https://github.com/tom474/security_attacks_analysis

[RMIT 2024C] COSC2539 - Security in Computing and IT - Programming-based Security Project
https://github.com/tom474/security_attacks_analysis

command-injection cross-site-scripting denial-of-service security security-attacks sql-injection

Last synced: 7 months ago
JSON representation

[RMIT 2024C] COSC2539 - Security in Computing and IT - Programming-based Security Project

• Host: GitHub
• URL: https://github.com/tom474/security_attacks_analysis
• Owner: tom474
• Created: 2024-12-14T08:31:00.000Z (10 months ago)
• Default Branch: main
• Last Pushed: 2025-02-15T15:58:05.000Z (8 months ago)
• Last Synced: 2025-02-15T16:32:36.767Z (8 months ago)
• Topics: command-injection, cross-site-scripting, denial-of-service, security, security-attacks, sql-injection
• Language: Python
• Homepage:
• Size: 46.9 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Security Attacks Analysis  

A project analyzing and simulating **various cybersecurity attacks** on a web-based system, including **SQL Injection, Cross-Site Scripting (XSS), Command Injection, and Denial of Service (DoS)**. The project also implements **security countermeasures** to mitigate these threats.

## Tech Stack  

- Python

- Flask

- SQLite 

## Features  

### Attack Simulations  

- **SQL Injection**: Exploits database vulnerabilities to manipulate or extract sensitive data.  

- **Cross-Site Scripting (XSS)**: Injects malicious scripts that affect user interactions.  

- **Command Injection**: Executes unauthorized system commands through web inputs.  

- **Denial of Service (DoS)**: Overloads the system with excessive requests to disrupt service availability.  

### Security Implementations  

- **Parameterized Queries**: Prevents SQL Injection by using prepared statements.  

- **Input Validation & Output Encoding**: Blocks XSS attacks by sanitizing user inputs.  

- **Secure Command Execution**: Restricts unauthorized system command execution.  

- **Rate Limiting & IP Blocking**: Prevents DoS attacks by limiting excessive requests.  

- **Content Security Policy (CSP)**: Protects against client-side script injections.  

- **Logging & Monitoring**: Tracks suspicious activities for security analysis.