corazawaf/libinjection-go
GitHub: corazawaf/libinjection-go
libinjection 的 Go 移植版,提供轻量级的 SQL 注入和 XSS 检测能力,适用于 Web 应用防火墙等安全场景。
Stars: 52 | Forks: 10
# libinjection
[](https://opensource.org/licenses/BSD-3-Clause)
[](https://codecov.io/gh/corazawaf/libinjection-go)
[](https://github.com/corazawaf/libinjection-go/actions/workflows/codeql.yml)
libinjection 是 libinjection([http://www.client9.com/projects/libinjection/](http://www.client9.com/projects/libinjection/))的 Go 移植版,并且它是线程安全的。
## 如何使用
### SQLi 示例
```
package main
import (
"fmt"
"github.com/corazawaf/libinjection-go"
)
func main() {
result, fingerprint := libinjection.IsSQLi("-1' and 1=1 union/* foo */select load_file('/etc/passwd')--")
fmt.Println("=========result==========: ", result)
fmt.Println("=======fingerprint=======: ", string(fingerprint))
}
```
### XSS 示例
```
package main
import (
"fmt"
"github.com/corazawaf/libinjection-go"
)
func main() {
fmt.Println("result: ", libinjection.IsXSS(""))
}
```
## 许可证
libinjection-go 采用与 [libinjection](http://www.client9.com/projects/libinjection/) 相同的许可证进行分发。
标签:CISA项目, DOE合作, EVTX分析, Go, Ruby工具, SQL注入检测, WAF组件, Web安全, XSS检测, 日志审计, 蓝队分析