sqld

package
v0.2.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 12, 2024 License: BSD-3-Clause Imports: 6 Imported by: 0

README

SQL Detector

The sqld service type implements SQL injection attack detection. Regular expressions and a GRU recurrent neural network are used to detect SQL injection attacks.

The available service settings are as follows:

Name Type Description
file string An optional file name for custom neural network weights

The available input for the request are as follows:

Name Type Description
payload JSON object A payload to do SQL injection attack detection on

The available response outputs are as follows:

Name Type Description
attack number The probability that the payload is a SQL injection attack
attackValues JSON object The SQL injection attack probability for each string in the payload

A sample service definition is:

{
  "name": "SQLSecurity",
  "description": "Look for sql injection attacks",
  "ref": "github.com/AiRISTAFlowInc/fs-microgateway/activity/sqld"
}

An example step that invokes the above SQLSecurity service using payload is:

{
  "service": "SQLSecurity",
  "input": {
    "payload": "=$.payload"
  }
}

Utilizing the response values can be seen in a response handler:

{
  "if": "$.SQLSecurity.outputs.attack > 80",
  "error": true,
  "output": {
    "code": 403,
    "data": {
      "error": "hack attack!",
      "attackValues": "=$.SQLSecurity.outputs.attackValues"
    }
  }
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func New

Types

type Activity

type Activity struct {
	Maker *injectsec.DetectorMaker
}

Activity is a SQL injection attack detector

func (*Activity) Eval

func (a *Activity) Eval(ctx activity.Context) (done bool, err error)

Eval executes the activity

func (*Activity) Metadata

func (a *Activity) Metadata() *activity.Metadata

Metadata return the metadata for the activity

type Input

type Input struct {
	Payload map[string]interface{} `md:"payload,required"`
}

func (*Input) FromMap

func (r *Input) FromMap(values map[string]interface{}) error

func (*Input) ToMap

func (r *Input) ToMap() map[string]interface{}

type Output

type Output struct {
	Attack       float32                `md:"attack"`
	AttackValues map[string]interface{} `md:"attackValues"`
}

func (*Output) FromMap

func (o *Output) FromMap(values map[string]interface{}) error

func (*Output) ToMap

func (o *Output) ToMap() map[string]interface{}

type Settings

type Settings struct {
	File string `md:"file"`
}

Directories

Path Synopsis
api
gru

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL