Axion-Security
diff --git a/‎.gitignore‎
Lines changed: 2 additions & 0 deletions b/‎.gitignore‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 75 additions & 25 deletions b/‎README.md‎
Lines changed: 75 additions & 25 deletions
diff --git a/‎SQL_Injection_Lab.py‎
Lines changed: 12 additions & 47 deletions b/‎SQL_Injection_Lab.py‎
Lines changed: 12 additions & 47 deletions
@@ -20,3 +20,5 @@
 # Go workspace file
 go.work
 /.idea
+/frontend/dist
+/node_modules
@@ -1,23 +1,78 @@
 # GoInjection
-![img.png](img.png)
-
-## Overview
-This project is designed to perform SQL injection testing on various database systems. It includes functions to determine the number of columns in a database table and to identify the database type based on the response to SQL injection queries.
-
-## Features
-- SQL Injection Testing: Perform SQL injection testing on various database systems.
-- Column Count Detection: Determine the number of columns in a database table using SQL injection.
-- Database Type Identification: Identify the database type (MySQL, PostgreSQL, MsSQL, SQLite) based on SQL injection responses.
-- Word Count Analysis: Count the occurrences of words in the response to help identify the database.
-- WAF Detection: Detect the presence of Web Application Firewalls (WAF) by analyzing HTTP responses and status codes.
-- WAF Identification: Identify specific WAFs (e.g., Cloudflare, Cloudfront, Akamai, Sucuri) based on HTTP headers and response content.
-- Multi-DBMS Support: Support for multiple database management systems (DBMS) including MySQL, PostgreSQL, MsSQL, and SQLite.
-
-## Testing
-```py
-pip install flask
-pip install mysql-connector-python
+![GoInjection Banner](img.png)
+
+<p align="center">
+  <a href="#Features">🔧 Features</a> | 
+  <a href="#WAFIdentification">🛡️ WAF Identification</a> | 
+  <a href="#Fingerprinting">🔍 Fingerprinting</a> | 
+  <a href="#InjectionTypes">💥 Injection Types</a> | 
+  <a href="#GUI">🎨 GUI</a> | 
+  <a href="#SQLQueryBuilder">⚙️ SQL Query Builder</a>
+</p>
+
+<p align="center">
+  <a href="https://github.com/Axion-Security/GoInjection/actions">
+    <img alt="CI Status" src="https://img.shields.io/github/actions/workflow/status/Axion-Security/GoInjection/go.yml?branch=main">
+  </a>
+  <a href="https://opensource.org/licenses/MIT">
+    <img alt="License" src="https://img.shields.io/badge/License-CC NonCommercial-blue.svg">
+  </a>
+  <a href="https://github.com/yourusername/GoInjection/stargazers">
+    <img alt="Stars" src="https://img.shields.io/github/stars/Axion-Security/GoInjection">
+  </a>
+</p>
+
+## 🚀 Features
+
+### 🛡️ WAF Identification
+- Detect Web Application Firewalls (WAFs) by analyzing HTTP headers and server responses.
+- Identifies potential WAFs based on changes in response status codes and content patterns.
+
+### 🔍 Fingerprinting
+- Automatically detects the type of database by analyzing errors and executing advanced SQL injection techniques like UNION and stacked queries.
+- Custom tool-generated queries ensure precise fingerprinting.
+
+### ⚙️ Interpreter
+- Automatically selects the correct SQL dialect (MySQL, PostgreSQL, MSSQL, etc.) based on the target DBMS.
+- Ensures the right syntax for effective SQL injections.
+
+### 🧩 Resolver
+- In development, this feature helps identify table columns and the name of the current database for more advanced injections.
+- Essential for gaining deeper access to database structures.
+
+### 💥 Injection Types
+- Supports **Blind Injections** (Boolean and Time-based), **Error-based Injections**, and **UNION-based Injections**.
+- Queries for these injection types are automatically created by the tool’s custom query generator.
+
+### 🎨 GUI (Graphical User Interface)
+- Modern, user-friendly interface designed to simplify the process, making it accessible for both experienced pentesters and beginners.
+- Features intuitive controls for both new and experienced users.
+
+### ⚙️ SQL Query Builder
+- Generates tailored SQL payloads for each DBMS, optimizing query structure, including custom openings, endings, and elements.
+- Fully automated query builder for each injection type.
+
+## 📦 Installation
+
+### Prerequisites:
+Ensure you have Python 3.x installed and the required dependencies:
+
+```bash
+pip install flask pymysql
 ```
+
+### Setup:
+Clone the repository and install dependencies:
+
+```bash
+git clone https://github.com/Axion-Security/GoInjection.git
+pip install flask pymysql
+```
+
+## 📝 Usage Example
+
+Set up a basic SQL Injection Lab for testing:
+
 ```sql
 USE sql_injection_lab;
 
@@ -34,12 +89,7 @@ INSERT INTO products (name, price) VALUES
 ('Headphones', 49.99),
 ('Smartwatch', 199.99);
 ```
-The project includes a test site that is located in `SQL_Injection_Lab.py` file.
 
-## ToDo
-- Add more methods for Getting Database and Columns.
-- Add Table dumping.
-- Make a GUI for the project.
+## 🔑 License
 
-## License
-This project is licensed under the MIT License. See the `LICENSE` file for more details.
+This project is licensed under the [License](/LICENSE). See the `LICENSE` file for more details.
@@ -1,29 +1,18 @@
 from flask import Flask, request, render_template_string
-import mysql.connector
-import re
+import pymysql
 
 app = Flask(__name__)
 
 def get_db_connection():
-    return mysql.connector.connect(
+    """Establish and return a database connection using PyMySQL."""
+    return pymysql.connect(
         host="localhost",
         user="root",
         password="",
-        database="sql_injection_lab"
+        database="sql_injection_lab",
+        cursorclass=pymysql.cursors.DictCursor
     )
 
-def waf_filter(input_data):
-    patterns = [
-        r"('|\-\-|\;|--|\bUNION\b|\bSELECT\b|\bINSERT\b|\bDROP\b|\bUPDATE\b)",
-        r"(\bOR\s1=1\b)",
-    ]
-
-    for pattern in patterns:
-        if re.search(pattern, input_data, re.IGNORECASE):
-            return False
-
-    return True
-
 @app.route('/')
 def index():
     return render_template_string('''
@@ -36,54 +25,30 @@ def index():
     </form>
     ''')
 
-@app.route('/waf_product', methods=['GET'])
-def waf_product():
-    product_id = request.args.get('id')
-
-    if not waf_filter(product_id):
-        return "<h2>Potential SQL Injection attempt blocked by WAF</h2>"
-
-    conn = get_db_connection()
-    cursor = conn.cursor()
-
-    query = f"SELECT * FROM products WHERE id = '{product_id}'"
-    try:
-        cursor.execute(query)
-        product = cursor.fetchone()
-        conn.close()
-        if product:
-            return f"<h2>Product Details</h2><p>ID: {product[0]}</p><p>Name: {product[1]}</p><p>Price: {product[2]}</p>"
-        else:
-            return "<h2>No product found</h2>"
-    except mysql.connector.Error as err:
-        conn.close()
-        return f"<h2>SQL Error: {err}</h2>"
-    except Exception as e:
-        conn.close()
-        return f"<h2>Error: {str(e)}</h2>"
-
 @app.route('/product', methods=['GET'])
 def product():
     product_id = request.args.get('id')
 
     conn = get_db_connection()
     cursor = conn.cursor()
 
-    query = f"SELECT * FROM products WHERE id = '{product_id}'"
+    # Vulnerable query (using string formatting directly)
+    query = "SELECT * FROM products WHERE id = '%s'" % product_id  # SQL Injection vulnerability
     try:
         cursor.execute(query)
         product = cursor.fetchone()
         conn.close()
+
         if product:
-            return f"<h2>Product Details</h2><p>ID: {product[0]}</p><p>Name: {product[1]}</p><p>Price: {product[2]}</p>"
+            return f"<h2>Product Details</h2><p>ID: {product['id']}</p><p>Name: {product['name']}</p><p>Price: {product['price']}</p>"
         else:
             return "<h2>No product found</h2>"
-    except mysql.connector.Error as err:
+    except pymysql.Error as err:
         conn.close()
-        return f"<h2>SQL Error: {err}</h2>"
+        return f"<h2>SQL Error:</h2><pre>{err}</pre>"
     except Exception as e:
         conn.close()
-        return f"<h2>Error: {str(e)}</h2>"
+        return f"<h2>Unexpected Error:</h2><pre>{str(e)}</pre>"
 
 if __name__ == '__main__':
     app.run(debug=True)