README
¶
gatewayd-plugin-sql-ids-ips
GatewayD plugin for SQL injection detection and prevention.
Download · Documentation · DeepSQLi
Features
- Defense against dark arts:
- Detects SQL injection attacks using two methods:
- Signature-based detection: Detects SQL injection attacks by matching incoming queries against a list of known malicious queries using a trained deep learning model with Tensorflow and Keras
- Syntax-based detection: Detects SQL injection attacks by parsing incoming queries and checking for suspicious syntax using
libinjection
- Prevents SQL injection attacks by blocking malicious queries from reaching the database server, and returning an error or empty response to the client instead
- Logs an audit trail for detections containing the query and the prediction score
- Sigma rule for detection in SIEM systems
- Prometheus metrics for quantifying detections
- Logging
- Configurable via environment variables
Build for testing
To build the plugin for development and testing, run the following command:
make build-dev
Running the above command causes the go mod tidy and go build to run for compiling and generating the plugin binary in the current directory, named gatewayd-plugin-sql-ids-ips.
Contributing
We welcome contributions from everyone. Just open an issue or send us a pull request.
License
This plugin is licensed under the Affero General Public License v3.0.
Documentation
¶
There is no documentation for this package.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.