sql-sniffer
Advanced tools
A watchdog for sensitive Database commands and transactions that (when given a text string) will return an array of recognized sensitive SQL phrases if present
Given a string, will return an array of recognize phrases (if present within that string) that pertain to certain System, Data Dictionary, Anonymous Block, DML or DDL database function.
A simple watchdog for sensitive Database commands and transactions.
npm install sql-sniffer
All patterns are case insensitive
| symbol | function |
|---|---|
| * | any one of the folowing characters or combos--> ; ' " -- \ /* ' |
| ... | any white space between |
| ..W.. | any white space and/or words between |
| C | any "\w" character |
| pattern | a.k.a. |
|---|---|
| *...truncate...table | * truncate table |
| *...drop...table | * drop table |
| *...drop...procedure | * drop procedure |
| *...drop...package | * drop package |
| *...drop...function | * drop function |
| *...drop...index | * drop index |
| *...drop...bitmap...index | * drop bitmap index |
| *...drop...unique...index | * drop unique index |
| *...drop...materialized...view | * drop materialized view |
| *...drop...view | * drop view |
| *...drop...trigger | * drop trigger |
| *...drop...type | * drop type |
| *...delete...from | * delete from |
| *...purge...table | * purge table |
| *...purge...recyclebin | * purge recyclebin |
| pattern | a.k.a. |
|---|---|
| *...create...or...replace | * create or replace |
| *...create...table | * create table |
| *...alter...table | * alter table |
| *...create...procedure | * create table |
| *...create...package | * create package |
| *...create...function | * create function |
| *...create...index | * create index |
| *...alter...index..W..rebuild | * alter index [TEXT HERE] rebuild |
| *...alter...index..W..rename | * alter index [TEXT HERE] rename |
| *...create...bitmap...index | * create bitmap index |
| *...create...unique..index | * create unique index |
| *...create...materialized view | * create materialized view |
| *...create...view | * create view |
| *...alter...view | * alter view |
| *...create...trigger | * create trigger |
| *...create...type...as | * create type as |
| pattern | a.k.a. |
|---|---|
| *...alter...system...set | * alter system |
| *...shutdown...normal | * shutdown normal |
| *...shutdown...immediate | * shutdown immediate |
| *...shutdown...transactional | * shutdown transactional |
| *...shutdown...abort | * shutdown abort |
| pattern | a.k.a. |
|---|---|
| *...update...set | * update set |
| *...insert...into | * insert into |
| *...insert...all...into | * insert all into |
| *...merge...into..W..using | * merge into [TEXT HERE] using |
| pattern | a.k.a. |
|---|---|
| *...begin..W..;...end | begin [TEXT HERE]; end |
| *...sys.C | sys.[TEXT HERE] |
| *...execute immediate | execute immediate |
| *...&& | && |
| pattern | a.k.a. |
|---|---|
| v$ | v$ |
| from..W..all_ | from [TEXT HERE] all_ |
| from..W..dba_ | from [TEXT HERE] dba_ |
| from..W..user_ | from [TEXT HERE] user_ |
| pattern | a.k.a. |
|---|---|
| 1...=...1...-- | 1=1-- |
| 1...=...1...# | 1=1# |
| 1...=...1.../* | 1=1/* |
| '...1...'...=...'...1...-- | '1'='1-- |
| admin...'...-- | admin'-- |
| admin...'...# | admin'# |
| admin...'.../* | admin'/* |
FAQs
A watchdog for sensitive Database commands and transactions that (when given a text string) will return an array of recognized sensitive SQL phrases if present
The npm package sql-sniffer receives a total of 2 weekly downloads. As such, sql-sniffer popularity was classified as not popular.
We found that sql-sniffer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
npm now supports Trusted Publishing with OIDC, enabling secure package publishing directly from CI/CD workflows without relying on long-lived tokens.
Research
/Security News
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
Security News
The CNA Scorecard ranks CVE issuers by data completeness, revealing major gaps in patch info and software identifiers across thousands of vulnerabilities.