Comprehensive vulnerability analysis for modern applications
|
|
|
|
FastAPI (Python) → High-performance async API
MongoDB + Motor → Async database with scalability
Groq AI (Llama 3.3) → Ultra-fast vulnerability detection
ReportLab → Professional PDF reports
JWT Authentication → Secure API access
React 19 → Modern, fast UI framework
Radix UI + shadcn/ui → Accessible component library
Tailwind CSS → Utility-first styling
React Router → Client-side routing
Axios → Promise-based HTTP client
CRACO → Custom CRA configuration
✓ Python 3.8+
✓ Node.js 16+
✓ MongoDB (local or cloud)
✓ Groq API Key# 1. Navigate to backend directory
cd backend
# 2. Install dependencies
pip install -r requirements.txt
# 3. Configure environment variables
cp .env.example .env
# Edit .env and add your Groq API key
# 4. Start the server
python -m uvicorn server:app --reload --port 8000# 1. Navigate to frontend directory
cd frontend
# 2. Install dependencies
npm install
# 3. Configure environment variables
cp .env.example .env
# Edit .env if needed (default: http://localhost:8000)
# 4. Start the development server
npm startApplication URLs:
- Frontend:
http://localhost:3000 - Backend API:
http://localhost:8000 - API Docs:
http://localhost:8000/docs
MONGO_URL="mongodb://localhost:27017"
DB_NAME="vuln_database"
CORS_ORIGINS="*"
GROQ_API_KEY=your_groq_api_key_here # Get from https://console.groq.com/keysREACT_APP_BACKEND_URL=http://localhost:8000
WDS_SOCKET_PORT=443
ENABLE_HEALTH_CHECK=false| Method | Endpoint | Description |
|---|---|---|
GET |
/api/ |
Health check |
POST |
/api/audit |
Audit a code snippet |
POST |
/api/audit-repo |
Audit a GitHub repository or uploaded file |
POST |
/api/generate-report |
Generate PDF security report |
curl -X POST "http://localhost:8000/api/audit" \
-H "Content-Type: application/json" \
-d '{
"code_snippet": "import os; password = \"hardcoded123\"",
"language": "python"
}'graph LR
A[User Input] --> B{Input Type}
B -->|Code Snippet| C[FastAPI Backend]
B -->|GitHub URL| D[GitHub API]
B -->|File Upload| C
D --> C
C --> E[Gemini AI Analysis]
E --> F[CWE Classification]
F --> G[Financial Impact Calc]
G --> H[MongoDB Storage]
H --> I[React Dashboard]
I --> J[PDF Report]
✓ Deterministic severity scoring based on CWE mapping
✓ Evidence-based vulnerability detection
✓ No speculative or hypothetical issues
✓ Automatic deduplication of findings
✓ Fix Costs: Developer hours × ₹2,500/hr
✓ Downtime: Revenue loss @ ₹50,000/hr
✓ Legal Fines: DPDP Act 2023 penalties
✓ Reputation: Customer churn impact
✓ Clean, modern UI with dark mode support
✓ Real-time vulnerability categorization
✓ Interactive charts and analytics
✓ Responsive design for all devices
cd backend
pip install -r requirements.txt
python -m uvicorn server:app --host 0.0.0.0 --port 8000cd frontend
npm run build
# Serve the build directory with nginx, apache, or any web serverThe project includes:
- Custom emergentintegrations wrapper for AI integration
- Hot-reload for both frontend and backend
- Comprehensive error handling
- Async/await patterns throughout
- Type hints and validation with Pydantic
| CWE | Severity | Fix Time | Examples |
|---|---|---|---|
| CWE-89, CWE-79, CWE-78 | Critical | 24h | SQL Injection, XSS, Command Injection |
| CWE-601, CWE-352, CWE-918 | High | 8h | Open Redirect, CSRF, SSRF |
| CWE-532, CWE-200, CWE-327 | Medium | 4h | Log Exposure, Info Leak, Weak Crypto |
| CWE-676, CWE-732 | Low | 1h | Dangerous Functions, Permissions |
This project is proprietary software.
This is a private project. For questions or issues, please contact the development team.
- IBM Cost of Data Breach Report 2024 - Financial impact data
- DPDP Act 2023 - Compliance fine estimates
- Groq AI - Ultra-fast LLM inference with Llama 3.3
- shadcn/ui - Beautiful UI components
Built with ❤️ using FastAPI, React, and Groq AI