Welcome to the SqliGPT repository! This project is dedicated to enhancing SQL Injection detection and prevention using advanced machine learning techniques. SqliGPT is a groundbreaking approach that leverages the power of GPT (Generative Pre-trained Transformer) models to understand and predict SQL injection patterns more accurately.
SQL Injection (SQLi) is a prevalent security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It is one of the oldest, most prevalent, and most dangerous web application vulnerabilities. SqliGPT aims to tackle this challenge by using Large Language Models to analyze and predict SQLi attacks.
As part of our commitment to transparency and collaboration, we have released our Benchmark. This benchmark is based on sqli-labs, and we also referenced five real-world CVEs from SQIRL's SQLiMicroBenchmark[1].
To get started with SqliMicroBenchmark, clone this repository and navigate to the SqliMicroBenchmark directory:
git clone https://github.com/guizhiwen/SqliGPT.git
cd SqliGPT/SqliMicroBenchmarkFollow the instructions in the README.md file within the SqliMicroBenchmark directory to set up and run the tests.
The full source code of SqliGPT will be released in the upcoming months. We are currently refining the model and conducting extensive testing to ensure its effectiveness and robustness. Stay tuned for updates!
This project is licensed under the MIT License - see the LICENSE file for details.
- Thanks to all the contributors who have invested their time and effort in helping to develop SqliGPT.
- Special thanks to the cybersecurity research community for their ongoing support and collaboration.
For any questions or suggestions, feel free to contact us at [guizhiwen18@nudt.edu.cn].
Thank you for your interest in SqliGPT. Together, we can make a significant impact on improving web security!
[1]https://github.com/ICL-ml4csec/SQIRL/tree/main/SQLiMicrobenchmark