Axion-Security/GoInjection

Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 16 Commits
.github/workflows		.github/workflows
backend		backend
build		build
frontend		frontend
scripts		scripts
.gitattributes		.gitattributes
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
SQL_Injection_Lab.py		SQL_Injection_Lab.py
app.go		app.go
crash_reports.json		crash_reports.json
go.mod		go.mod
go.sum		go.sum
img.png		img.png
main.go		main.go
wails.json		wails.json

Repository files navigation

GoInjection

GoInjection Banner

CI Status License Stars

🚀 Features

🛡️ WAF Identification

Detect Web Application Firewalls (WAFs) by analyzing HTTP headers and server responses.
Identifies potential WAFs based on changes in response status codes and content patterns.

🔍 Fingerprinting

Automatically detects the type of database by analyzing errors and executing advanced SQL injection techniques like UNION and stacked queries.
Custom tool-generated queries ensure precise fingerprinting.

⚙️ Interpreter

Automatically selects the correct SQL dialect (MySQL, PostgreSQL, MSSQL, etc.) based on the target DBMS.
Ensures the right syntax for effective SQL injections.

🧩 Resolver

In development, this feature helps identify table columns and the name of the current database for more advanced injections.
Essential for gaining deeper access to database structures.

💥 Injection Types

Supports Blind Injections (Boolean and Time-based), Error-based Injections, and UNION-based Injections.
Queries for these injection types are automatically created by the tool’s custom query generator.

🎨 GUI (Graphical User Interface)

Modern, user-friendly interface designed to simplify the process, making it accessible for both experienced pentesters and beginners.
Features intuitive controls for both new and experienced users.

⚙️ SQL Query Builder

Generates tailored SQL payloads for each DBMS, optimizing query structure, including custom openings, endings, and elements.
Fully automated query builder for each injection type.

📦 Installation

Prerequisites:

Ensure you have Python 3.x installed and the required dependencies:

pip install flask pymysql

Setup:

Clone the repository and install dependencies:

git clone https://github.com/Axion-Security/GoInjection.git
pip install flask pymysql

📝 Usage Example

Set up a basic SQL Injection Lab for testing:

USE sql_injection_lab;
CREATE TABLE IF NOT EXISTS products (
 id INT AUTO_INCREMENT PRIMARY KEY,
 name VARCHAR(100) NOT NULL,
 price DECIMAL(10, 2) NOT NULL
);
INSERT INTO products (name, price) VALUES
('Laptop', 799.99),
('Smartphone', 599.99),
('Tablet', 399.99),
('Headphones', 49.99),
('Smartwatch', 199.99);

🔑 License

This project is licensed under the License. See the LICENSE file for more details.

About

Automated SQL Injection written in Golang

www.youtube.com/watch?v=XikAfVW8YSs

Releases 2

v2.0 Latest

Jan 10, 2025

+ 1 release

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

License

Axion-Security/GoInjection

Folders and files

Latest commit

History