corazawaf/libinjection-go

GitHub: corazawaf/libinjection-go

libinjection 的 Go 移植版,提供轻量级的 SQL 注入和 XSS 检测能力,适用于 Web 应用防火墙等安全场景。

Stars: 52 | Forks: 10

# libinjection [![许可证](https://img.shields.io/badge/License-BSD_3--Clause-blue.svg)](https://opensource.org/licenses/BSD-3-Clause) [![codecov](https://codecov.io/gh/corazawaf/libinjection-go/branch/master/graph/badge.svg?token=RTCQXUDZQQ)](https://codecov.io/gh/corazawaf/libinjection-go) [![CodeQL](https://static.pigsec.cn/wp-content/uploads/repos/cas/53/539e9a6bf48ad24469a4363bff3aa68124154549e26592783d3d8577f2acbbfc.svg)](https://github.com/corazawaf/libinjection-go/actions/workflows/codeql.yml) libinjection 是 libinjection([http://www.client9.com/projects/libinjection/](http://www.client9.com/projects/libinjection/))的 Go 移植版,并且它是线程安全的。 ## 如何使用 ### SQLi 示例 ``` package main import ( "fmt" "github.com/corazawaf/libinjection-go" ) func main() { result, fingerprint := libinjection.IsSQLi("-1' and 1=1 union/* foo */select load_file('/etc/passwd')--") fmt.Println("=========result==========: ", result) fmt.Println("=======fingerprint=======: ", string(fingerprint)) } ``` ### XSS 示例 ``` package main import ( "fmt" "github.com/corazawaf/libinjection-go" ) func main() { fmt.Println("result: ", libinjection.IsXSS("")) } ``` ## 许可证 libinjection-go 采用与 [libinjection](http://www.client9.com/projects/libinjection/) 相同的许可证进行分发。
标签:CISA项目, DOE合作, EVTX分析, Go, Ruby工具, SQL注入检测, WAF组件, Web安全, XSS检测, 日志审计, 蓝队分析