SyedShaheerHussain/Web-Application-Firewall-WAF-Simulation-GUI
Monitors, Detects, and Blocks SQL Injection and XSS attacks in real time.
๐ก๏ธ Web Application Firewall (WAF) Simulation
Monitors, Detects, and Blocks SQL Injection and XSS attacks in real time.
Developed By: ยฉ Syed Shaheer Hussain
๐ Description
This project is a fully functional Web Application Firewall (WAF) Simulation built using Python and FastAPI, designed for educational, demonstration, and learning purposes. It simulates how a real-world WAF protects web applications from common web attacks such as SQL Injection (SQLi) and Cross-Site Scripting (XSS).
The system acts as a middleware layer between users and a protected web application, inspecting every incoming request, detecting malicious payloads, blocking attacks, and visualizing traffic statistics through a modern web dashboard.
๐ท Screenshots
.png)
.png)
.png)
.png)
.png)
.png)
๐ฏ Objectives
- Understand how a WAF works internally
- Detect and block SQL Injection & XSS attacks
- Visualize allowed vs blocked traffic
- Learn middleware-based security enforcement
- Simulate real-world web security behavior
- Provide an FYP / cybersecurity demo-ready project
๐ง Concepts Covered
- Web Security
- Web Application Firewall (WAF)
- SQL Injection (SQLi)
- Cross-Site Scripting (XSS)
- HTTP Middleware
- Pattern Matching (Regex)
- Traffic Monitoring
- Secure Coding Practices
- Cybersecurity Defense Simulation
โ What is a WAF?
A Web Application Firewall (WAF) is a security layer that:
- Monitors HTTP/HTTPS traffic
- Filters malicious requests
- Blocks web-based attacks
- Protects backend applications and databases
๐ WAF sits between the client (browser) and the server (application).
๐ก Value of This Project
- Helps students understand real-world web security
- Demonstrates attack detection logic
- Ideal for Final Year Projects (FYP)
- Practical cybersecurity learning
- Extendable to ML-based detection
๐๏ธ Architecture
๐ Request Flow
- User sends request from browser
- Request passes through WAF middleware
- Payload extracted (query + body)
- SQLi/XSS rules applied
- Decision made (Allow / Block)
- Stats updated
- Dashboard updated
๐ Flow Chart (Textual)
Browser Request
โ
WAF Middleware
โ
Payload Normalization
โ
Rule Engine (SQLi / XSS)
โ
Decision
โ โ
Allow Block
โ โ
App Error Page
๐ Folder Structure
WAF-Project/
โ
โโโ main.py # FastAPI app & middleware
โโโ waf_engine.py # Detection logic
โโโ rules.py # SQLi & XSS regex patterns
โโโ logger.py # Attack logging
โโโ templates/
โ โโโ login.html
โ โโโ dashboard.html
โโโ static/
โ โโโ style.css
โโโ logs/
โ โโโ attacks.log
โโโ requirements.txt
โโโ README.md
๐ ๏ธ Technologies Used
- ๐ Python 3.10+
- โก FastAPI
- ๐ HTML5, CSS3, JavaScript
- ๐ Chart.js
- ๐ Regex-based Detection
- ๐งช REST APIs
๐งช Features
- โ SQL Injection detection
- โ XSS attack detection
- ๐ Live traffic visualization
- ๐ซ Automatic request blocking
- ๐ Allowed vs Blocked graph
- ๐งพ Attack logging
- ๐งช Manual payload testing
- ๐ Educational dashboard
โ๏ธ Functions & Modules
๐น detect_attack(payload)
- Scans payload for SQLi/XSS
- Uses regex rules
- Returns verdict
๐น Middleware
- Intercepts every HTTP request
- Applies WAF logic
- Blocks malicious traffic
๐น /test Endpoint
- Manual testing of payloads
- Simulates attacks
๐น /stats Endpoint
- Returns allowed/blocked counts
๐งโ๐ป Installation (Step-by-Step)
1๏ธโฃ Install Python
Download Python from:
https://www.python.org
โ Make sure Add Python to PATH is checked
2๏ธโฃ Install Dependencies
pip install fastapi uvicorn jinja2
3๏ธโฃ Project Setup
cd waf_simulation
โถ๏ธ How to Run
uvicorn main:app --reload
Expected output:
Running on http://127.0.0.1:8000
๐ How to Open (Chrome)
- Open Google Chrome
- Go to:
http://127.0.0.1:8000
๐ Login Details
Username: admin
Password: admin123
๐งช How to Use
- Login to dashboard
- Enter payload in text box
- Click Detect
- View result (Allowed / Blocked)
- Watch graph update automatically
๐ฅ Example Payloads
โ SQL Injection
' OR 1=1 --
โ XSS
<script>alert(1)</script>
โ Normal Input
hello world
โ ๏ธ Cautions
Caution
- This is a simulation, not a production WAF
- Regex-based detection has limitations
- Do not deploy on live servers
๐ Important Notes
- Designed for learning & demo purposes
- Easily extendable
- Clean & modular code
๐ข Disclaimer
Note
This project is intended strictly for educational and research purposes. The developer is not responsible for misuse of this system.
๐ Future Enhancements
- ๐ค Machine Learning-based detection
- ๐ Role-based access control
- ๐ IP reputation system
- ๐ PDF attack reports
- โฑ๏ธ Time-series traffic graphs
- ๐งช Automated attack generator
๐ Conclusion
This WAF Simulation provides a clear, realistic, and interactive understanding of how modern web security systems defend against common attacks. It bridges the gap between theory and practical cybersecurity implementation.
โญ Support & Engagement
If you find this repository useful or insightful, please consider:
- โญ Starring the repository
- ๐ Sharing it within your network
- ๐ค Following my GitHub profile for future projects and updates
Your support helps drive continued innovation and open-source contributions.
โ Syed Shaheer Hussain
ยฉ Copyright
ยฉ 2026 Syed Shaheer Hussain
All rights reserved.