---
name: detect_sql_injection
kind: function
lang: py
domain: cybersecurity
version: "1.0.0"
purity: pure
signature: "def detect_sql_injection(input_str: str) -> tuple"
description: "Detecta patrones de SQL injection en un string. Retorna (is_threat, pattern) con el nombre del patron detectado."
tags: [sqli, injection, detection, security, python, pendiente-usar]
uses_functions: []
uses_types: []
returns: []
returns_optional: false
error_type: ""
imports: [re]
params:
  - name: input_str
    desc: "string a analizar en busca de patrones de SQL injection"
output: "tupla (is_threat, pattern) indicando si se detectó amenaza y el nombre del patrón"
tested: false
tests: []
test_file_path: ""
file_path: "python/functions/cybersecurity/cybersecurity.py"
---

## Ejemplo

```python
detect_sql_injection("' OR '1'='1")
# (True, "string_tautology")

detect_sql_injection("; DROP TABLE users")
# (True, "stacked_query")

detect_sql_injection("hello world")
# (False, "")
```

## Notas

Detecta 10 patrones: sql_keyword, tautology, stacked_query, comment_injection, string_tautology, union_select, hex_literal, char_function, concat_function, time_based. No reemplaza un WAF pero es util para logging y alertas tempranas.