Detect malicious SQL injection (SQLi) and XSS payloads in user inputs or request payloads. Ideal for WAF integration, input sanitization, and security monitoring.
Base URL
https://sql-injection-xss-payload-detector-api.p.rapidapi.com
Key Features
- Detect common SQLi and XSS patterns.
- Detect encoded/obfuscated payloads (URL, Base64, Unicode, Hex).
- Returns risk category (
safe,suspicious,exploit attempt) and risk score (0-100). - Supports GET and POST requests.
- Designed for WAF, security dashboards, and input validation.
Additional Features
- Robust error handling to prevent crashes.
- Lightweight and easy to integrate.
- Encodings/obfuscation detection for hidden attacks.
- JSON response with input, risk, and score.
Endpoint
POST /detect
Detect the risk of a user input string or payload.
Full URL:
https://sql-injection-xss-payload-detector-api.p.rapidapi.com/detect
Method: POST
Content-Type: application/json
Headers:
"x-rapidapi-host": "sql-injection-xss-payload-detector-api.p.rapidapi.com"
"x-rapidapi-key": "YOUR_RAPIDAPI_KEY"
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| input | string | Yes | User input or payload to check for SQLi/XSS. |
Example Request (POST)
curl -X POST "https://sql-injection-xss-payload-detector-api.p.rapidapi.com/detect" \
-H "Content-Type: application/json" \
-H "x-rapidapi-host: sql-injection-xss-payload-detector-api.p.rapidapi.com" \
-H "x-rapidapi-key: YOUR_RAPIDAPI_KEY" \
-d '{"input": "1 OR 1=1 --"}'
Example Response
{
"input": "1 OR 1=1 --",
"risk": "suspicious",
"score": 50
}
Risk Scores:
-
0–19→safe -
20–59→suspicious -
60–100→exploit attempt
GET Request Example
curl "https://sql-injection-xss-payload-detector-api.p.rapidapi.com/detect?input=%3Cscript%3Ealert(1)%3C/script%3E" \
-H "x-rapidapi-host: sql-injection-xss-payload-detector-api.p.rapidapi.com" \
-H "x-rapidapi-key: YOUR_RAPIDAPI_KEY"
Response:
{
"input": "<script>alert(1)</script>",
"risk": "exploit attempt",
"score": 70
}
Top comments (0)