Earn 7,650 ($76.50)

Project Overview:
The project involves the development of a web application using Java Spring Boot to simulate and defend against SQL injection attacks. The application will provide a user interface for interacting with the system and testing SQL injection vulnerabilities. Contractors are expected to implement both the attack and defense mechanisms and create an intuitive user interface for users to interact with the application in real-time.

Project Objectives:

1. SQL Injection Attack Simulation:

   • Develop a module that simulates SQL injection attacks on the application.
   • Implement various types of SQL injection attacks (e.g., classic SQL injection, blind SQL injection) to test the application's vulnerability.

2. Defense Mechanisms:

   • Implement security measures to defend against SQL injection attacks.
   • Utilize prepared statements, parameterized queries, and input validation to prevent SQL injection vulnerabilities.
   • Implement web application firewall rules to detect and block malicious SQL injection attempts.

3. User Interface (UI):

   • Design and develop an intuitive and user-friendly web interface using HTML, CSS, and JavaScript.
   • Include interactive elements for users to input SQL queries and see the results.
   • Display informative error messages and alerts for invalid inputs or potential SQL injection attempts.

4. Real-Time Scenario:

   • Create a real-time scenario where users can interact with the application.
   • Users should be able to input SQL queries through the UI and observe the application's response.
   • Implement a logging mechanism to capture and display SQL injection attempts in real-time.
   • Provide feedback to users about the success or failure of their input based on the implemented defense mechanisms.

5. Docker Containerization:

   • Dockerize the entire application, including all dependencies and configurations, into a Docker container.
   • Provide Dockerfile(s) and docker-compose.yml (if applicable) for building the Docker image.
   • Ensure the application can be easily deployed and run in any environment using Docker containers.

Deliverables:

1. Source Code:

   • Clean, well-documented, and organized Java Spring Boot source code implementing the attack and defense mechanisms.
   • HTML, CSS, and JavaScript files for the user interface.

2. Docker Containerization:

   • Dockerize the entire application, including all dependencies and configurations, into a Docker container.
   • Provide Dockerfile(s) and docker-compose.yml (if applicable) for building the Docker image.
   • Ensure the application can be easily deployed and run in any environment using Docker containers.

3. Documentation:

   • Detailed technical documentation explaining the implemented attack and defense strategies.
   • Instructions for building the Docker image:

     docker build -t sql-injection-app .
     

   • Instructions for running the Docker container:

     docker run -p 8080:8080 sql-injection-app
     

   • User guide describing how to interact with the UI and understand the application responses.
   • Guidelines for deploying the Docker container in various environments (development, testing, production).

Evaluation Criteria:

• Successful implementation of SQL injection attack and defense mechanisms.
• User interface design and interactivity.
• Real-time scenario implementation and responsiveness.
• Quality of documentation and clarity of Docker build and run instructions.
• Adherence to best practices and security standards.