Sorcerer's Isle Technologies

Bespoke web and software development services.


QueryParam Scanner

QueryParam Scanner (qpScanner) is a tool designed to identify possible SQL injection risks in CFML queries.

Source:
GitHub
License:
GPL v3
Latest Stable:
v0.7.5, 8 January 2013
Latest Preview:
rc0.8, 29 June 2013
Requires:
CF v9 or above, Railo v3 or above
(For CF8, CFMX7 and OpenBD support, use v0.7.3)

Eclipse Plugin

If you use an Eclipse-based IDE, there is a plugin which connects to a qpScanner instance and uses it to scan selected files and/or directories.

The plugin also enables you to configure default and per-project settings.

It is available as a JAR download.

Features

The current release of qpScanner has the following features:

If there are other features you would like, please raise them using the GitHub issue tracker.