CyberGuard is a next-generation, AI-driven cybersecurity platform designed to automate vulnerability assessment, threat intelligence, and attack surface management. Built for the HACKNOVA Hackathon, it combines industry-standard security tools with advanced Large Language Models (LLMs) to provide a "graph-first" view of organizational security.
The command center provides a unified view of the security posture.
- Tech: React + Custom CSS (Glassmorphism).
- Function: Real-time aggregation of scan statuses and risk scores.
)
Configure Nmap and Acunetix DAST scans with real-time feedback.
- Background Orchestration: Uses Celery with Redis as a message broker. This ensures that long-running scans (like the Nmap deep port scan) do not block the API.
- Real-time Logging: WebSockets stream live stdout from the scanners directly to the UI, giving analysts immediate visibility into the scan progress.
Securing the intelligence itself. Uses Garak and specialized probes to test Large Language Models for jailbreaks, prompt injections, and data leakage.
)
Real-time vulnerability research at your fingertips.
- API: Directly integrates with the NIST NVD API.
- Data: Fetches CVSS v3.1 scores, vector strings, and Exploit-DB references.
- Knowledge Base: Queries are enriched via the backend to provide better context than a raw NVD search.
)
Consolidated view of all findings across multiple scanners.
- Vulnerability Normalizer: A custom Python engine that maps raw Nmap scripts and Acunetix JSON reports into a unified schema.
- MITRE ATT&CK Mapping: Every finding is automatically tagged with its corresponding MITRE Tactic and Technique, providing a standard framework for mitigation.
Continuous monitoring of NVD, MITRE, and Rapid7 feeds. Automatically correlates global CVE data with your specific assets to provide actionable alerts.
)
Deep reconnaissance mapping of subdomains, open ports, and running services. Provides a "hackerβs eye view" of the entire infrastructure.
Proactive monitoring of dark web and public data dumps to identify exposed corporate credentials before they are exploited.
)
Deep static and dynamic analysis (SAST/DAST) of APK/IPA files using MobSF integration, looking for hardcoded secrets and insecure coding patterns.
)
Goes beyond flat lists. Visualizes potential attack paths from an external attacker to your most sensitive assets, helping prioritize remediation where it matters most.
Executive and technical PDF reports.
- Engine: Fast, automated generation using ReportLab.
- Content: Includes executive summaries, detailed finding lists, and remediation steps generated by AI based on the scan context.
A context-aware security expert assistant powered by Retrieval-Augmented Generation (RAG). It has access to your specific report data and technical documentation to provide step-by-step remediation guidance.
)
Enterprise-grade task management.
- Persistence: MongoDB stores every task state (Pending, Running, Completed, Failed).
- Orchestration: Seamlessly manage hundreds of concurrent scans across distributed workers.
)
- React (Vite): High-performance modern web framework.
- Vanilla CSS: Premium "Glassmorphism" UI design for a professional, dark-themed experience.
- D3.js: Interactive force-directed graphs for attack path visualization.
- React Router: Seamless client-side navigation.
- FastAPI: High-performance, asynchronous Python web framework.
- Motor / MongoDB: Flexible, async document storage for scan results and user data.
- Celery / Redis: Distributed task queue for long-running security scans (Nmap, MobSF, etc.).
- Neo4j: Graph database for storing and querying complex attack relationships.
- Ollama / OpenAI: Inference engines for Large Language Models.
- ChromaDB: Vector database for RAG (Retrieval-Augmented Generation).
- Sentence-Transformers: Text embeddings for matching threats to documentation.
graph TD
subgraph Client
UI[React Frontend]
D3[D3.js Visualization]
end
subgraph API_Gateway
APP[FastAPI Server]
WSS[WebSocket Manager]
end
subgraph Data_Layer
DB[(MongoDB)]
GDB[(Neo4j)]
VDB[(ChromaDB)]
end
subgraph Task_Processing
REDIS[Redis Broker]
CELERY[Celery Workers]
end
subgraph Security_Tools
Network[Nmap Scanner]
Mobile[MobSF Analyzer]
GARAK[Garak LLM Probe]
Web[Webs DAST]
end
subgraph AI_Core
LLM[Ollama / OpenAI]
EMB[Embedding Engine]
end
UI <--> APP
APP <--> DB
APP <--> GDB
APP <--> REDIS
REDIS <--> CELERY
CELERY <--> NMAP
CELERY <--> MOBSF
APP <--> VDB
VDB <--> EMB
EMB <--> LLM
APP <--> WSS
-
Clone the repository:
git clone https://github.com/anshu787/hacknova_ps.git cd hacknova_ps -
Backend Setup:
cd backend pip install -r requirements.txt uvicorn main:app --reload --port 8000 -
Frontend Setup:
cd frontend npm install npm run dev -
Environment Variables: Copy
.env.exampleto.envand configure your MongoDB, Redis, and LLM endpoints.
Created with β€οΈ for the HACKNOVA Hackathon. CyberGuard represents the future of AI-driven cybersecurity orchestration.









