Zen Internals library.

Zen Internals is a library that can be used via FFI in different languages. Contains algorithms to detect:

• Shell Injections (WIP)
• SQL Injections

Python FFI Example code :

import ctypes
zen_internals = ctypes.CDLL("target/release/libzen_internals.so")

if __name__ == "__main__":
    command = "whoami | shell".encode("utf-8")
    userinput = "whoami".encode("utf-8")
    result = zen_internals.detect_shell_injection(command, userinput)
    print("Result", bool(result))

Node.js bindings

Install

$ npm install @aikidosec/zen-internals

$ yarn add @aikidosec/zen-internals

API

SQL injection detection

const { wasm_detect_sql_injection } = require("@aikidosec/zen-internals");

const detected = wasm_detect_sql_injection(
    `SELECT * FROM users WHERE id = '' OR 1=1 -- '`, // query
    `' OR 1=1 -- `, // user input
    9 // MySQL dialect
);

console.log(detected); // 1

See list of dialects