This repository contains a python script test_suite.py that tests *.php pages inside the pages folder for SQL injections using pytest. It also includes a Docker Compose file to start a PHP web server, an Adminer instance, and a MySQL database that takes SQL initialization from the ./setup folder.
Before you begin, ensure you have met the following requirements:
- You have installed Python 3.11 or later. Might work on older versions, but install packages manually.
- You have installed Docker and Docker Compose.
If you wish to just fire and forget, run the following command:
make run-allThis will create venv directory, install modules, build docker images, start docker containers, run tests and stop docker containers.
-
Clone the repository:
git clone https://github.com/Siponek/SQL-attack-testsuite.git cd SQL-attack-testsuite -
Create a virtual environment and install the required Python packages:
make install_reqs
-
Build the Docker images:
make build
-
Start the Docker services:
make up
-
Stop the Docker services:
make down
To run the test suite, use the following command:
make test- To generate a requirements.txt file:
make reqs- To remove the virtual environment:
make cleanIf you wish to contribute to this project, please fork the repository and submit a pull request.
This project uses the following license: MPL-2.0 license.