Upload README.md
Browse files
README.md
CHANGED
|
@@ -1,11 +1,84 @@
|
|
| 1 |
---
|
| 2 |
-
title:
|
| 3 |
-
emoji:
|
| 4 |
-
colorFrom:
|
| 5 |
-
colorTo:
|
| 6 |
sdk: docker
|
| 7 |
pinned: false
|
| 8 |
-
license: apache-2.0
|
| 9 |
---
|
| 10 |
|
| 11 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
---
|
| 2 |
+
title: CodeBERT Vulnerability Detection
|
| 3 |
+
emoji: π
|
| 4 |
+
colorFrom: red
|
| 5 |
+
colorTo: pink
|
| 6 |
sdk: docker
|
| 7 |
pinned: false
|
|
|
|
| 8 |
---
|
| 9 |
|
| 10 |
+
# CodeBERT Vulnerability Detection API
|
| 11 |
+
|
| 12 |
+
FastAPI-based code vulnerability detection using CodeBERT model trained for identifying SQL Injection and Certificate Validation vulnerabilities.
|
| 13 |
+
|
| 14 |
+
## π API Endpoints
|
| 15 |
+
|
| 16 |
+
- **GET /** - API information
|
| 17 |
+
- **GET /health** - Health check status
|
| 18 |
+
- **GET /docs** - Interactive API documentation (Swagger UI)
|
| 19 |
+
- **POST /detect** - Detect vulnerabilities in code
|
| 20 |
+
|
| 21 |
+
## π Example Usage
|
| 22 |
+
|
| 23 |
+
### Python
|
| 24 |
+
```python
|
| 25 |
+
import requests
|
| 26 |
+
|
| 27 |
+
url = "https://your-username-codebert-vulnerability-api.hf.space/detect"
|
| 28 |
+
|
| 29 |
+
response = requests.post(url, json={
|
| 30 |
+
"code": """
|
| 31 |
+
String query = "SELECT * FROM users WHERE id = '" + userId + "'";
|
| 32 |
+
Statement stmt = connection.createStatement();
|
| 33 |
+
ResultSet rs = stmt.executeQuery(query);
|
| 34 |
+
""",
|
| 35 |
+
"max_length": 512
|
| 36 |
+
})
|
| 37 |
+
|
| 38 |
+
result = response.json()
|
| 39 |
+
print(f"Vulnerable: {result['is_vulnerable']}")
|
| 40 |
+
print(f"Type: {result['vulnerability_type']}")
|
| 41 |
+
print(f"Confidence: {result['confidence']:.2%}")
|
| 42 |
+
```
|
| 43 |
+
|
| 44 |
+
### cURL
|
| 45 |
+
```bash
|
| 46 |
+
curl -X POST "https://your-username-codebert-vulnerability-api.hf.space/detect" \
|
| 47 |
+
-H "Content-Type: application/json" \
|
| 48 |
+
-d '{
|
| 49 |
+
"code": "SELECT * FROM users WHERE id = " + user_input,
|
| 50 |
+
"max_length": 512
|
| 51 |
+
}'
|
| 52 |
+
```
|
| 53 |
+
|
| 54 |
+
## π Response Format
|
| 55 |
+
|
| 56 |
+
```json
|
| 57 |
+
{
|
| 58 |
+
"vulnerability_type": "SQL Injection",
|
| 59 |
+
"confidence": 0.95,
|
| 60 |
+
"is_vulnerable": true,
|
| 61 |
+
"label": "s0"
|
| 62 |
+
}
|
| 63 |
+
```
|
| 64 |
+
|
| 65 |
+
## π·οΈ Vulnerability Labels
|
| 66 |
+
|
| 67 |
+
- **s0** / **s1** - SQL Injection vulnerabilities
|
| 68 |
+
- **v0** / **v1** - Certificate Validation vulnerabilities
|
| 69 |
+
|
| 70 |
+
## π§ Model Details
|
| 71 |
+
|
| 72 |
+
- **Base Model:** microsoft/codebert-base
|
| 73 |
+
- **Architecture:** RoBERTa with custom classification head
|
| 74 |
+
- **Model Size:** 487 MB
|
| 75 |
+
- **Task:** Binary classification for vulnerability detection
|
| 76 |
+
- **Categories:** SQL Injection, Certificate Validation
|
| 77 |
+
|
| 78 |
+
## β‘ Performance
|
| 79 |
+
|
| 80 |
+
The model uses CPU inference on Hugging Face Spaces free tier. For faster inference, consider upgrading to GPU hardware.
|
| 81 |
+
|
| 82 |
+
## π License
|
| 83 |
+
|
| 84 |
+
Apache 2.0
|