Spyder is a full-stack cyber security web application with AI-assisted analysis, malware scanning, threat intelligence lookups, NSFW image moderation, and user authentication.
This repository contains:
- A React + Vite frontend in
Frontend/ - A Node.js + Express backend in
Backend/
- Frontend Application: https://spyder-frontend.onrender.com/
- Backend API: https://spyder-backend.onrender.com
- AI chat assistant for security-related guidance
- File scanning using VirusTotal
- Threat intelligence scans for IP, domain, URL, and file hash
- NSFW image moderation endpoint
- Authentication with JWT (signup, login, protected routes)
- User settings update support (name, username, password)
- Light and dark UI theme support
Frontend:
- React 18
- Vite
- Tailwind CSS
- NextUI
- React Router
- Axios
Backend:
- Node.js
- Express
- MongoDB + Mongoose
- JWT + bcrypt
- Multer
- Axios
External services:
- Groq API (chat analysis)
- VirusTotal API (file + IOC threat intelligence)
Spyder/
Backend/
config/
middleware/
models/
routes/
utils/
index.js
fileScan.js
threatIntel.js
.env.example
Frontend/
src/
Components/
Contexts/
Layouts/
Pages/
index.html
vite.config.js
README.md
- Node.js 18+ recommended
- npm
- MongoDB database URI
- Groq API key
- VirusTotal API key
-
Clone the repository.
-
Install backend dependencies:
cd Backend
npm install- Install frontend dependencies:
cd ../Frontend
npm install- Create backend environment file:
cd ../Backend
copy .env.example .env-
Fill required values in
Backend/.env. -
Start backend server:
npm start- In a new terminal, start frontend dev server:
cd Frontend
npm run devDefault local URLs:
- Frontend: http://localhost:5173
- Backend: http://localhost:3000
Use Backend/.env.example as the source of truth.
This project is configured for easy deployment on Render using the included render.yaml Blueprint.
- Push your code to a Git repository.
- In Render, create a new Blueprint and connect your repository.
- Render will automatically detect the frontend and backend services.
- Fill in the requested secret environment variables (e.g., MongoDB URI, API keys).
- Ensure you update
BACKEND_BASE_URLandVITE_API_BASE_URLonce the URLs are generated.
Backend (Backend/package.json):
npm start- run API server
Frontend (Frontend/package.json):
npm run dev- start Vite dev servernpm run build- production buildnpm run preview- preview production buildnpm run lint- run ESLint
Authentication:
POST /api/auth/signupPOST /api/auth/loginGET /api/auth/mePUT /api/auth/settings(update name, username, password)POST /api/auth/logout
Chat:
POST /api/chat/historyGET /api/chat/historyGET /api/chat/conversationsDELETE /api/chat/history/:idPOST /api/chat/tracking
Threat intelligence:
POST /intel/scanPOST /intel/filePOST /intel/bulkPOST /intel/share
Other endpoints:
POST /scanFile(file scan + AI analysis)POST /groqChatPOST /geminiChatPOST /api/nsfw/*(NSFW routes)
For protected routes, send:
Authorization: Bearer <token>Before pushing:
- Ensure
Backend/.envis not committed - Ensure API keys/secrets are not in code or commit history
- Run frontend lint/build
- Verify login, signup, settings update, and logout flows
Suggested commands:
cd Frontend
npm run lint
npm run build