Sorcerer's Isle

Open Source tools for software development


QueryParam Scanner

Overview

QueryParam Scanner (qpScanner) is a tool designed to identify possible SQL injection risks in CFML queries.

License:
GPL v3
Repository:
GitHub
Latest Stable:
v0.7.5, 8 January 2013
Latest Preview:
rc0.8, 29 June 2013 (announcement)
Requires:
CF v9 or above, Railo v3 or above, Lucee v4.5 or above
(For CF8, CFMX7 and OpenBD support, use v0.7.3)

Downloads

Eclipse Plugin

The qpScapper plugin for Eclipse-based IDEs connects to a qpScanner instance and uses it to scan selected files and/or directories, and allows configuring default and per-project settings.

It is available as a JAR download (40KB).

Features

The current release of qpScanner has the following features:

If there are other features you would like, please raise them using the GitHub issue tracker.