Add info folder with module explanations

Includes beginner-friendly .txt files explaining the purpose and code of each script (e.g., run.py, utils.py, etc.).

Author: tanujkumar2405

info/detector_info.txt

@@ -0,0 +1,84 @@
+
+Filename: detector_info.txt
+
+Line-by-Line Beginner-Friendly Explanation:
+
+1. import sys
+   - 'import' is a Python keyword used to include modules.
+   - 'sys' is a built-in module that provides access to system-specific parameters and functions.
+
+2. from utils import load_patterns, detect_sqli, log_attack
+   - This imports specific functions from a custom module named 'utils'.
+   - 'load_patterns' loads SQL injection patterns.
+   - 'detect_sqli' checks if an input matches SQLi patterns.
+   - 'log_attack' records details about suspicious input.
+
+3. import colorama
+   - Imports the 'colorama' module, which helps color text in the terminal.
+
+4. from colorama import Fore, Style
+   - Imports specific classes from colorama.
+   - 'Fore' is used to change text color.
+   - 'Style' is used to reset or style the text (like bold, reset, etc.).
+
+6. colorama.init(autoreset=True)
+   - Initializes colorama (needed for Windows compatibility).
+   - 'autoreset=True' means colors reset automatically after each print.
+
+8. patterns = load_patterns()
+   - Calls 'load_patterns()' function and stores the result (list of patterns) in 'patterns'.
+
+10. def main():
+    - Defines a new function named 'main'. The main logic goes here.
+
+11. print(f"{Fore.YELLOW}=== SQL Injection Detection Tool ==={Style.RESET_ALL}")
+    - Displays a title in yellow color using f-string (formatted string).
+
+12. print("Type 'exit' to quit.\n")
+    - Shows instruction. '\n' adds a new line.
+
+14. while True:
+    - Starts an infinite loop. Will keep asking for input until user types 'exit'.
+
+15. payload = input("Enter input (simulated payload): ").strip()
+    - Asks the user for input.
+    - '.strip()' removes any leading/trailing whitespace.
+
+16. if payload.lower() == 'exit':
+    - Checks if the input (in lowercase) is 'exit'.
+
+17. print(f"{Fore.YELLOW}Exiting the tool.{Style.RESET_ALL}")
+    - If yes, prints exit message in yellow.
+
+18. break
+    - Stops the loop.
+
+20. ip = "127.0.0.1"
+    - Sets a dummy IP address (localhost).
+
+21. endpoint = "/test"
+    - Sets a dummy endpoint name.
+
+23. matched_pattern = detect_sqli(payload, patterns)
+    - Calls 'detect_sqli' function to check if the input matches SQLi patterns.
+
+24. if matched_pattern:
+    - If SQLi is detected (function returned a pattern):
+
+25. print(f"{Fore.RED}[!] SQL Injection Detected!{Style.RESET_ALL} Pattern matched: {Fore.RED}{matched_pattern}{Style.RESET_ALL}\n")
+    - Displays a red warning message and the matched pattern.
+
+26. log_attack(ip, endpoint, payload, matched_pattern)
+    - Records the suspicious input to a log (e.g., a file or console).
+
+28. else:
+    - If no pattern matched (no SQLi detected):
+
+29. print(f"{Fore.GREEN}[+] Clean input. No SQLi detected.{Style.RESET_ALL}\n")
+    - Shows green success message.
+
+31. if __name__ == "__main__":
+    - Ensures the 'main()' function only runs when the file is executed directly (not when imported).
+
+32. main()
+    - Calls the main function to start the tool.

info/pattern_info.txt

@@ -0,0 +1,51 @@
+# Detects common SQL injection symbols:
+# It is a single non-capturing group that checks for:
+# (?i) → Case-insensitive
+# - %27 = URL encoded single quote (')
+# - '-- = Comment to ignore the rest of the SQL query
+# - %23 or # = URL encoded or direct comment marker
+# # (SQL comment)
+(?i)(%27|'|--|%23|#)
+
+# Detects use of OR/AND with always-true logic like: OR 1=1 or AND 1=1
+# This is a classic SQL injection trick to bypass authentication
+#\bOR\b / \bAND\b → Detects "OR" or "AND" as full words
+#\s+ → Requires space after OR/AND
+#\d+=\d+ → Looks for always-true condition (e.g., 1=1)
+(?i)(\bOR\b|\bAND\b)\s+\d+=\d+
+
+# Detects use of UNION SELECT which is often used to extract data from another table
+# E.g., ' UNION SELECT username, password FROM users
+#UNION SELECT → Used to extract data from another table
+(?i)UNION\s+SELECT
+
+# Detects SELECT queries with a common typo (SELECT ... FORM instead of FROM)
+# This may catch obfuscated or malformed injections
+#SELECT.+FORM → Catches SELECT queries with typo "FORM" instead of "FROM"
+(?i)SELECT.+FORM
+
+# Detects INSERT INTO statements, used to insert malicious or unauthorized data
+#INSERT INTO → Used to add data to a table
+(?i)INSERT\s+INTO
+
+# Detects DROP TABLE statements, which can delete database tables
+# Very dangerous if executed
+#DROP TABLE → Deletes a table
+(?i)DROP\s+TABLE
+
+# Detects UPDATE queries that try to change values in a table (like passwords or access levels)
+#UPDATE <table> SET → Changes data in the table
+(?i)UPDATE\s+\w+\s+SET
+
+# Detects EXEC commands that can run stored procedures or system commands (e.g., xp_cmdshell)
+#EXEC command → Executes stored procedures or commands
+(?i)EXEC\s+\w+
+
+# Detects WAITFOR DELAY used in time-based blind SQL injections
+# E.g., WAITFOR DELAY '00:00:05'
+#WAITFOR DELAY '00:00:05' → Causes time delay
+(?i)WAITFOR\s+DELAY
+
+# Detects use of SLEEP(seconds) in SQL, another form of time delay attack
+#SLEEP(5) → Pauses SQL execution for 5 seconds
+(?i)SLEEP\(\d+\)

info/report_generation_info.txt

@@ -0,0 +1,154 @@
+# IMPORTING REQUIRED MODULES
+
+import os  
+# 'os' is a built-in Python module used to interact with the operating system.
+# os.path.join() combines directory and file names into a full path that works on all systems.
+
+from fpdf import FPDF  
+# 'fpdf' is a third-party library to create PDF files. 'FPDF' is the main class for PDF creation.
+
+from datetime import datetime  
+# 'datetime' is a built-in module. 'datetime.now()' gives the current date and time.
+
+
+# SETTING FILE PATHS
+
+LOG_FILE = os.path.join("logs", "sqli_logs.txt")  
+# Full path to the log file: "logs/sqli_logs.txt"
+
+REPORTS_DIR = "reports"  
+# Directory name where generated PDF reports will be saved.
+
+
+# CREATING CUSTOM PDF CLASS
+
+class PDFReport(FPDF):  
+    # Inheriting from FPDF class to customize PDF behavior
+
+    def header(self):  
+        # This method defines what will appear at the top of each page
+        self.set_font("Arial", "B", 14)  
+        # Sets font to Arial, Bold, size 14
+        self.cell(0, 10, "SQL Injection Detection Report", 0, 1, "C")  
+        # Adds a centered title across full width (0), height 10
+        self.ln(5)  
+        # Adds a 5-unit line break
+
+    def footer(self):  
+        # This method defines what appears at the bottom of each page
+        self.set_y(-15)  
+        # Moves cursor 15 units from the bottom
+        self.set_font("Arial", "I", 8)  
+        # Sets font to Arial, Italic, size 8
+        page_num = f"Page {self.page_no()}"  
+        # f-string: embeds current page number dynamically
+        self.cell(0, 10, page_num, 0, 0, "C")  
+        # Adds page number centered at the bottom
+
+
+# PARSING A SINGLE LOG LINE
+
+def parse_log_line(line):  
+    # Accepts a single line from log file and extracts info
+
+    # Sample line format:
+    # [2025-07-17 14:20:15] IP: 192.168.1.100 | Endpoint: /batch-test | Payload: 1 OR 1=1 | Pattern: OR\s\d+=\d+
+
+    parts = line.strip().split("|")  
+    # Removes leading/trailing spaces and splits line at '|'
+    
+    if len(parts) < 4:  
+        return None  
+        # If parts are less than expected, return nothing
+
+    try:  
+        timestamp = line.split("]")[0].strip("[")  
+        # Extracts text inside square brackets at start
+
+        ip = parts[0].split("IP:")[1].strip()  
+        # Extracts IP address after "IP:"
+
+        endpoint = parts[1].split("Endpoint:")[1].strip()  
+        # Extracts URL endpoint
+
+        payload = parts[2].split("Payload:")[1].strip()  
+        # Extracts detected payload (e.g., SQLi input)
+
+        pattern = parts[3].split("Pattern:")[1].strip()  
+        # Extracts regex pattern that matched
+
+        return {
+            "timestamp": timestamp,
+            "ip": ip,
+            "endpoint": endpoint,
+            "payload": payload,
+            "pattern": pattern
+        }
+        # Returns a dictionary of parsed values
+
+    except IndexError:  
+        # In case any split or index fails
+        return None  
+
+
+# MAIN FUNCTION TO GENERATE PDF REPORT
+
+def generate_report():
+    print("No logd Found to generate report.")  
+    # Message (but typo: 'logd' should be 'logs')
+    return  
+    # Stops function here (you need to remove this to generate real reports)
+
+    os.makedirs(REPORTS_DIR, exist_ok=True)  
+    # Creates 'reports' directory if it doesn't exist
+
+    pdf = PDFReport()  
+    # Creates an instance of our custom PDF class
+
+    pdf.add_page()  
+    # Adds a new page to PDF
+
+    pdf.set_font("Arial", size=12)  
+    # Sets default font
+
+    with open(LOG_FILE, "r") as file:  
+        lines = file.readlines()  
+        # Opens the log file and reads all lines
+
+    if not lines:  
+        print("Log file is empty. No report generated.")
+        return  
+        # Stops if no log entries found
+
+    for line in lines:  
+        entry = parse_log_line(line)  
+        # Parses each line into a structured dictionary
+
+        if entry:  
+            pdf.set_font("Arial", "B", 11)
+            pdf.cell(0, 10, f"Timestamp: {entry['timestamp']}", ln=1)
+            
+            pdf.set_font("Arial", size=11)
+            pdf.cell(0, 8, f"IP: {entry['ip']} | Endpoint: {entry['endpoint']}", ln=1)
+
+            pdf.multi_cell(0, 8, f"Payload: {entry['payload']}")
+            pdf.multi_cell(0, 8, f"Matched Pattern: {entry['pattern']}")
+            pdf.ln(5)  
+            # Adds space after each log block
+
+    # Define filename with current datetime
+    report_filename = os.path.join(REPORTS_DIR, f"sqli_report_{datetime.now().strftime('%Y%m%d_%H%M%S')}.pdf")
+
+    pdf.output(report_filename)  
+    # Saves the generated PDF
+
+    print(f"Report generated: {report_filename}")  
+    # Confirms report generation
+
+
+# ENTRY POINT OF THE SCRIPT
+
+if __name__ == "__main__":  
+    # Python keyword: runs code only if file is run directly, not imported
+    generate_report()  
+    # Calls the report generation function

info/requirements_info.txt

@@ -0,0 +1,97 @@
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+📦 PYTHON LIBRARY: FLASK
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+• Flask is a **lightweight web framework** used to create web applications and APIs.
+
+🔑 Common Flask Components:
+---------------------------
+from flask import Flask
+# Imports the main Flask class to create an app
+
+app = Flask(__name__)
+# Creates a Flask web app instance
+
+@app.route('/')
+# Decorator to define a URL route (e.g., "/")
+
+def home():
+    return "Welcome!"
+# Defines what to show when user visits the route
+
+app.run(debug=True)
+# Starts the Flask server
+# debug=True auto-reloads and shows errors
+
+
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+📦 PYTHON LIBRARY: FPDF
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+• FPDF is a **Python library to generate PDF files** (like invoices, reports, etc.)
+
+🔑 Common FPDF Usage:
+---------------------
+from fpdf import FPDF
+# Imports the FPDF class
+
+pdf = FPDF()
+# Creates a new PDF object
+
+pdf.add_page()
+# Adds a blank page to the PDF
+
+pdf.set_font("Arial", size=12)
+# Sets the font for writing text
+
+pdf.cell(200, 10, txt="Hello PDF", ln=1, align='C')
+# Adds a text cell: width=200, height=10, text, new line, centered
+
+pdf.output("output.pdf")
+# Saves the PDF file with this name
+
+
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+📦 PYTHON LIBRARY: COLORAMA
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+• Colorama is used to **add colors to terminal output** (text in red, green, etc.)
+• Works on Windows, Linux, macOS.
+
+🔑 Common Colorama Usage:
+-------------------------
+from colorama import Fore, Style, init
+# Fore: for text color
+# Style: for styles like RESET
+# init(): to initialize colorama
+
+init()
+# Initializes colorama (needed on Windows)
+
+print(Fore.RED + "Error occurred")
+# Prints red text
+
+print(Style.RESET_ALL)
+# Resets color to default
+
+
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+📦 PYTHON LIBRARY: REQUESTS
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+• Requests is used to **send HTTP requests** (GET, POST, etc.) easily in Python.
+
+🔑 Common Requests Usage:
+-------------------------
+import requests
+# Imports the requests module
+
+res = requests.get("http://example.com")
+# Sends a GET request to the URL
+
+print(res.text)
+# Prints the response body (HTML/text)
+
+data = {"username": "admin", "password": "1234"}
+res = requests.post("http://site.com/login", data=data)
+# Sends POST request with form data
+
+if res.status_code == 200:
+    print("Success!")
+# Checks if response was OK (status code 200)