{"id":44306931,"url":"https://github.com/thirt33n/grindwall","last_synced_at":"2026-02-11T03:17:35.504Z","repository":{"id":192407477,"uuid":"684936837","full_name":"thirt33n/Grindwall","owner":"thirt33n","description":"ML Based Firewall System","archived":false,"fork":false,"pushed_at":"2024-03-11T09:52:01.000Z","size":3016,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-03-11T11:04:41.901Z","etag":null,"topics":["ada-boost-classifier","firewall","machine-learning","ml","ml-based-firewall","monitoring","network","network-security","random-forest","waf","web","web-app-firewall","web-security"],"latest_commit_sha":null,"homepage":"","language":"Jupyter Notebook","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/thirt33n.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2023-08-30T06:49:51.000Z","updated_at":"2024-03-11T11:04:41.901Z","dependencies_parsed_at":"2023-12-12T21:48:52.019Z","dependency_job_id":null,"html_url":"https://github.com/thirt33n/Grindwall","commit_stats":{"total_commits":11,"total_committers":2,"mean_commits":5.5,"dds":"0.18181818181818177","last_synced_commit":"c0774425225dc37081fdb032a1bed6728cd48fda"},"previous_names":["thirt33n/grindwall"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/thirt33n/Grindwall","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thirt33n%2FGrindwall","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thirt33n%2FGrindwall/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thirt33n%2FGrindwall/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thirt33n%2FGrindwall/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/thirt33n","download_url":"https://codeload.github.com/thirt33n/Grindwall/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thirt33n%2FGrindwall/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29326097,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-11T02:08:56.257Z","status":"ssl_error","status_checked_at":"2026-02-11T02:08:51.338Z","response_time":97,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ada-boost-classifier","firewall","machine-learning","ml","ml-based-firewall","monitoring","network","network-security","random-forest","waf","web","web-app-firewall","web-security"],"created_at":"2026-02-11T03:17:34.786Z","updated_at":"2026-02-11T03:17:35.486Z","avatar_url":"https://github.com/thirt33n.png","language":"Jupyter Notebook","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GRINDWALL \n\n## ML based Firewall System\n\n## Description:\n\n\u003cbr\u003e\nGrindwall is an ML based Firewall System that uses a machine learning model to filter out bad or malicious requests to the server.\n\u003c/br\u003e\n\u003cbr\u003e\n\u003cli\u003eEach model uses a specefic classification algorithm to determine the nature of incoming packets and classifies them on the basis of the vulnerability that the request tries to exploit.\n\u003c/li\u003e\n\u003cli\u003eBad Packets are dropped by the server and the client is displayed with a message.\n\u003c/li\u003e\n\n## Contents:\n\n\u003col\u003e\n  \u003ch3\u003eDatasets\u003c/h3\u003e\n\u003cli\u003efull_xss_sqli_dataset.csv =  Dataset for training the model - Version 1\n\u003cli\u003eversion_4_full.csv - Full dataset for Version 4(includes cmdi)\n\u003cli\u003enew_specs_dataset.csv - Dataset for classifying according to vulnerability.\n\n  \u003ch3\u003eScripts\u003ch3\u003e\n\n\u003cli\u003enetwork_sec.ipynb = Notebook file used for creating the model and other operations related to ML\n\u003cli\u003egrindwall.py = Main Script used to setup the firewall\n\u003cli\u003erequirements.txt = Python Requirements for running the script\n\u003cli\u003etest.csv = Dataset used for testing the model\n\u003cli\u003egring_gui.py = Scipt to run Grindwall as GUI\n  \n  \u003ch4\u003eModels\u003c/h4\u003e\n  \n\u003cli\u003emodel1_grindwall.pkl  = The saved model checkpoint which is loaded into the script for use in the firewall, only filters sqli - Uses Random Forest Classifier\n\u003cli\u003emodel2_grindwall = The saved model Checkpoint, which filters sql injections and XSS payloads - Uses Ada Boost Classifier\n\u003cli\u003emodel3_grindwall = Saved Model checkpoint that filters on the basis of the vulnerability that the packet tries to exploit; \"sqli\",\"xss\" or \"good\"- Uses Random Forest Classifier \u003c/li\u003e\n\u003cli\u003emodel4_grindwall = Saved Model checkpoint that filters on the basis of the vulnerability that the packet tries to exploit; \"sqli\",\"xss\",\"cmdi\" or \"good\" - Uses Light Gradient Boosting Machine  Classification\u003c/li\u003e\n  \u003ch3\u003eWordlists\u003c/h3\u003e\n\u003cli\u003esqlInjection.txt = Wordlist containing payloads for SQL injection attacks used for dataset preparation\n\u003cli\u003exss_payloads.txt = Wordlist containing XSS payloads\n\u003cli\u003ecmdi_payloads.txt = Wordlist containing cmdi payloads\n\n\u003c/ol\u003e\n\n\n## Installation And Working\n\n\n* Clone this Repo\nInstall the requirements using the command \n ```python\n pip install -r requirements.txt  \n ```\n* Once dependencies are installed run \n\n```python \npython cli.py\n```\n![Grindwall CLI](images/image.png)\n\n\u003cli\u003eAlternatively you can also run the GUI version of Grindwall using :\n\n```python\npython gring_gui.py\n```\n\n\u003cimg src=\"./images/image5.png\" alt=\"grindwall GUI\"\u003e\n\u003cbr\u003e\u003c/br\u003e\u003cbr\u003e\u003c/br\u003e\n\u003cli\u003e Once the firewall is up and running configure your browser or computer to utilize proxy server running on port 1234 ( You can change this setting in grindwall.py file). \u003cbr\u003e\nYou can  use windows proxy settings by accessing \u003cbr\u003e\nSettings \u003e Network And Internet \u003e Proxy \u003e Enable proxy with \n\u003cbr\u003e\u003cbr\u003e\nAddress - 127.0.0.1\n\u003cbr\u003ePort - 1234\n\u003cbr\u003e\u003cbr\u003e\nOr you can use extensions like \u003ca href=\"https://chrome.google.com/webstore/detail/foxyproxy-standard/gcknhkkoolaabfmlnjonogaaifnjlfnp\"\u003eFoxy Proxy\u003c/a\u003e to use a proxy server for just your browser.\n\n\u003cli\u003eOnce your browser is configured to listen using the proxy server, all your requests pass through the ML model, which determines if your request is malicious or not and alerts you by dropping the packet.\n\n\u003cli\u003e You can view all the outgoing requests in the terminal and log file.\n\u003cbr\u003e\u003cbr\u003e\n\u003cimg src=\"./images/image2.png\" alt=\"Good Requests\"\u003e\n\u003cbr\u003e\n\u003cli\u003eAny malicious requests will be returned with the 'bad' classification and the following message will be displayed.\n\u003cbr\u003e\n\u003cimg src=\"./images/image3.png\" alt=\"Block message\"\u003e\n\u003c/br\u003e\u003cbr\u003e\n\u003cli\u003eThe terminal log displays the prediction label according to the vulnerability\n\u003cbr\u003e\u003c/br\u003e\n\u003cimg src=\"./images/image4.png\" alt=\"Terminal Information\"\u003e\n\n## Video Demo:\n\n\nhttps://github.com/thirt33n/Grindwall/assets/55974622/d291bbde-9870-42e9-905c-1259271b47fd\n\n\n\n\n## Future Implementations:\n\n### Support for other Web Vulnerabilities Including \n\n\u003cli\u003e Cross Site Scripting = Completed\n\u003cli\u003e Command Injections = Completed\n\u003cli\u003e Support For HTTPS connections\n\u003cli\u003e Comprehensive GUI\n\u003cli\u003eAnalytics\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthirt33n%2Fgrindwall","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthirt33n%2Fgrindwall","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthirt33n%2Fgrindwall/lists"}