Name	Name	Last commit message	Last commit date
Latest commit History 363 Commits
.github/workflows	.github/workflows
benchmarks	benchmarks
playground	playground
smoketests	smoketests
src	src
.editorconfig	.editorconfig
.gitignore	.gitignore
Cargo.toml	Cargo.toml
LICENSE	LICENSE
Makefile	Makefile
README.md	README.md
codecov.yml	codecov.yml

Zen Internals library

Zen Internals is a library that can be used via FFI in different languages. Contains algorithms to detect:

SQL Injections
JS Code Injections

Return codes

Return Code	Description
`0`	Successful, no injection detected
`1`	Successful, injection detected
`2`	Error occurred
`3`	Failed to tokenize SQL

Python FFI Example code

import ctypes zen_internals = ctypes.CDLL("target/release/libzen_internals.so") if __name__ == "__main__": query = "SELECT * FROM users WHERE id = '' OR 1=1 -- '".encode("utf-8") userinput = "' OR 1=1 -- ".encode("utf-8") dialect = 9 # MySQL dialect result = zen_internals.detect_sql_injection( query, len(query), userinput, len(userinput), dialect ) print("Result", result)

See list of dialects

Node.js bindings (using WASM)

Install

curl -L https://github.com/AikidoSec/zen-internals/releases/download/$VERSION/zen_internals.tgz -o zen_internals.tgz curl -L https://github.com/AikidoSec/zen-internals/releases/download/$VERSION/zen_internals.tgz.sha256sum -o zen_internals.tgz.sha256sum sha256sum -c zen_internals.tgz.sha256sum tar -xzf zen_internals.tgz some-directory

API

SQL injection detection

const { wasm_detect_sql_injection } = require("./some-directory/zen_internals"); const detected = wasm_detect_sql_injection( `SELECT * FROM users WHERE id = '' OR 1=1 -- '`, // query `' OR 1=1 -- `, // user input 9 // MySQL dialect ); console.log(detected); // 1

See list of dialects

JS injection detection

const { wasm_detect_js_injection } = require("./some-directory/zen_internals"); const detected = wasm_detect_js_injection( `const x = 1; console.log(x); // ;`, // code `1; console.log(x); // ` // user input ); console.log(detected); // 1

By default, the function expects the input to be JavaScript code (CJS or ESM). TypeScript is also supported by specifying the appropriate type as the third argument with corresponding source type number.

IDOR SQL analysis

Analyzes SQL queries to extract tables and filters for IDOR (Insecure Direct Object Reference) protection.

const { wasm_idor_analyze_sql } = require("./some-directory/zen_internals"); const result = wasm_idor_analyze_sql( `SELECT * FROM users u WHERE u.tenant_id = $1`, // query 9 // PostgreSQL dialect ); console.log(JSON.parse(result)); // [ // { // kind: "select", // tables: [{ name: "users", alias: "u" }], // filters: [{ table: "u", column: "tenant_id", value: "$1" }] // } // ] const insertResult = wasm_idor_analyze_sql( `INSERT INTO users (name, tenant_id) VALUES ('John', $1)`, 9 ); console.log(JSON.parse(insertResult)); // [ // { // kind: "insert", // tables: [{ name: "users" }], // filters: [], // insert_columns: [[{ column: "name", value: "John" }, { column: "tenant_id", value: "$1" }]] // } // ]

FFI IDOR SQL analysis

import ctypes import json zen_internals = ctypes.CDLL("target/release/libzen_internals.so") zen_internals.idor_analyze_sql_ffi.argtypes = [ ctypes.POINTER(ctypes.c_uint8), ctypes.c_size_t, ctypes.c_int, ] zen_internals.idor_analyze_sql_ffi.restype = ctypes.c_char_p zen_internals.free_string.argtypes = [ctypes.c_char_p] def analyze_sql(query_str, dialect): query = query_str.encode("utf-8") query_buffer = (ctypes.c_uint8 * len(query)).from_buffer_copy(query) result_ptr = zen_internals.idor_analyze_sql_ffi(query_buffer, len(query), dialect) result = json.loads(result_ptr.decode("utf-8")) zen_internals.free_string(result_ptr) return result print(analyze_sql("SELECT * FROM users u WHERE u.tenant_id = $1", 9)) # [ # { # "kind": "select", # "tables": [{ "name": "users", "alias": "u" }], # "filters": [{ "table": "u", "column": "tenant_id", "value": "$1" }] # } # ] print(analyze_sql("INSERT INTO users (name, tenant_id) VALUES ('John', $1)", 9)) # [ # { # "kind": "insert", # "tables": [{ "name": "users" }], # "filters": [], # "insert_columns": [[{ "column": "name", "value": "John" }, { "column": "tenant_id", "value": "$1" }]] # } # ]

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

AikidoSec/zen-internals

Folders and files

Latest commit

History

Repository files navigation

Zen Internals library

Return codes

Python FFI Example code

Node.js bindings (using WASM)

Install

API

SQL injection detection

JS injection detection

IDOR SQL analysis

FFI IDOR SQL analysis

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases 63

Uh oh!

Contributors

Uh oh!

Languages