libinjection_sqli.h\"\n\nint main(int argc, const char* argv[])\n{\n    struct libinjection_sqli_state state;\n    int issqli;\n\n    const char* input = argv[1];\n    size_t slen = strlen(input);\n\n    /* in real-world, you would url-decode the input, etc */\n\n    libinjection_sqli_init(\u0026state, input, slen, FLAG_NONE);\n    issqli = libinjection_is_sqli(\u0026state);\n    if (issqli) {\n        fprintf(stderr, \"sqli detected with fingerprint of '%s'\\n\", state.fingerprint);\n    }\n    return issqli;\n}\n```\n\n```\n$ gcc -Wall -Wextra examples.c libinjection_sqli.c\n$ ./a.out \"-1' and 1=1 union/* foo */select load_file('/etc/passwd')--\"\nsqli detected with fingerprint of 's\u00261UE'\n```\n\nMore advanced samples:\n\n* [sqli_cli.c](/src/sqli_cli.c)\n* [reader.c](/src/reader.c)\n* [fptool](/src/fptool.c)\n\nVERSION INFORMATION\n===================\n\nSee [CHANGELOG](/CHANGELOG) for details.\n\nVersions are listed as \"major.minor.point\"\n\nMajor are significant changes to the API and/or fingerprint format.\nApplications will need recompiling and/or refactoring.\n\nMinor are C code changes.  These may include\n * logical change to detect or suppress\n * optimization changes\n * code refactoring\n\nPoint releases are purely data changes.  These may be safely applied.\n\nQUALITY AND DIAGNOSITICS\n========================\n\nThe continuous integration results at\nhttps://travis-ci.org/client9/libinjection tests the following:\n\n- [x] build and unit-tests under GCC\n- [x] build and unit-tests under Clang\n- [x] static analysis using [clang static analyzer](http://clang-analyzer.llvm.org)\n- [x] static analysis using [cppcheck](https://github.com/danmar/cppcheck)\n- [x] checks for memory errors using [valgrind](http://valgrind.org/)\n- [x] code coverage online using [coveralls.io](https://coveralls.io/github/client9/libinjection)\n\nLICENSE\n=============\n\nCopyright (c) 2012-2016 Nick Galbreath\n\nLicensed under the standard [BSD 3-Clause](http://opensource.org/licenses/BSD-3-Clause) open source\nlicense.  See [COPYING](/COPYING) for details.\n\nEMBEDDING\n=============\n\nThe [src](https://github.com/client9/libinjection/tree/master/src)\ndirectory contains everything, but you only need to copy the following\ninto your source tree:\n\n* [src/libinjection.h](/src/libinjection.h)\n* [src/libinjection_sqli.c](/src/libinjection_sqli.c)\n* [src/libinjection_sqli_data.h](/src/libinjection_sqli_data.h)\n* [COPYING](/COPYING)\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fclient9%2Flibinjection","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fclient9%2Flibinjection","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fclient9%2Flibinjection/lists"}