Skip to content

LavedenC1/SeWAF

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
ai_detector
ai_detector
 
 
static
static
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
config.json
config.json
 
 
main.py
main.py
 
 
requirements.txt
requirements.txt
 
 
run.sh
run.sh
 
 
waf.pkl
waf.pkl
 
 

Repository files navigation

SeWAF

Local hosted AI powered WAF
100% accuracy (18000+ SQLi/XSS/SSRF payloads tested, 100% detection rate)

Installation

  1. Create a virtual environment and install packages
uv venv
source .venv/bin/activate
uv pip install -r requirements.txt
  1. Run it! (Assuming your application is running on port 5001)
bash run.sh
  1. Protected Web App can be accessed at port 8888 (configurable in run.sh)

Usage

  1. Set your endpoint to port 8888
  2. That's it!

Training the AI

  1. Start mitm proxy without forwarding and enable logging in main.py
mitmproxy -s main.py --listen-port 8888
  1. Set up the HTTP proxy in your web browser and do normal things
  2. Once you have enough data, stop mitm proxy
  3. Change "label" to 0 in convert.py (line 32)
  4. Run convert.py, and copy output.jsonl into ai_detector/data.jsonl (make sure data.jsonl is fully empty (unless you want to append data))
  5. Delete output.jsonl and data.json
  6. Repeat steps 1-6 but generate suspicious traffic (sqlmap/etc) and set "label" to 1
  7. Run train.py
  8. Move waf.pkl into the project root directory
  9. Done!

About

Local AI Powered WAF

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages