Security Plugins Hub

Bring your software development workflows to security



Signals & Triggers

On request
If request body or query string match a OWASP Modsecurity core rule


  • Log the malicious request Log the malicious request


This plugin detects injections attempts in your application traffic based on a set of signatures published by the OWASP and qualified by Sqreen.

Detecting attacks acurately just using flat network data is inefficient and prone to false positives. This detection is mostly used by Sqreen to get an early signal to improve attack detection inside the application.

Advanced details

On HTTP request, Sqreen executes a qualified subset of the OWASP Modsecurity Core Rules Set to detect injections attempts.

Sqreen filters findings based on an internal Knowledge base to reduce false positives. This happens on Sqreen backend.

The following injections categories are covered:

  • SQL Injection (SQLi)
  • Cross Site Scripting (XSS)
  • Local File Inclusion (LFI)
  • Remote File Inclusion (RFI)
  • Remote Code Execution (RCE)
  • PHP Code Injections

More details at

Language support

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java

Data collected by Sqreen


No data collected

On attack
  • Request payload
  • Attacker IP
  • Attacker account (Sqreen SDK)

Built for developers and modern apps

Get up and running in minutes just by installing our lightweight library. Enable plugins in just a couple of clicks.

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java
  • Go
  • .net
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9

$ echo "gem 'sqreen'" >> Gemfile

$ bundle install

$ echo "token: your token" > config/sqreen.yml

$ npm install --save sqreen

$ echo '{ "token": "your token" }' > sqreen.json

$ curl -s > && bash your token

$ pip install sqreen

$ echo -e "[sqreen]\ntoken: your token" > sqreen.ini

$ curl -o sqreen.jar

Request your beta access for the Go agent Request beta
Get notified when the .net agent releases Notify me

Build amazing products. Keep them safe.

5 min installation · Try all features for 14 days · No credit card required Sign up Request demo