libinjection is a C library that detects SQLi attacks in user input. It is designed to be embedded in existing or new applications:
It is based on lexical analysis of SQL and SQLi attempts and does not use regular expressions.
A python port is planned and ports to other languages should not be difficult.
First presented at OWASP NYC at DTCC’s headquarters at 55 Water Street in NYC on September 20, 2012.
First presented at Black Hat USA, July 25, 2012, 2:45 PM
Research based on libjection, first presentated at DefCon 20, July 27, 2012, 4:20pm
Code-coverage report coming soon.