SQLI Guard is a comprehensive, AI-powered tool designed to detect, analyze, visualize, and prevent SQL injection attacks. It leverages advanced machine learning models (BERT, GAN, Stable Diffusion), natural language processing, and interactive visualizations to provide robust cybersecurity analysis and protection for SQL queries. The tool includes a Gradio-based web interface for intuitive user interaction, making it suitable for developers, security researchers, and red teamers.
- AI-Powered Detection: BERT-based classification of SQL queries
- Interactive Visualizations: 3D pattern analysis, heatmaps, and network graphs
- Protection Tools: Query sanitization and parameterization
- Red Team Simulation: Generate adversarial SQL injection examples
- Honeypot Simulation: Simulate attack scenarios
- Natural Language to SQL: Convert plain English to secure SQL
- Voice Interface: Voice-to-SQL conversion
- Stable Diffusion Integration: Generate attack story visuals
- Community Pattern Library: Crowdsourced detection patterns
- Python 3.8+
- CUDA-enabled GPU (optional, for faster computation with PyTorch)
- Groq API key (sign up at x.ai/api)
- FFmpeg (for audio processing, required for voice-to-SQL)
- Clone the repository:
git clone https://github.com/JaanuNan/sqli-guard.git
cd sqli-guard- Install dependencies:
pip install -r requirements.txt- Set up your Groq API key (for LLM features):
export GROQ_API_KEY="your-api-key-here"Run the Gradio interface:
python app.pyThe web interface will launch at http://localhost:7860 with these main components:
- Query Analysis:Enter a SQL query in the "Query Analysis" tab.Select the database type (generic, MySQL, PostgreSQL) and image style (comic-strip, cyberpunk, realistic).Click "Analyze Query" to view classification, confidence scores, visualizations, sanitized query, and threat analysis.
- Protection Tools:Review sanitized and parameterized queries.Explore the attack DNA network graph for pattern analysis.
- Honeypot Simulation:Run simulations to generate mock attack data and visualize classification results.
- Red Team Simulator:Generate adversarial SQL queries by selecting an attack type (basic, blind, obfuscated, etc.).Analyze the complexity of generated queries.
- Voice-to-SQL:Upload an audio file or record a natural language query.Convert it to a secure SQL query with accompanying visualizations and CSV export.
- Community Patterns:Submit new SQL injection patterns with descriptions and severity levels.View the community pattern library in a table format.
- Security Assistant:Interact with AskSQLiBot to ask questions about SQL injection prevention and best practices.
Query analysis with 3D visualization
Honeypot attack simulation
- Machine Learning: BERT model fine-tuned for SQLi detection
- Visualization: Plotly for interactive 3D and 2D charts
- Natural Language Processing: Groq/Llama for explanations
- Adversarial Generation: GAN for attack pattern generation
- Voice Interface: Whisper-based speech recognition
See requirements.txt for full dependency list.
Contributions are welcome! Please open an issue or submit a pull request.
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
Distributed under the MIT License. See LICENSE for more information.
Project Link: https://github.com/JaanuNan/sqli-guard.git Live Demo: https://huggingface.co/spaces/JananiN/sqliguard
- Built with Gradio for the interactive UI.
- Powered by Hugging Face Transformers for BERT and Stable Diffusion.
- Leverages Groq API for NLP and transcription.
- Visualizations created with Plotly and NetworkX.
- For the Stable Diffusion model, you may want to add
xformersfor better performance if using CUDA - Consider adding a
.env.examplefile for environment variables - You might want to add a
setup.pyfor pip installation if you plan to package this
Protect your applications from SQL injection with SQLI Guard!