From efa0296874d762679a68aafb03a75f729ccebd4a Mon Sep 17 00:00:00 2001 From: Deanne Vaz Date: Wed, 23 Oct 2024 23:23:27 +0530 Subject: [PATCH] Delete Cybersecurity_Tools/Web Application Firewall directory --- .../Web Application Firewall/README.md | 44 ------------- .../Web Application Firewall/waf.py | 61 ------------------- 2 files changed, 105 deletions(-) delete mode 100644 Cybersecurity_Tools/Web Application Firewall/README.md delete mode 100644 Cybersecurity_Tools/Web Application Firewall/waf.py diff --git a/Cybersecurity_Tools/Web Application Firewall/README.md b/Cybersecurity_Tools/Web Application Firewall/README.md deleted file mode 100644 index a9c488528..000000000 --- a/Cybersecurity_Tools/Web Application Firewall/README.md +++ /dev/null @@ -1,44 +0,0 @@ -## **Web Application Firewall** - -### ๐ŸŽฏ **Goal** - -The goal of this code is to create a Flask-based web application designed to process user input securely by preventing common web security threats. - -### ๐Ÿงต **Dataset** - -N/A - -### ๐Ÿงพ **Description** - -This Python code is a Flask-based web application designed to process user input securely by preventing common web security threats like SQL Injection and Cross-Site Scripting (XSS). It uses pattern matching with regular expressions to detect these threats in the input. Additionally, it has a rate-limiting feature, limiting the number of requests from a single user to prevent abuse (DoS attacks). - -### ๐Ÿงฎ **What I had done!** - -1. Threat Detection: Implemented pattern matching using regular expressions to detect potential SQL injection and XSS attacks in user input. -2. Input Sanitization: By using the html.escape() function, ensured that any harmful HTML characters are escaped, preventing malicious scripts from being executed in the browser. -3. Rate Limiting: Integrated Flask-Limiter to impose rate limits (e.g., 10 requests per minute) on incoming requests, protecting the app from abuse such as denial of service (DoS) attacks. -4. Logging: You set up logging to record any detected security events, such as SQL injection attempts or XSS attacks. This helps with monitoring and auditing the security of the application. - -### ๐Ÿš€ **Models Implemented** - -N/A - -### ๐Ÿ“š **Libraries Needed** - -1. `Flask` : It is a lightweight web framework used to handle HTTP requests and responses, providing routes like /submit for user interaction. -2. `Flask-Limiter` : Provides rate-limiting to protect the application from abuse, such as a Denial of Service (DoS) attack by limiting the number of requests a user can make. - -### ๐Ÿ“Š **Exploratory Data Analysis Results** - -N/A. - -### ๐Ÿ“ˆ **Performance of the Models based on the Accuracy Scores** - -N/A. - -### ๐Ÿ“ข **Conclusion** - -This Flask-based web application effectively implements basic cybersecurity protections by detecting and preventing common threats like SQL Injection and Cross-Site Scripting (XSS) through pattern matching and input sanitization. The addition of rate-limiting safeguards the application from excessive requests, helping to mitigate DoS attacks. The app also incorporates robust logging to track security events, making it a simple yet effective solution for securing user input and enhancing web application security. - -**Deanne Vaz** -[GitHub](https://github.com/djv554) | | [LinkedIn](https://www.linkedin.com/in/deanne-vaz/) diff --git a/Cybersecurity_Tools/Web Application Firewall/waf.py b/Cybersecurity_Tools/Web Application Firewall/waf.py deleted file mode 100644 index a8e026dea..000000000 --- a/Cybersecurity_Tools/Web Application Firewall/waf.py +++ /dev/null @@ -1,61 +0,0 @@ -import re -import logging -from flask import Flask, request, jsonify -from html import escape -from flask_limiter import Limiter -from flask_limiter.util import get_remote_address - -app = Flask(__name__) - -# Rate limiting configuration -limiter = Limiter(app, key_func=get_remote_address) - -# Set up logging for security events -logging.basicConfig(filename='security.log', level=logging.INFO) - -# Expanded SQL Injection and XSS patterns -SQL_INJECTION_PATTERN = re.compile( - r"(?:--|;|'|\"|OR|AND|SELECT|INSERT|DELETE|UPDATE|DROP|UNION|#|/\*|\*/|CHAR|HEX)", re.IGNORECASE) -XSS_PATTERN = re.compile(r"(|<.*?on[a-zA-Z]+\s*=|javascript:|data:text/html)", re.IGNORECASE) - -def is_safe(input_string): - """Check if the input string is safe from SQL injection and XSS.""" - if SQL_INJECTION_PATTERN.search(input_string): - logging.warning(f"SQL Injection detected: {input_string}") - return False, "Potential SQL Injection detected." - if XSS_PATTERN.search(input_string): - logging.warning(f"XSS attack detected: {input_string}") - return False, "Potential XSS detected." - return True, "" - -@app.route('/submit', methods=['POST']) -@limiter.limit("10 per minute") # Rate limiting: max 10 requests per minute -def submit(): - try: - data = request.json - if not data or "user_input" not in data: - return jsonify({"error": "Invalid input. Please provide valid JSON."}), 400 - - user_input = data.get("user_input", "") - # Input length validation - if len(user_input) > 1000: - return jsonify({"error": "Input too long."}), 413 - - # Sanitize the input to escape harmful HTML characters - safe_input = escape(user_input) - - # Check if the input is safe - is_safe_input, reason = is_safe(safe_input) - if not is_safe_input: - return jsonify({"error": reason}), 400 - - # Log and process the safe input - logging.info(f"Safe input processed: {safe_input}") - return jsonify({"message": "Input processed successfully!"}), 200 - - except Exception as e: - logging.error(f"Error processing request: {e}") - return jsonify({"error": "An error occurred processing the request."}), 500 - -if __name__ == '__main__': - app.run(debug=True)