1.9 KiB
1.9 KiB
LIBINJECTION
Libinjection is a small C library to detect SQLi attacks in user input with the following goals:
- Open. Source code is on GitHub.
- Low false-positives. When there are high false positives, people tend to turn off any WAF or protection.
- Excellent detection of SQLi.
- High performance (currently over 500,000 TPS)
- Easy to test and QA
- Easy to integrate and extend
Try it now
Easy to integrate
- Standard C code, and compiles as C99 and C++, with bindings to
- Python
- PHP
- Lua
- Small - about 1500 lines of code in three files
- Compiles on Linux/Unix/BSD, Mac and Windows
- No threads used and thread safe
- No recursion
- No (heap) memory allocation
- No extenal library dependencies
- 400+ unit tests
- 98% code coverage
- BSD License
Third-Party Ports
- java
- At least two .NET ports exists
- Another python wrapper
Applications
- ModSecurity - since 2.7.4 release
- IronBee - since May 2013
- Proprietary Honeypot
- Proprietary WAF, Russia
- Proprietary WAF, Japan