Skip to content

chitteshwari/Web-Application-Firewall

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 

Repository files navigation

Web-Application-Firewall

ℹ️ℹ️ About the project:

Web Application Firewall (Intrusion Detection System) built for a live open source vulnerability website (demo.testfire.net). The data is collected from Acunetix scans (web crawling and high SQL injection vulnerability scans) of the target website. BurpSuite is used as a proxy for these scans. The logs from BurpSuite are cleaned and used as the custom training dataset for the ML model.

Machine Learning (K means clustering) is used to classify whether a live HTTP request made to the website is legitimate or a malicious SQL Injection.

📤📤Demo of the project:

When the query “hello” is typed, a legitimate request is detected

image

When the query “1234” is typed, a legitimate request is detected

image

When the query “' UNION SELECT sum(columnname ) from tablename –" is typed, SQL injection attack is detected image

About

Web Application Firewall (Intrusion Detection System) done for a live open source vulnerability website (demo.testfire.net) using data collected from BurpSuite scans. Machine Learning is used to classify whether a HTTP request made to the website is legitimate or a malicious SQL Injection.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages