Skip to content

2023-097
2023-097
Commit 37b12eb1 authored by senurarathnayake's avatar senurarathnayake
Browse files
Options

CIS Implementation

parent 4d435206
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 12664 additions and 47 deletions
Automated CIS checking/.idea/.gitignore 0 → 100644
View file @ 37b12eb1
# Default ignored files
/shelf/
/workspace.xml
# Editor-based HTTP Client requests
/httpRequests/
# Datasource local storage ignored files
/dataSources/
/dataSources.local.xml
Automated CIS checking/.idea/.name 0 → 100644
View file @ 37b12eb1
service.py
\ No newline at end of file
Automated CIS checking/.idea/inspectionProfiles/Project_Default.xml 0 → 100644
View file @ 37b12eb1
<component name="InspectionProjectProfileManager">
<profile version="1.0">
<option name="myName" value="Project Default" />
<inspection_tool class="PyPackageRequirementsInspection" enabled="true" level="WARNING" enabled_by_default="true">
<option name="ignoredPackages">
<value>
<list size="52">
<item index="0" class="java.lang.String" itemvalue="protobuf" />
<item index="1" class="java.lang.String" itemvalue="threadpoolctl" />
<item index="2" class="java.lang.String" itemvalue="pydivert" />
<item index="3" class="java.lang.String" itemvalue="h11" />
<item index="4" class="java.lang.String" itemvalue="MarkupSafe" />
<item index="5" class="java.lang.String" itemvalue="dlib" />
<item index="6" class="java.lang.String" itemvalue="certifi" />
<item index="7" class="java.lang.String" itemvalue="PyAudio" />
<item index="8" class="java.lang.String" itemvalue="passlib" />
<item index="9" class="java.lang.String" itemvalue="SpeechRecognition" />
<item index="10" class="java.lang.String" itemvalue="pyperclip" />
<item index="11" class="java.lang.String" itemvalue="python-owasp-zap-v2.4" />
<item index="12" class="java.lang.String" itemvalue="Werkzeug" />
<item index="13" class="java.lang.String" itemvalue="cryptography" />
<item index="14" class="java.lang.String" itemvalue="reportlab" />
<item index="15" class="java.lang.String" itemvalue="click" />
<item index="16" class="java.lang.String" itemvalue="wsproto" />
<item index="17" class="java.lang.String" itemvalue="contourpy" />
<item index="18" class="java.lang.String" itemvalue="fonttools" />
<item index="19" class="java.lang.String" itemvalue="regex" />
<item index="20" class="java.lang.String" itemvalue="urwid" />
<item index="21" class="java.lang.String" itemvalue="matplotlib" />
<item index="22" class="java.lang.String" itemvalue="charset-normalizer" />
<item index="23" class="java.lang.String" itemvalue="pypiwin32" />
<item index="24" class="java.lang.String" itemvalue="pyfiglet" />
<item index="25" class="java.lang.String" itemvalue="msgpack" />
<item index="26" class="java.lang.String" itemvalue="freetype-py" />
<item index="27" class="java.lang.String" itemvalue="pyttsx3" />
<item index="28" class="java.lang.String" itemvalue="h2" />
<item index="29" class="java.lang.String" itemvalue="numpy" />
<item index="30" class="java.lang.String" itemvalue="pyasn1" />
<item index="31" class="java.lang.String" itemvalue="pyOpenSSL" />
<item index="32" class="java.lang.String" itemvalue="ruamel.yaml.clib" />
<item index="33" class="java.lang.String" itemvalue="wikipedia" />
<item index="34" class="java.lang.String" itemvalue="djangorestframework" />
<item index="35" class="java.lang.String" itemvalue="itsdangerous" />
<item index="36" class="java.lang.String" itemvalue="Flask" />
<item index="37" class="java.lang.String" itemvalue="blinker" />
<item index="38" class="java.lang.String" itemvalue="kaitaistruct" />
<item index="39" class="java.lang.String" itemvalue="scipy" />
<item index="40" class="java.lang.String" itemvalue="opencv-python" />
<item index="41" class="java.lang.String" itemvalue="rlPyCairo" />
<item index="42" class="java.lang.String" itemvalue="ruamel.yaml" />
<item index="43" class="java.lang.String" itemvalue="tzdata" />
<item index="44" class="java.lang.String" itemvalue="mitmproxy_wireguard" />
<item index="45" class="java.lang.String" itemvalue="packaging" />
<item index="46" class="java.lang.String" itemvalue="publicsuffix2" />
<item index="47" class="java.lang.String" itemvalue="Django" />
<item index="48" class="java.lang.String" itemvalue="cmake" />
<item index="49" class="java.lang.String" itemvalue="pytz" />
<item index="50" class="java.lang.String" itemvalue="Pillow" />
<item index="51" class="java.lang.String" itemvalue="scikit-learn" />
</list>
</value>
</option>
</inspection_tool>
</profile>
</component>
\ No newline at end of file
Automated CIS checking/.idea/inspectionProfiles/profiles_settings.xml 0 → 100644
View file @ 37b12eb1
<component name="InspectionProjectProfileManager">
<settings>
<option name="USE_PROJECT_PROFILE" value="false" />
<version value="1.0" />
</settings>
</component>
\ No newline at end of file
Automated CIS checking/.idea/misc.xml 0 → 100644
View file @ 37b12eb1
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="ProjectRootManager" version="2" project-jdk-name="webguard0 (2)" project-jdk-type="Python SDK" />
</project>
\ No newline at end of file
Automated CIS checking/.idea/modules.xml 0 → 100644
View file @ 37b12eb1
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="ProjectModuleManager">
<modules>
<module fileurl="file://$PROJECT_DIR$/.idea/webguardian-ML-v2.iml" filepath="$PROJECT_DIR$/.idea/webguardian-ML-v2.iml" />
</modules>
</component>
</project>
\ No newline at end of file
Automated CIS checking/.idea/webguardian-ML-v2.iml 0 → 100644
View file @ 37b12eb1
<?xml version="1.0" encoding="UTF-8"?>
<module version="4">
<component name="Flask">
<option name="enabled" value="true" />
</component>
<component name="NewModuleRootManager">
<orderEntry type="jdk" jdkName="webguard0 (2)" jdkType="Python SDK" />
<orderEntry type="sourceFolder" forTests="false" />
</component>
<component name="TemplatesService">
<option name="TEMPLATE_CONFIGURATION" value="Jinja2" />
<option name="TEMPLATE_FOLDERS">
<list>
<option value="$MODULE_DIR$/templates" />
</list>
</option>
</component>
</module>
\ No newline at end of file
Automated CIS checking/Readme.md 0 → 100644
View file @ 37b12eb1
# webguardian-development
### Requirements
Python 3.6+<br>
FastAPI <br>
Uvicorn or simillar service <br>
OWASP-ZAP <br>
nmap <br>
### [How to install fastApi on windows](https://codinggear.blog/how-to-install-fastapi-on-computer-using-pip/)
### Install on Linux based destros or WSL
#### Install FastAPI
```bash
python3 -m pip install fastapi
```
#### Install server[scan.py](scan.py)
```bash
pip install uvicorn
```
#### Install ZAPv2 api
```bash
pip install python-owasp-zap-v2.4
```
#### Install nmap library
```bash
pip install python-nmap
```
### Change api key
> open your owasp application and click : <br> Tools -> Options -> api
### Copy the API key and paste it into the code
### finally run :
```bash
uvicorn scan:app --reload
```
-----------------------------------------------
>pip install fastapi
>pip install "uvicorn[standard]"
>pip install python-nmap
>python -m uvicorn scan:app --reload
Download Owasp
https://www.zaproxy.org/download/
### open your owasp application and click :
Tools -> Options -> api
Install Nmap(in C:)
nmap_path = [r"C:\Program Files (x86)\Nmap\nmap.exe",]
nm = nmap.PortScanner(nmap_search_path=nmap_path)
\ No newline at end of file
Automated CIS checking/scan.py 0 → 100644
View file @ 37b12eb1
This diff is collapsed.
Backend/.env 0 → 100644
View file @ 37b12eb1
MONGOURI=mongodb+srv://webguardianrp:webguardianrp@cluster0.4kualk2.mongodb.net/webguardian?retryWrites=true&w=majority
PORT = 5000
TOKEN_KEY=cfwer2345re5
TOKEN_EXPIRY = 24h
AUTH_EMAIL = testnodewebguard@gmail.com
AUTH_PASS = xgxroxhwkyfojqqk
\ No newline at end of file
Backend/.gitignore 0 → 100644
View file @ 37b12eb1
# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
# dependencies
/node_modules
/.pnp
.pnp.js
# testing
/coverage
# production
/build
# misc
.DS_Store
.env.local
.env.development.local
.env.test.local
.env.production.local
npm-debug.log*
yarn-debug.log*
yarn-error.log*
\ No newline at end of file
Backend/README.md 0 → 100644
View file @ 37b12eb1
# webguardian-web-frontend
\ No newline at end of file
Backend/controllers/company-controller.js 0 → 100644
View file @ 37b12eb1
import axios from "axios";
import Company from "../models/company-model.js";
import User from "../models/user-model.js";
export const createCompanybasic = async (data) => {
try {
const {
appicationURL, // Corrected property name
applicationName, // Corrected property name
ipAddress,
applicationDescription, // Corrected property name
userid,
} = data;
console.log({ userid });
// Check if the user with the provided userid exists
const existingUser = await User.findOne({ _id: userid });
if (!existingUser) {
throw new Error("User with this ID does not exist.");
}
const existingCompany = await Company.findOne({ userid });
if (existingCompany) {
// If a company with the same userid already exists, return an error message
throw Error("User already has a company record.");
}
const newCompany = new Company({
userid: userid,
basicinfo: {
appUrl: appicationURL,
appName: applicationName,
ipAddress: ipAddress,
appDesc: applicationDescription,
},
});
const createdCompany = await newCompany.save();
// Update the user's companyId field with the ID of the newly created company
existingUser.companyId = createdCompany._id;
await existingUser.save();
return createdCompany;
} catch (error) {
console.log(error);
throw error;
}
};
export const createTechnicalInformation = async (data) => {
try {
// Find the company by ID
const company = await Company.findById(data.companyid);
if (!company) {
throw new Error(`Company with ID ${data.companyid} not found`);
}
// Update the technical information fields
company.techinfo = {
financialvalue: data.financialvalue || company.techinfo.financialvalue,
frontend: data.frontend || company.techinfo.frontend,
backend: data.backend || company.techinfo.backend,
database: data.database || company.techinfo.database,
application: data.application || company.techinfo.application,
others: data.others || company.techinfo.others,
webAppType: data.webAppType || company.techinfo.webAppType,
};
// Save the updated company
const updatedCompany = await company.save();
return updatedCompany;
} catch (error) {
console.log(error);
throw error;
}
};
export const createContactInformation = async (data) => {
try {
// Find the company by ID
const company = await Company.findById(data.companyid);
if (!company) {
throw new Error(`Company with ID ${data.companyid} not found`);
}
// Update the technical information fields
company.contactinfo = {
companyName: data.companyName || company.companyName,
contactNumber: data.contactNumber || company.contactNumber,
address: data.address || company.address,
};
// Save the updated company
const updatedCompany = await company.save();
return updatedCompany;
} catch (error) {
console.log(error);
throw error;
}
};
export const getCompanyById = async (id) => {
try {
const company = await Company.findById(id);
return company;
} catch (error) {
console.log(error);
throw error;
}
};
export const getVulnerabilities = async (id) => {
try {
const company = await Company.findById(id);
if (!company) {
throw new Error("Company not found");
}
const { frontend, backend, database, others, application } =
company.techinfo;
const techinfoArray = [frontend, backend, database, others, application];
const results = [];
const config = {
headers: {
apikey: "57207422-e8b1-4e84-8ba3-7bc3029a14f8",
},
};
for (const tech of techinfoArray) {
const response = await axios.get(
`https://services.nvd.nist.gov/rest/json/cves/2.0/?keywordSearch=${tech}&lastModStartDate=2023-08-19T13:00:00.000%2B01:00&lastModEndDate=2023-09-03T13:36:00.000%2B01:00`,
config
);
const vulnerabilities = response.data.vulnerabilities || [];
const vulnerabilitiesData = vulnerabilities.map((vuln) => {
const baseSeverity =
vuln.cve?.metrics?.cvssMetricV31?.[0]?.cvssData?.baseSeverity ||
"none";
return {
id: vuln.cve ? vuln.cve.id : "none",
description: vuln.cve
? vuln.cve.descriptions.find((desc) => desc.lang === "en")?.value ||
"none"
: "none",
baseSeverity,
};
});
if (vulnerabilitiesData.length > 0) {
// If there are vulnerabilities, add the tech name and baseSeverity to the results
results.push({ tech, vulnerabilities: vulnerabilitiesData });
} else {
// If there are no vulnerabilities, add the tech name with an empty array
results.push({ tech, vulnerabilities: [] });
}
}
return results;
} catch (error) {
console.log(error);
throw error;
}
};
// Function to get vulnerabilities by sorting date in the last 7 days
export const getVulnerabilitiesByLastSevenDays = async (id) => {
try {
const company = await Company.findById(id);
if (!company) {
throw new Error("Company not found");
}
const { frontend, backend, database, others, application } =
company.techinfo;
const techinfoArray = [frontend, backend, database, others, application];
const results = [];
// Calculate the start and end dates for the last 7 days
const endDate = new Date(); // Today's date
const startDate = new Date();
startDate.setDate(endDate.getDate() - 7); // 7 days ago
const config = {
headers: {
apikey: "57207422-e8b1-4e84-8ba3-7bc3029a14f8",
},
};
for (const tech of techinfoArray) {
const response = await axios.get(
`https://services.nvd.nist.gov/rest/json/cves/2.0/?keywordSearch=${tech}&lastModStartDate=${startDate.toISOString()}&lastModEndDate=${endDate.toISOString()}`,
config
);
const vulnerabilities = response.data.vulnerabilities || [];
const vulnerabilitiesData = vulnerabilities.map((vuln) => {
const baseSeverity =
vuln.cve?.metrics?.cvssMetricV31?.[0]?.cvssData?.baseSeverity ||
"none";
return {
id: vuln.cve ? vuln.cve.id : "none",
description: vuln.cve
? vuln.cve.descriptions.find((desc) => desc.lang === "en")?.value ||
"none"
: "none",
baseSeverity,
};
});
if (vulnerabilitiesData.length > 0) {
// If there are vulnerabilities, add the tech name and baseSeverity to the results
results.push({
tech,
vulnerabilities: vulnerabilitiesData,
count: vulnerabilitiesData.length,
});
} else {
// If there are no vulnerabilities, add the tech name with an empty array
results.push({
tech,
vulnerabilities: [],
count: vulnerabilitiesData.length,
});
}
}
return results;
} catch (error) {
console.log(error);
throw error;
}
};
// Function to get vulnerabilities for a specific day
export const getVulnerabilitiesForSpecificDay = async (id, specificDate) => {
try {
const company = await Company.findById(id);
if (!company) {
throw new Error("Company not found");
}
const { frontend, backend, database, others, application } =
company.techinfo;
const techinfoArray = [frontend, backend, database, others, application];
const results = [];
// Calculate the start and end dates for the last 7 days
const endDate = new Date(); // Today's date
const startDate = new Date();
startDate.setDate(endDate.getDate() - 1);
const config = {
headers: {
apikey: "57207422-e8b1-4e84-8ba3-7bc3029a14f8",
},
};
for (const tech of techinfoArray) {
const response = await axios.get(
`https://services.nvd.nist.gov/rest/json/cves/2.0/?keywordSearch=${tech}&lastModStartDate=${startDate.toISOString()}&lastModEndDate=${endDate.toISOString()}`,
config
);
const vulnerabilities = response.data.vulnerabilities || [];
const vulnerabilitiesData = await Promise.all(
vulnerabilities.map(async (vuln) => {
const baseSeverity =
vuln.cve?.metrics?.cvssMetricV31?.[0]?.cvssData?.baseSeverity ||
"none";
const formData = new FormData();
formData.append(
"severity",
vuln.cve
? vuln.cve.descriptions.find((desc) => desc.lang === "en")
?.value || "none"
: "none"
);
const serres = await axios.post(
"http://127.0.0.1:5000/severity",
formData
);
return {
id: vuln.cve ? vuln.cve.id : "none",
description: vuln.cve
? vuln.cve.descriptions.find((desc) => desc.lang === "en")
?.value || "none"
: "none",
baseSeverity,
secondApiseverity: serres.data.result, // Modify this as needed
};
})
);
if (vulnerabilitiesData.length > 0) {
// If there are vulnerabilities, add the tech name and baseSeverity to the results
results.push({
tech,
vulnerabilities: vulnerabilitiesData,
count: vulnerabilitiesData.length,
});
} else {
// If there are no vulnerabilities, add the tech name with an empty array
results.push({
tech,
vulnerabilities: [],
count: vulnerabilitiesData.length,
});
}
}
return results;
} catch (error) {
console.log(error);
throw error;
}
};
Backend/controllers/otp-controller.js 0 → 100644
View file @ 37b12eb1
import Log from "../models/log-model.js";
import OTP from "../models/otp-model.js";
import User from "../models/user-model.js";
import { generateOTP } from "../utils/generateOTP.js";
import { hashData, verifyHashedData } from "../utils/hash-data.js";
import { sendEmail } from "../utils/sendEmail.js";
export const verifyOTP = async ({ email, otp }) => {
try {
if (!(email && otp)) {
throw Error("Provide values for email, otp");
}
// ensure otp record exists
const matchedOTPRecord = await OTP.findOne({
email,
});
if (!matchedOTPRecord) {
throw Error("NO OTP Records Found");
}
const { expiresAt } = matchedOTPRecord;
// checking for expired code
if (expiresAt < Date.now()) {
await OTP.deleteOne({ email });
throw Error("Code has expired. Request for a new one.");
}
// not expired yet, verify value
const hashedOtp = matchedOTPRecord.otp;
const validOTP = await verifyHashedData(otp, hashedOtp);
if (validOTP) {
await OTP.deleteOne({ email });
}
// Mark the user as verified
if (validOTP) {
const userByEmail = await User.findOne({ email: email });
console.log({ userByEmail });
await User.findOneAndUpdate(
{ email: email },
{ $set: { isVerified: true } },
{ new: true } // To return the updated user document
);
}
return otp;
} catch (error) {
throw error;
}
};
export const deleteOTP = async (email) => {
try {
await OTP.deleteOne({ email });
} catch (error) {
throw error;
}
};
export const sendOTP = async ({ email, subject, message, duration = 1 }) => {
try {
if (!(email && subject && message)) {
throw Error("Provide values for email, subject,message");
}
// clear any old record
await OTP.deleteOne({ email });
await User.findOneAndUpdate(
{ email: email },
{ $set: { isVerified: false } },
{ new: true } // To return the updated user document
);
//Delete enerate pin
const generatedOTP = await generateOTP();
console.log({ generateOTP });
// send email
const mailOptions = {
from: process.env.AUTH_EMAIL,
to: email,
subject,
html: `<h3>Webguardian Email Verification</h3><p>${message}</p><p style="color:tomato;
font-size:25px; letter-spacing:2px;"><b>${generatedOTP}</b></p><p>This code <b>expires in ${duration} hour(s)</b>.</p>`,
};
await sendEmail(mailOptions);
console.log("start");
`1`;
const hashedOTP = await hashData(generatedOTP);
console.log("end");
const newOTP = await new OTP({
email,
otp: hashedOTP,
createdAt: Date.now(),
expiresAt: Date.now() + 3600000 * +duration,
});
const createdOTPRecord = await newOTP.save();
return createdOTPRecord;
} catch (error) {
console.log(error);
}
};
// get log data
export const getAllLogData = async () => {
try {
const logData = await Log.find();
return logData;
} catch (error) {
throw error;
}
};
Backend/controllers/user-controller.js 0 → 100644
View file @ 37b12eb1
import Log from "../models/log-model.js";
import User from "../models/user-model.js";
import { createToken } from "../utils/create-token.js";
import { hashData, verifyHashedData } from "../utils/hash-data.js";
export const authenticateUser = async (data) => {
try {
const { email, password, device, logTime } = data;
const fetchedUser = await User.findOne({
email,
});
if (!fetchedUser) {
throw Error("Invalid credentials entered!");
}
const hashedPassword = fetchedUser.password;
const passwordMatch = await verifyHashedData(password, hashedPassword);
if (!passwordMatch) {
throw new Error("Invalid password entered!");
}
// create user token
const tokenData = { userId: fetchedUser._id, email };
const token = await createToken(tokenData);
// assign user token
fetchedUser.token = token;
const newLog = new Log({
userId: fetchedUser._id,
device,
logTime,
username: fetchedUser.username,
});
fetchedUser.device = device;
fetchedUser.logTime = logTime;
console.log({ logTime });
await newLog.save();
console.log({ logTime });
return fetchedUser;
} catch (error) {
throw error; // Rethrow the error to be caught by the calling function
}
};
export const createNewUser = async (data) => {
try {
const { name, email, password, username } = data;
console.log({ email });
const existingUser = await User.findOne({ email });
if (existingUser) {
throw Error("User with provided email already exists");
}
const hashedPassword = await hashData(password);
const newUser = new User({
name,
email,
password: hashedPassword,
username,
});
console.log({ newUser });
const createdUser = await newUser.save(); // fixed typo "ceratedUser" to "createdUser"
console.log({ createdUser });
return createdUser;
} catch (error) {
console.log(error);
throw error; // re-throw the error to be handled by the calling code
}
};
// face id change status
export const faceidChangeStatus = async (data) => {
try {
const { userid, isFaceid } = data;
console.log({ userid });
const user = await User.findByIdAndUpdate(
userid,
{ isFaceid },
{ new: true }
);
return user;
} catch (error) {
throw error;
}
};
export const updateProfile = async (userId, data) => {
try {
console.log({ data });
// Define the fields that are allowed to be updated
const allowedFields = {
location: {
long: data.location.long,
lang: data.location.lang,
},
companyId: data.companyId,
device: data.device,
shift: data.shift,
isVerified: data.isVerified,
companyid: data.companyid,
isFaceid: data.isFaceid,
timeShift: data.timeShift,
name : data.name,
username: data.username,
};
// Find the user by their ID
const user = await User.findById(userId);
console.log({ user });
if (!user) {
throw Error("User not found");
}
// Update the allowed fields
Object.assign(user, allowedFields);
// Save the updated user profile
const updatedUser = await user.save();
return updatedUser;
} catch (error) {
console.log(error);
throw error;
}
};
export const usernameNameUpdate = async (userId, data) => {
try{
const allowedFields = {
username: data.username,
name : data.name,
shift: data.shift,
timeShift: data.shift,
}
const user = await User.findById(userId);
console.log({ user });
if (!user) {
throw Error("User not found");
}
Object.assign(user, allowedFields);
const updatedUser = await user.save();
return updatedUser;
}catch{
}
}
export const getUserById = async (userId) => {
try {
const user = await User.findById(userId); // Use the User model to find a user by ID
if (!user) {
throw new Error("User not found"); // Handle the case where the user is not found
}
return user; // Return the user details
} catch (error) {
console.error("Error fetching user by ID:", error);
throw error; // Rethrow the error for handling it elsewhere
}
};
Backend/db/database.js 0 → 100644
View file @ 37b12eb1
import dotenv from "dotenv";
import mongoose from "mongoose";
dotenv.config();
const ConnectDB = async () => {
try {
const conn = await mongoose.connect(process.env.MONGOURI, {
useUnifiedTopology: true,
useNewUrlParser: true,
});
console.log(`MongoDB Connected`);
} catch (error) {
console.error(`Error: ${error.message}`);
}
};
export default ConnectDB;
Backend/middleware/auth.js 0 → 100644
View file @ 37b12eb1
import jwt from "jsonwebtoken";
const { TOKEN_KEY } = process.env;
export const verifyToken = async (req, res, next) => {
const token =
req.body.token || req.query.token || req.headers["x-access-token"];
// check for provided token
if (!token) {
return res.status(403).send("An authentication token is required");
}
// verify token
try {
const decodedToken = await jwt.verify(token, TOKEN_KEY);
req.currentUser = decodedToken;
} catch (error) {
return res.status(401).send("Invalid Token provided");
}
return next();
};
Backend/models/company-model.js 0 → 100644
View file @ 37b12eb1
import mongoose from "mongoose";
const contactinfo = mongoose.Schema({
companyName: {
type: String,
required: false,
},
contactNumber: {
type: String,
required: false,
},
address: {
type: String,
required: false,
},
});
const basicinfo = mongoose.Schema({
appUrl: {
type: String,
required: false,
},
ipAddress: {
type: String,
required: false,
},
appName: {
type: String,
required: false,
},
appDesc: {
type: String,
required: false,
},
});
const techinfo = mongoose.Schema({
financialvalue: {
type: String,
required: false,
},
frontend: {
type: String,
required: false,
},
backend: {
type: String,
required: false,
},
database: {
type: String,
required: false,
},
application: {
type: String,
required: false,
},
others: {
type: String,
required: false,
},
webAppType: {
type: String,
required: false,
},
});
const companySchema = mongoose.Schema(
{
techinfo: techinfo,
contactinfo: contactinfo,
basicinfo: basicinfo,
userid:{
type: String,
required: false,
}
},
{
collection: "company",
}
);
const Company = mongoose.model("company", companySchema);
export default Company;
Backend/models/log-model.js 0 → 100644
View file @ 37b12eb1
import mongoose from "mongoose";
const logSchema = new mongoose.Schema(
{
userId: {
type: String,
required: true,
},
device: {
type: String,
},
logTime: {
type: Date,
},
username: {
type: String,
},
email: {
type: String,}
},
{
collection: "log",
}
);
const Log = mongoose.model("Log", logSchema);
export default Log;
Backend/models/otp-model.js 0 → 100644
View file @ 37b12eb1
import mongoose from "mongoose";
const otpSchema = mongoose.Schema({
email: {
type: String,
},
otp: {
type: String,
},
applicationName: {
type: String,
},
token: {
type: String,
},
createdAt: {
type: Date
},
expiresAt: {
type: Date
},
},
{
collection: "otp",
}
);
const Otp = mongoose.model("Otp", otpSchema);
export default Otp;
Backend/models/user-model.js 0 → 100644
View file @ 37b12eb1
import mongoose from "mongoose";
const locationSchema = mongoose.Schema({
long: {
type: String,
},
lang: {
type: String,
},
});
const userSchema = mongoose.Schema(
{
name: {
type: String,
},
username: {
type: String,
},
email: {
type: String,
unique: true,
},
location: locationSchema,
password: {
type: String,
},
token: {
type: String,
},
companyId: {
type: String,
},
device: {
type: String,
},
shift: {
type: String,
},
isVerified: {
type: Boolean,
},
companyid: {
type: String,
},
isFaceid: {
type: Boolean,
default: false,
},
timeShift: {
type: String,
},
logTime: {
type: String,
}
},
{
collection: "user",
}
);
const User = mongoose.model("User", userSchema);
export default User;
Backend/package-lock.json 0 → 100644
View file @ 37b12eb1
This diff is collapsed.
Backend/package.json 0 → 100644
View file @ 37b12eb1
{
"name": "webguardian-web-backend",
"version": "1.0.0",
"description": "",
"main": "index.js",
"type": "module",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1",
"start": "node server.js",
"dev": "nodemon server.js"
},
"author": "",
"license": "ISC",
"dependencies": {
"axios": "^1.5.0",
"bcrypt": "^5.1.0",
"body-parser": "^1.20.2",
"cors": "^2.8.5",
"dotenv": "^16.3.1",
"express": "^4.18.2",
"express-rate-limit": "^7.0.0",
"jsonwebtoken": "^9.0.1",
"mongoose": "^7.4.0",
"nodemailer": "^6.9.4",
"nodemon": "^3.0.1"
}
}
Backend/routes/company-route.js 0 → 100644
View file @ 37b12eb1
import { Router } from "express";
import {
createCompanybasic,
createContactInformation,
createTechnicalInformation,
getCompanyById,
getVulnerabilities,
getVulnerabilitiesByLastSevenDays,
getVulnerabilitiesForSpecificDay,
} from "../controllers/company-controller.js";
import rateLimit from "express-rate-limit";
const router = Router();
router.post("/createcompanybasic/:id", async (req, res) => {
try {
const {
appicationURL,
applicationName,
ipAddress,
applicationDescription,
} = req.body;
const createdCompany = await createCompanybasic({
appicationURL,
applicationName,
ipAddress,
applicationDescription,
userid: req.params.id,
});
res.status(200).json(createdCompany);
} catch (error) {
res.status(400).json(error.message);
}
});
router.post("/technicalinformation", async (req, res) => {
try {
const {
financialvalue,
frontend,
backend,
database,
application,
others,
webAppType,
companyid,
} = req.body;
const createCompany = await createTechnicalInformation({
financialvalue,
frontend,
backend,
database,
application,
others,
webAppType,
companyid,
});
res.status(200).json(createCompany);
} catch (error) {
res.status(400).json(error.message);
}
});
router.post("/contactinformation", async (req, res) => {
try {
const { companyName, contactNumber, address, companyid, userid } = req.body;
const createCompany = await createContactInformation({
companyName,
contactNumber,
address,
companyid,
});
res.status(200).json(createCompany);
} catch (error) {
res.status(400).json(error.message);
}
});
router.get("/companies/:id", async (req, res) => {
const companyId = req.params.id;
try {
const company = await getCompanyById(companyId);
if (!company) {
return res.status(404).json({ error: "Company not found" });
}
res.json(company);
} catch (error) {
console.error(error);
res.status(500).json({ error: "Internal Server Error" });
}
});
//vulnurabilities scanner
router.post("/vulnurabilities/:id", async (req, res) => {
try {
const companyId = req.params.id;
const createCompany = await getVulnerabilities(
companyId,
);
res.status(200).json(createCompany);
} catch (error) {
res.status(400).json(error.message);
}
});
router.post("/vulnurabilitiesbyweek/:id", async (req, res) => {
try {
const companyId = req.params.id;
const createCompany = await getVulnerabilitiesByLastSevenDays(
companyId,
);
res.status(200).json(createCompany);
} catch (error) {
res.status(400).json(error.message);
}
});
const limiter = rateLimit({
windowMs: 60 * 200, // 15 minutes
max: 100, // Max requests per windowMs
message: 'Too many requests from this IP, please try again later.',
});
router.post("/vulnurabilitiesbyday/:id",limiter, async (req, res) => {
try {
const companyId = req.params.id;
const createCompany = await getVulnerabilitiesForSpecificDay(
companyId,
);
res.status(200).json(createCompany);
} catch (error) {
res.status(400).json(error.message);
}
});
export { router as companyRouter };
Backend/routes/otp-route.js 0 → 100644
View file @ 37b12eb1
import { Router } from "express";
import {
getAllLogData,
sendOTP,
verifyOTP,
} from "../controllers/otp-controller.js";
const router = Router();
router.post("/verify", async (req, res) => {
try {
let { email, otp } = req.body;
const validOTP = await verifyOTP({ email, otp });
res.status(200).json({ valid: validOTP });
} catch (error) {
res.status(400).json(error.message);
}
});
// request new verification otp
router.post("/", async (req, res) => {
try {
const { email, subject, message, duration } = req.body;
const createdOTP = await sendOTP({
email,
subject,
message,
duration,
});
res.status(200).json(createdOTP);
} catch (error) {
console.log(error);
}
});
router.get("/getlogdata", async (req, res) => {
try {
const getalllogData = await getAllLogData();
res.status(200).json(getalllogData);
} catch (error) {
console.log(error);
}
});
export { router as otpRouter };
Backend/routes/user-route.js 0 → 100644
View file @ 37b12eb1
import { Router } from "express";
import {
authenticateUser,
createNewUser,
faceidChangeStatus,
getUserById,
updateProfile,
usernameNameUpdate,
} from "../controllers/user-controller.js";
import { verifyToken } from "../middleware/auth.js";
const router = Router();
router.post("/signup", async (req, res) => {
let { name, email, password, username } = req.body;
name = name.trim();
email = email.trim();
password = password.trim();
username = username.trim();
try {
if (!(name && email && password)) {
throw Error("Empty Inputs Feilds");
} else if (!/^[a-zA-Z ]*$/.test(name)) {
throw Error("Invalid name enterd");
} else if (!/^[\w-\.]+@([\w-]+\.)+[\w-]{2,4}$/.test(email)) {
throw Error("Invalid email enterd");
} else {
const newUser = await createNewUser({
name,
email,
password,
username,
});
res.status(200).json(newUser);
}
} catch (error) {
res.status(400).json(error.message);
}
});
router.post("/", async (req, res) => {
try {
let { email, password, device, logTime } = req.body;
email = email.trim();
password = password.trim();
if (!(email && password)) {
throw new Error("Empty credentials supplied!"); // Create an Error object
}
const authenticatedUserss = await authenticateUser({
email,
password,
device,
logTime,
});
res.status(200).json(authenticatedUserss);
} catch (error) {
console.log({ error });
res.status(400).json({ error: error.message }); // Send the error message as JSON
}
});
// protected route
router.get("/private_data", verifyToken, (req, res) => {
res
.status(200)
.send("Youre in the private territory of ${req.currentUser.email}");
});
router.post("/isfaceid", async (req, res) => {
try {
const { userid, isFaceid } = req.body;
console.log({ userid, isFaceid });
// Call the faceidChangeStatus function to update the user's isFaceid status
const updatedUser = await faceidChangeStatus({ userid, isFaceid });
console.log({ updatedUser });
// Return the updated user
res.json(updatedUser);
} catch (error) {
// Handle errors appropriately, e.g., send an error response
res.status(500).json({ error });
}
});
router.put("/profile/:userId", async (req, res) => {
const userId = req.params.userId;
const data = req.body;
try {
// Ensure that the user exists
// const existingUser = await User.findById(userId);
// console.log({existingUser})
// if (!existingUser) {
// throw Error("User not found");
// }
// Call the updateProfile function to update the user's profile
const updatedUser = await updateProfile(userId, data);
res.status(200).json(updatedUser);
} catch (error) {
res.status(400).json({ error: error.message });
}
});
router.put("/profileonlyusernameandname/:userId", async (req, res) => {
const userId = req.params.userId;
const data = req.body;
try {
// Ensure that the user exists
// const existingUser = await User.findById(userId);
// console.log({existingUser})
// if (!existingUser) {
// throw Error("User not found");
// }
// Call the updateProfile function to update the user's profile
const updatedUser = await usernameNameUpdate(userId, data);
res.status(200).json(updatedUser);
} catch (error) {
res.status(400).json({ error: error.message });
}
});
router.get("/getuserdetails/:id", async (req, res) => {
try {
const userDetails = await getUserById(req.params.id);
res.status(200).json(userDetails);
} catch (error) {
res.status(400).json({ error: error.message });
}
});
export { router as userRouter };
Backend/server.js 0 → 100644
View file @ 37b12eb1
//import npm packages
import express from "express";
import cors from "cors";
import dotenv from "dotenv";
import ConnectDB from "./db/database.js";
import bodyParser from "body-parser";
import { userRouter } from "./routes/user-route.js";
import { otpRouter } from "./routes/otp-route.js";
import { companyRouter } from "./routes/company-route.js";
//configs
const app = express();
app.use(express.json());
app.use(bodyParser.json())
app.use(cors());
dotenv.config();
//server connection
app.use((err, req, res, next) => {
const errorStatus = err.status || 500;
const errorMessage = err.message || "Somthing went Wrong";
return res.status(errorStatus).json({
success: false,
status: errorStatus,
message: errorMessage,
stack: err.stack,
});
});
//port define
const port = process.env.PORT || 5000;
// port listen
app.listen(port, () => {
console.log(`Example app listening on port ${port}`);
});
app.use('/api/v1/user', userRouter);
app.use('/api/v1/otp', otpRouter);
app.use('/api/v1/company', companyRouter);
ConnectDB();
export default app;
Backend/utils/create-token.js 0 → 100644
View file @ 37b12eb1
import jwt from 'jsonwebtoken'
export const createToken = async (
tokenData,
tokenKey = process.env.TOKEN_KEY,
expiresIn = process.env.TOKEN_EXPIRY
) => {
try {
const token = await jwt.sign(tokenData, tokenKey, {
expiresIn,
});
return token;
} catch (error) {
console.log(error)
}
};
Backend/utils/generateOTP.js 0 → 100644
View file @ 37b12eb1
export const generateOTP = async () => {
try {
console.log("this start")
return (`${Math.floor(1000 + Math.random() * 9000)}`);
} catch (error) {
throw error;
}
};
Backend/utils/hash-data.js 0 → 100644
View file @ 37b12eb1
import bcrypt from "bcrypt";
export const hashData = async (data, saltRounds = 10) => {
try {
const hashData = await bcrypt.hash(data, saltRounds);
console.log({ hashData });
return hashData;
} catch (error) {
throw error;
}
};
export const verifyHashedData = async (unhashed, hashed) => {
try {
const match = await bcrypt.compare(unhashed, hashed);
return match;
} catch (error) {
throw error;
}
};
Backend/utils/sendEmail.js 0 → 100644
View file @ 37b12eb1
import nodemailer from "nodemailer";
const { AUTH_EMAIL, AUTH_PASS } = process.env;
let transporter = nodemailer.createTransport({
//host: "smtp-mail.gmail.com",
service:"Gmail",
auth: {
user: AUTH_EMAIL,
pass: AUTH_PASS,
},
});
// test transporter
transporter.verify((error, success) => {
if (error) {
console.log(error);
} else {
console.log("Ready for messages");
console.log(success);
}
});
export const sendEmail = async (mailOptions) => {
try {
console.log({mailOptions})
await transporter.sendMail(mailOptions);
return;
} catch (error) {
console.log(error);
}
};
CIS confiurations 1/CIS Configurations 1.py deleted 100644 → 0
View file @ 4d435206
from flask import Flask, render_template
# Load CIS benchmark configurations
cis_benchmark = {
'DEBUG': False,
'SESSION_COOKIE_SECURE': True,
'MAX_CONTENT_LENGTH': 1048576
}
app = Flask(__name__)
@app.route('/')
def display_config_comparison():
comparison_results = []
for config_key, config_value in cis_benchmark.items():
if app.config[config_key] != config_value:
result = {
'config_key': config_key,
'current_value': app.config[config_key],
'recommended_value': config_value
}
comparison_results.append(result)
return render_template('config_comparison.html', results=comparison_results)
if __name__ == '__main__':
app.run()
\ No newline at end of file
CIS confiurations 1/templates/config_comparison.html deleted 100644 → 0
View file @ 4d435206
<!DOCTYPE html>
<html>
<head>
<title>Configuration Comparison</title>
</head>
<body>
<h1>Configuration Comparison</h1>
<ul>
{% for result in results %}
<li>
<strong>Configuration Key:</strong> {{ result.config_key }}<br>
<strong>Current Value:</strong> {{ result.current_value }}<br>
<strong>Recommended Value:</strong> {{ result.recommended_value }}<br>
</li>
{% endfor %}
</ul>
</body>
</html>
\ No newline at end of file
Frontend/.gitignore 0 → 100644
View file @ 37b12eb1
# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
# dependencies
/node_modules
/.pnp
.pnp.js
# testing
/coverage
# next.js
/.next/
/out/
# production
/build
# misc
.DS_Store
*.pem
# debug
npm-debug.log*
yarn-debug.log*
yarn-error.log*
# local env files
.env*.local
# vercel
.vercel
# typescript
*.tsbuildinfo
next-env.d.ts
Frontend/README.md 0 → 100644
View file @ 37b12eb1
This is a [Next.js](https://nextjs.org/) project bootstrapped with [`create-next-app`](https://github.com/vercel/next.js/tree/canary/packages/create-next-app).
## Getting Started
First, run the development server:
```bash
npm run dev
# or
yarn dev
# or
pnpm dev
```
Open [http://localhost:3000](http://localhost:3000) with your browser to see the result.
You can start editing the page by modifying `app/page.tsx`. The page auto-updates as you edit the file.
This project uses [`next/font`](https://nextjs.org/docs/basic-features/font-optimization) to automatically optimize and load Inter, a custom Google Font.
## Learn More
To learn more about Next.js, take a look at the following resources:
- [Next.js Documentation](https://nextjs.org/docs) - learn about Next.js features and API.
- [Learn Next.js](https://nextjs.org/learn) - an interactive Next.js tutorial.
You can check out [the Next.js GitHub repository](https://github.com/vercel/next.js/) - your feedback and contributions are welcome!
## Deploy on Vercel
The easiest way to deploy your Next.js app is to use the [Vercel Platform](https://vercel.com/new?utm_medium=default-template&filter=next.js&utm_source=create-next-app&utm_campaign=create-next-app-readme) from the creators of Next.js.
Check out our [Next.js deployment documentation](https://nextjs.org/docs/deployment) for more details.
Frontend/next.config.js 0 → 100644
View file @ 37b12eb1
/** @type {import('next').NextConfig} */
const nextConfig = {
images: {
domains: ["images.unsplash.com", "static.vecteezy.com"],
},
};
module.exports = nextConfig;
Frontend/package-lock.json 0 → 100644
View file @ 37b12eb1
This diff is collapsed.
Frontend/package.json 0 → 100644
View file @ 37b12eb1
{
"name": "my-app",
"version": "0.1.0",
"private": true,
"scripts": {
"dev": "next dev",
"build": "next build",
"start": "next start",
"lint": "next lint"
},
"dependencies": {
"@react-google-maps/api": "^2.19.2",
"@types/node": "20.4.2",
"@types/react": "18.2.15",
"@types/react-dom": "18.2.7",
"@uppy/core": "^3.5.0",
"@uppy/dashboard": "^3.5.2",
"@uppy/drag-drop": "^3.0.3",
"@uppy/file-input": "^3.0.3",
"@uppy/progress-bar": "^3.0.3",
"@uppy/react": "^3.1.3",
"@uppy/webcam": "^3.3.2",
"@uppy/xhr-upload": "^3.4.0",
"autoprefixer": "10.4.14",
"axios": "^1.5.0",
"chart.js": "^4.3.3",
"debug": "^4.3.4",
"faker": "^5.5.3",
"google-map-react": "^2.2.1",
"html2canvas": "^1.4.1",
"lodash": "^4.17.21",
"next": "^13.4.19",
"node-fetch": "^3.3.2",
"postcss": "8.4.26",
"prop-types": "^15.8.1",
"react": "18.2.0",
"react-chartjs-2": "^5.2.0",
"react-dom": "18.2.0",
"react-gauge-chart": "^0.4.1",
"react-media-recorder": "^1.6.6",
"react-no-ssr": "^1.1.0",
"react-record-webcam": "0.0.14",
"react-toastify": "^9.1.3",
"react-video-recorder": "^3.19.4",
"react-webcam": "^7.1.1",
"recordrtc": "^5.6.2",
"styled-components": "^6.0.8",
"supports-color": "^8.1.1",
"tailwindcss": "3.3.3",
"typescript": "5.1.6"
},
"devDependencies": {
"@faker-js/faker": "^8.0.2",
"@types/react-gauge-chart": "^0.4.0",
"@types/react-no-ssr": "^1.1.3",
"@types/react-video-recorder": "^3.19.0"
}
}
Frontend/postcss.config.js 0 → 100644
View file @ 37b12eb1
module.exports = {
plugins: {
tailwindcss: {},
autoprefixer: {},
},
}
Frontend/public/next.svg 0 → 100644
View file @ 37b12eb1
<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 394 80"><path fill="#000" d="M262 0h68.5v12.7h-27.2v66.6h-13.6V12.7H262V0ZM149 0v12.7H94v20.4h44.3v12.6H94v21h55v12.6H80.5V0h68.7zm34.3 0h-17.8l63.8 79.4h17.9l-32-39.7 32-39.6h-17.9l-23 28.6-23-28.6zm18.3 56.7-9-11-27.1 33.7h17.8l18.3-22.7z"/><path fill="#000" d="M81 79.3 17 0H0v79.3h13.6V17l50.2 62.3H81Zm252.6-.4c-1 0-1.8-.4-2.5-1s-1.1-1.6-1.1-2.6.3-1.8 1-2.5 1.6-1 2.6-1 1.8.3 2.5 1a3.4 3.4 0 0 1 .6 4.3 3.7 3.7 0 0 1-3 1.8zm23.2-33.5h6v23.3c0 2.1-.4 4-1.3 5.5a9.1 9.1 0 0 1-3.8 3.5c-1.6.8-3.5 1.3-5.7 1.3-2 0-3.7-.4-5.3-1s-2.8-1.8-3.7-3.2c-.9-1.3-1.4-3-1.4-5h6c.1.8.3 1.6.7 2.2s1 1.2 1.6 1.5c.7.4 1.5.5 2.4.5 1 0 1.8-.2 2.4-.6a4 4 0 0 0 1.6-1.8c.3-.8.5-1.8.5-3V45.5zm30.9 9.1a4.4 4.4 0 0 0-2-3.3 7.5 7.5 0 0 0-4.3-1.1c-1.3 0-2.4.2-3.3.5-.9.4-1.6 1-2 1.6a3.5 3.5 0 0 0-.3 4c.3.5.7.9 1.3 1.2l1.8 1 2 .5 3.2.8c1.3.3 2.5.7 3.7 1.2a13 13 0 0 1 3.2 1.8 8.1 8.1 0 0 1 3 6.5c0 2-.5 3.7-1.5 5.1a10 10 0 0 1-4.4 3.5c-1.8.8-4.1 1.2-6.8 1.2-2.6 0-4.9-.4-6.8-1.2-2-.8-3.4-2-4.5-3.5a10 10 0 0 1-1.7-5.6h6a5 5 0 0 0 3.5 4.6c1 .4 2.2.6 3.4.6 1.3 0 2.5-.2 3.5-.6 1-.4 1.8-1 2.4-1.7a4 4 0 0 0 .8-2.4c0-.9-.2-1.6-.7-2.2a11 11 0 0 0-2.1-1.4l-3.2-1-3.8-1c-2.8-.7-5-1.7-6.6-3.2a7.2 7.2 0 0 1-2.4-5.7 8 8 0 0 1 1.7-5 10 10 0 0 1 4.3-3.5c2-.8 4-1.2 6.4-1.2 2.3 0 4.4.4 6.2 1.2 1.8.8 3.2 2 4.3 3.4 1 1.4 1.5 3 1.5 5h-5.8z"/></svg>
\ No newline at end of file
Frontend/public/vercel.svg 0 → 100644
View file @ 37b12eb1
<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 283 64"><path fill="black" d="M141 16c-11 0-19 7-19 18s9 18 20 18c7 0 13-3 16-7l-7-5c-2 3-6 4-9 4-5 0-9-3-10-7h28v-3c0-11-8-18-19-18zm-9 15c1-4 4-7 9-7s8 3 9 7h-18zm117-15c-11 0-19 7-19 18s9 18 20 18c6 0 12-3 16-7l-8-5c-2 3-5 4-8 4-5 0-9-3-11-7h28l1-3c0-11-8-18-19-18zm-10 15c2-4 5-7 10-7s8 3 9 7h-19zm-39 3c0 6 4 10 10 10 4 0 7-2 9-5l8 5c-3 5-9 8-17 8-11 0-19-7-19-18s8-18 19-18c8 0 14 3 17 8l-8 5c-2-3-5-5-9-5-6 0-10 4-10 10zm83-29v46h-9V5h9zM37 0l37 64H0L37 0zm92 5-27 48L74 5h10l18 30 17-30h10zm59 12v10l-3-1c-6 0-10 4-10 10v15h-9V17h9v9c0-5 6-9 13-9z"/></svg>
\ No newline at end of file
Frontend/src/app/Context/store.tsx 0 → 100644
View file @ 37b12eb1
"use client";
import {
createContext,
useContext,
Dispatch,
SetStateAction,
useState,
ReactNode,
} from "react";
interface TechData {
value: string;
frontend: string;
backend: string;
database: string;
application: string;
others: string;
webAppType: string;
[key: string]: string; // Index signature for any string key
}
interface QuizResults {
expectedAnswer: string;
marks: number;
question: string;
recommendation: string;
status: string;
userAnswer: string;
}
interface ContextProps {
name: string;
setName: Dispatch<SetStateAction<string>>;
username: string;
setUsername: Dispatch<SetStateAction<string>>;
email: string;
setEmail: Dispatch<SetStateAction<string>>;
password: string;
setPassword: Dispatch<SetStateAction<string>>;
terms: boolean;
setTerms: Dispatch<SetStateAction<boolean>>;
techData: TechData;
setTechData: (newTechData: TechData) => void;
quizResults: QuizResults[];
setQuizResults: Dispatch<SetStateAction<QuizResults[]>>;
activeItem: string;
setActiveItem: Dispatch<SetStateAction<string>>;
netdata: any[];
setNetData: React.Dispatch<React.SetStateAction<any[]>>;
}
const GlobalContext = createContext<ContextProps>({
name: "",
setName: (): string => "",
username: "",
setUsername: (): string => "",
email: "",
setEmail: (): string => "",
password: "",
setPassword: (): string => "",
terms: false,
setTerms: (): boolean => false,
techData: {
value: "",
frontend: "",
backend: "",
database: "",
application: "",
others: "",
webAppType: "",
},
setTechData: (newTechData: TechData) => {},
quizResults: [],
setQuizResults: (): QuizResults[] => [],
activeItem: "",
setActiveItem: (): string => "",
netdata: [],
setNetData: () => {},
});
export const GlobalContextProvider = ({
children,
}: {
children: ReactNode;
}) => {
const [name, setName] = useState("");
const [username, setUsername] = useState("");
const [email, setEmail] = useState("");
const [password, setPassword] = useState("");
const [terms, setTerms] = useState(false);
const [techData, setTechData] = useState<TechData>({
value: "",
frontend: "",
backend: "",
database: "",
application: "",
others: "",
webAppType: "",
});
const [activeItem, setActiveItem] = useState("");
const [quizResults, setQuizResults] = useState<QuizResults[]>([]);
const [netdata, setNetData] = useState<any[]>([]);
return (
<GlobalContext.Provider
value={{
name,
setName,
username,
setUsername,
email,
setEmail,
password,
setPassword,
terms,
setTerms,
techData,
setTechData,
quizResults,
setQuizResults,
activeItem,
setActiveItem,
netdata,
setNetData,
}}
>
{children}
</GlobalContext.Provider>
);
};
export const useGlobalContext = () => useContext(GlobalContext);
Frontend/src/app/api/getCve.ts 0 → 100644
View file @ 37b12eb1
import { NextApiRequest, NextApiResponse } from 'next';
import fetch from 'node-fetch';
export default async (req: NextApiRequest, res: NextApiResponse) => {
const { tech } = req.query;
const url = `https://api.cvesearch.com/search?q=${tech}`;
const response = await fetch(url);
const data = await response.json();
res.status(response.status).json(data);
};
Frontend/src/app/dashboard/components/navbar/page.tsx 0 → 100644
View file @ 37b12eb1
import Image from "next/image";
export default function Navbar() {
return (
<div className="flex flex-col sm:flex-row w-full mb-5">
{/* Logo */}
<div className="flex flex-grow justify-center items-center sm:justify-start">
<Image
src="/images/customerOnboarding/webguardin-logo.png"
width={250}
height={150}
alt="logo"
/>
</div>
</div>
);
}
Frontend/src/app/dashboard/components/navigation/page.tsx 0 → 100644
View file @ 37b12eb1
"use client";
import { useGlobalContext } from "@/app/Context/store";
import axios from "axios";
import Image from "next/image";
import { useRouter } from "next/navigation";
import { useEffect, useState } from "react";
export default function Navigation() {
const router = useRouter();
const [appStatus, setAppStatus] = useState("");
const [loadingStatus, setLoadingStatus] = useState(true);
const { activeItem, setActiveItem } = useGlobalContext();
useEffect(() => {
handleLogout();
handleAppStatus();
}, []);
const handleAppStatus = async () => {
const response = await axios.get("http://localhost:8000/net-work-status", {
params: {
enter_addr: localStorage.getItem("ipAddress"),
},
headers: {
accept: "application/json",
},
});
setLoadingStatus(false);
setAppStatus(response.data.hosts[0][1]);
console.log(response.data.hosts[0][1]);
};
// check if the user is logged in or not using local storage
const handleLogout = () => {
if (localStorage.getItem("userid") === null) {
router.push("/auth/login");
} else {
null;
}
};
// Function to conditionally render the active item
if (activeItem === "vulnerability") {
router.push("/dashboard/vulnerability");
} else if (activeItem === "risk") {
router.push("/dashboard/risk");
} else if (activeItem === "tools") {
router.push("/dashboard/tools");
} else if (activeItem === "profile") {
router.push("/dashboard/profile");
}
return (
<div className="flex flex-col sm:flex-row w-full mb-10">
{/* Logo */}
<div className="flex flex-grow justify-center items-center sm:justify-start pr-10">
<Image
src="/images/customerOnboarding/webguardin-logo.png"
width={250}
height={150}
alt="logo"
className="ml-10"
/>
{loadingStatus ? (
// loaading animation
<div className="flex flex-row justify-center items-center ml-10">
<div className="animate-spin rounded-full h-10 w-10 border-t-2 border-b-2 border-purple-500"></div>
</div>
) : (
// app status
<div className="flex flex-row justify-center items-center ml-10">
<p className="text-sm sm:text-2xl font-semibold text-[#B200B6]">
App Status :{" "}
</p>
{/* app status with emoji */}
{appStatus === "up" ? (
<p className="text-sm sm:text-2xl font-semibold text-[#00FF00]">
{" "}
UP ⬆️
</p>
) : (
<p className="text-sm sm:text-2xl font-semibold text-[#FF0000]">
{" "}
DOWN ⬇️
</p>
)}
</div>
)}
</div>
{/* Navigation items */}
<div className="flex flex-row justify-center align-middle items-center px-5 sm:px-10 bg-[#FEDDFF] rounded-lg sm:rounded-bl-3xl">
{/* Vulnerability Dashboard item */}
<p
onClick={() => setActiveItem("vulnerability")}
className={`mr-10 font-semibold text-sm sm:text-2xl ${
activeItem === "vulnerability" ? "text-[#ee39f1]" : "text-[#B200B6]"
} hover:text-[#db33de] cursor-pointer`}
>
VULNERABILITY
</p>
{/* Risk Dashboard item */}
<p
onClick={() => setActiveItem("risk")}
className={`mr-10 font-semibold text-sm sm:text-2xl ${
activeItem === "risk" ? "text-[#ee39f1]" : "text-[#B200B6]"
} hover:text-[#db33de] cursor-pointer`}
>
RISK
</p>
{/* Tools */}
<p
onClick={() => setActiveItem("tools")}
className={`mr-10 font-semibold text-sm sm:text-2xl ${
activeItem === "tools" ? "text-[#ee39f1]" : "text-[#B200B6]"
} hover:text-[#db33de] cursor-pointer`}
>
TOOLS
</p>
{/* Profile item */}
<p
onClick={() => setActiveItem("profile")}
className={`mr-10 font-semibold text-sm sm:text-2xl ${
activeItem === "profile" ? "text-[#ee39f1]" : "text-[#B200B6]"
} hover:text-[#db33de] cursor-pointer`}
>
PROFILE
</p>
</div>
</div>
);
}
Frontend/src/app/dashboard/page.tsx 0 → 100644
View file @ 37b12eb1
"use client";
import { useRouter } from "next/navigation";
import { useEffect } from "react";
import Navigation from "./components/navigation/page";
export default function Dashboard() {
const router = useRouter();
useEffect(() => {
router.push("/dashboard/vulnerability");
}, [])
return (
<div>
{/* Navigation bar */}
{/* Render the active dashboard item */}
{/* <SetRender /> */}
</div>
);
}
Frontend/src/app/dashboard/tools/auto/page.tsx 0 → 100644
View file @ 37b12eb1
This diff is collapsed.
Frontend/src/app/dashboard/tools/backup.tsx 0 → 100644
View file @ 37b12eb1
This diff is collapsed.
Frontend/src/app/dashboard/tools/manual/page.tsx 0 → 100644
View file @ 37b12eb1
This diff is collapsed.
Frontend/src/app/dashboard/tools/manual/result/page.tsx 0 → 100644
View file @ 37b12eb1
This diff is collapsed.
Frontend/src/app/dashboard/tools/page.tsx 0 → 100644
View file @ 37b12eb1
This diff is collapsed.
Frontend/src/app/dashboard/tools/rasp/page.tsx 0 → 100644
View file @ 37b12eb1
import Image from "next/image";
import Navbar from "../../components/navbar/page";
import Link from "next/link";
export default function Rasp() {
return (
<div className="m-10">
<Navbar />
<div className="flex flex-row mb-5">
<Link href={"http://localhost:3000/dashboard/"}><p className="text-[#B200B6]"> Home </p></Link>
<p>{` / Rasp Engine`}</p>
</div>
<h1 className="px-10 py-2 mb-5 text-xl font-semibold bg-[#1d63ed] text-white rounded-full w-fit">
RASP ENGINE
</h1>
<div className="grid grid-cols-2 gap-10">
{/* col 1 */}
<div className="flex-flex-col">
<div className="bg-[#1d63ed] rounded-xl pb-5">
<h1 className="px-10 py-2 text- font-semibold text-white mb-3 pt-5">
Instructions to Integrate
</h1>
<p className="px-10 py-2 text-white">
Step 1: Set Up OpenRASP Docker Container
</p>
<p className="px-10 py-2 text-white">
Step 2: Access the OpenRASP Dashboard
</p>
<p className="px-10 py-2 text-white">
Step 3: Configure Your Web Application
</p>
<p className="px-10 py-2 text-white">
Step 4: Integrate OpenRASP with Your Web Application
</p>
<p className="px-10 py-2 text-white">
Step 5: Monitor and Configure Alerts
</p>
<button className="bg-[#ffffff] hover:bg-[#e4e4e4] text-[#1d63ed] font-semibold ml-10 mt-5 mb-5 rounded-full px-4 py-2">
Read Full Instructions PDF
</button>
</div>
</div>
{/* col 2 */}
<div className="flex flex-col gap-5">
<div className="bg-[#1d63ed] rounded-xl pb-5 w-fit">
<h1 className="px-10 py-2 text- font-semibold text-white mb-3 pt-5">
DOCKER Link
</h1>
<div className="flex flex-row mx-10 gap-10">
<Image
src="/images/tools/docker/docker.png"
alt="use img"
height={120}
width={120}
/>
<button className="bg-[#ffffff] hover:bg-[#e4e4e4] font-semibold text-[#1d63ed] rounded-full px-4 py-2 h-fit">
Click Here to Download
</button>
</div>
</div>
{/* left 2 box*/}
<div className="bg-[#1d63ed] rounded-xl pb-5">
<h1 className="px-10 py-2 text- font-semibold text-white mb-3 pt-5">
Video Tutorial
</h1>
<p className="px-10 py-2 text-white">
This video tutorial will help you to integrate RASP engine into
your web application
</p>
<button className="bg-[#ffffff] hover:bg-[#e4e4e4] font-semibold ml-10 mt-2 text-[#1d63ed] rounded-full px-4 py-2 h-fit">
Watch the Video
</button>
</div>
</div>
</div>
</div>
);
}
Frontend/src/app/globals.css 0 → 100644
View file @ 37b12eb1
@tailwind base;
@tailwind components;
@tailwind utilities;
Frontend/src/app/layout.tsx 0 → 100644
View file @ 37b12eb1
import "./globals.css";
import type { Metadata } from "next";
import { Inter } from "next/font/google";
import { GlobalContextProvider } from "./Context/store";
const inter = Inter({ subsets: ["latin"] });
export const metadata: Metadata = {
title: "Webguardian",
description: "Generated by Webguardian",
};
export default function RootLayout({
children,
}: {
children: React.ReactNode;
}) {
return (
<html lang="en">
<body className={inter.className}>
<GlobalContextProvider>{children}</GlobalContextProvider>
</body>
</html>
);
}
Frontend/src/app/page.tsx 0 → 100644
View file @ 37b12eb1
import Login from "./auth/login/page";
import BasicInfo from "./customerOnboarding/basicInfo/page";
export default function Page() {
return (
<div>
<Login />
</div>
);
}
Frontend/tailwind.config.js 0 → 100644
View file @ 37b12eb1
/** @type {import('tailwindcss').Config} */
module.exports = {
content: [
'./src/pages/**/*.{js,ts,jsx,tsx,mdx}',
'./src/components/**/*.{js,ts,jsx,tsx,mdx}',
'./src/app/**/*.{js,ts,jsx,tsx,mdx}',
],
theme: {
extend: {
backgroundImage: {
'gradient-radial': 'radial-gradient(var(--tw-gradient-stops))',
'gradient-conic':
'conic-gradient(from 180deg at 50% 50%, var(--tw-gradient-stops))',
},
},
},
plugins: [],
}
Frontend/tsconfig.json 0 → 100644
View file @ 37b12eb1
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment