QueryParam Scanner (qpScanner) is a tool designed to identify possible SQL injection risks in CFML queries.
$ sha256sum qpscanner-0.8.zip 69bc619acde8e8cfb2c4e77897ae555b734c60bb1a9a0c5f573219b4bf5b9033 *qpscanner-0.8.zip $ sha256sum qpscanner-0.7.3.2.zip 8c710d3e1cceb85da7a2c9804d28c9f90bec5804f402cd2e7319e85a69abfe81 *qpscanner-0.7.3.2.zip $ sha256sum hybridchill.eclipse.qpscanner_0.1.0.0.jar 3c85c73bc950e6b394c8400da0868830fc57d6681744d00518c550e69f73e042 *hybridchill.eclipse.qpscanner_0.1.0.0.jar(A mismatch indicates a corrupted file; repeat the download and re-verify.)
The qpScapper plugin for Eclipse-based IDEs connects to a qpScanner instance and uses it to scan selected files and/or directories, and allows configuring default and per-project settings.
It is available as a JAR download (40KB).
The current release of qpScanner has the following features:
If there are other features you would like, please raise them using the GitHub issue tracker.