jdbaudit(Java Database Audit)
A java library for database security audit.
Features
- Security Auditing
- Vulnerability Detection
- Week Password Detection
- Compliance Testing
- Privilege Security
- Privacy Security
Requirements
- Java 11+
Building
git clone https://github.com/jthinking/jdbaudit.git
cd jdbaudit
mvn install -DskipTests
Usage
Maven
<dependency>
<groupId>com.jthinking.jdbaudit</groupId>
<artifactId>jdbaudit-scanner</artifactId>
<version>0.0.1</version>
</dependency>
Sample
RiskScanner riskScanner = new RiskScanner(100);
riskScanner.submitTask(new ScanTask(DBType.MySQL, RiskType.AUDIT, "localhost", 3306, "root", "root") {
@Override
public void taskCallback(ScanResult scanResult) {
System.out.println(this.getId());
System.out.println(scanResult);
}
@Override
public void taskComplete() {
System.out.println("taskComplete");
}
@Override
public void taskException(Throwable throwable) {
throwable.printStackTrace();
}
});
// only for test purpose
riskScanner.waitUntilFinish();
Command line(Proposal)
jdbaudit-cli scan --risk-type audit --db-type mysql \
--host localhost --port 3306 \
--username root --password root
Supported Databases
- MySQL
- Oracle
- Microsoft SQL Server
- PostgreSQL
- Redis
- Elasticsearch
- Clickhouse
- Hbase
- Hive
Supported Risk Types
- Audit
- Week Password
- Vulnerability
- Privilege
- Privacy
License
This project is licensed under the Apache License 2.0 License - see the LICENSE file for details