Skip to content

Sreenand76/SQLiX

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

9 Commits
sqlix-backend
sqlix-backend
ย 
ย 
sqlix-frontend
sqlix-frontend
ย 
ย 
README.md
README.md
ย 
ย 

Repository files navigation

SQLix โ€“ SQL Injection Demo Platform

SQLix is a hands-on, full-stack platform designed to demonstrate SQL Injection vulnerabilities and their mitigation techniques. Built with React, Spring Boot, MySQL, and Docker, SQLix allows users to experiment with a login system that can be toggled between vulnerable and secure modes, showcasing the stark differences in query behavior.

๐Ÿš€ Live Demo

Live Demo

๐Ÿš€ Executive Summary

SQLix empowers developers, students, and security enthusiasts to learn about SQL Injection attacks and their prevention in a safe, interactive environment. Users can deliberately attempt SQL injection attacks on a sample login form, then switch to a secure mode to see how parameterized queries defend against such exploits.

๐Ÿ› ๏ธ Technologies Used

  • Frontend: React.js, Tailwind CSS
  • Backend: Spring Boot (Java), RESTful APIs
  • Database: MySQL
  • Authentication: Simple session-based (for demonstration)
  • Deployment: Frontend (Vercel), Backend (Render using Docker image)

๐ŸŽฏ Key Features

  • Vulnerable/Secure Toggle: Instantly switch between insecure (string concatenation) and secure (parameterized) SQL query modes.
  • Login Demo: Try real SQL injection payloads against a sample login form.
  • Educational UI: Explanations and feedback for each login attempt and toggle state.
  • Containerized Backend: Easily deployable with Docker.
  • Real-Time Results: Observe how the backend processes different inputs.

๐Ÿ’ก Key Learnings & Challenges

  • Illustrated the dangers of SQL Injection with hands-on experimentation.
  • Demonstrated the effectiveness of parameterized queries as a defense.
  • Designed a toggle system to switch backend logic at runtime.
  • Solved CORS and environment management for frontend-backend integration.
  • Containerized the backend for seamless deployment.

๐Ÿ“‚ Project Setup

1. Clone the Repository

git clone https://github.com/sreenand76/SQLiX.git
cd sqlix

2. Setup the Frontend

cd sqlix-frontend
npm install
npm run dev

3. Setup the Backend

cd sqlix-backend
mvn clean install
mvn spring-boot:run

Sample Credentials

๐Ÿ”ฎ Future Scope

  • Add multi-step SQLi labs (e.g., data extraction, UNION-based attacks).
  • Integrate explanations for common SQLi payloads.
  • Add support for more databases (PostgreSQL, SQLite).
  • Provide downloadable attack/defense logs for classroom use.

๐Ÿค Contribution / Contact

Feedback and collaboration are welcome!
Connect with me on LinkedIn or email at [email protected].

About

sq-li-x.vercel.app

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages