This project implements a Web Application Firewall (WAF) powered by Machine Learning.
It works as a local HTTP proxy server that analyzes requests in real-time, extracts key features, and predicts whether they are benign or malicious.

• Acts as a proxy server on localhost:8080
• Extracts features from HTTP requests (special characters, SQL keywords, suspicious patterns, etc.)
• Supports ML model:
  • Random Forest Classifier
• Real-time intrusion detection (Bad Request or Good Request)
• Can proxy requests to any website, not just a single target
• Easy to extend with new features or models

• The model is trained on a dataset of HTTP requests, with labels:
  • 0 → Benign request
  • 1 → Malicious request
• Features include:
  • Quotes (', ")
  • SQL patterns (--, union, select, etc.)
  • Script tags (<, >, script)
  • Special characters ($, |, &)
  • Path and body length
• You can expand the dataset using open-source WAF datasets (e.g., Kaggle FWAF dataset, WebEye, ModSec-Learn).

git clone https://github.com/your-username/web-application-firewall.git
cd web-application-firewall

pip install -r requirements.txt

python waf_training.py

python proxy_server.py

#Server starts at:
http://127.0.0.1:8080