Skip to content

anshu787/hacknova_ps

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

13 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

HACKNOVA Hackathon β€” CyberGuard

AI-Assisted Cybersecurity Hub

CyberGuard is a next-generation, AI-driven cybersecurity platform designed to automate vulnerability assessment, threat intelligence, and attack surface management. Built for the HACKNOVA Hackathon, it combines industry-standard security tools with advanced Large Language Models (LLMs) to provide a "graph-first" view of organizational security.


πŸš€ Key Features

1. πŸ“Š Centralized Security Dashboard

The command center provides a unified view of the security posture.

  • Tech: React + Custom CSS (Glassmorphism).
  • Function: Real-time aggregation of scan statuses and risk scores.

![Dashboard Screenshot](image

)

2. πŸš€ Launch Scan & Background Processing

Configure Nmap and Acunetix DAST scans with real-time feedback.

  • Background Orchestration: Uses Celery with Redis as a message broker. This ensures that long-running scans (like the Nmap deep port scan) do not block the API.
  • Real-time Logging: WebSockets stream live stdout from the scanners directly to the UI, giving analysts immediate visibility into the scan progress.

Launch Scan Screenshot

2. 🧠 LLM Scanner (AI-Security)

Securing the intelligence itself. Uses Garak and specialized probes to test Large Language Models for jailbreaks, prompt injections, and data leakage.

![LLM Scanner Screenshot](image

)

5. πŸ”Ž CVE Lookup & NVD Integration

Real-time vulnerability research at your fingertips.

  • API: Directly integrates with the NIST NVD API.
  • Data: Fetches CVSS v3.1 scores, vector strings, and Exploit-DB references.
  • Knowledge Base: Queries are enriched via the backend to provide better context than a raw NVD search.

![CVE Lookup Screenshot](image

)

3. πŸ“‹ Scan Results & Normalization

Consolidated view of all findings across multiple scanners.

  • Vulnerability Normalizer: A custom Python engine that maps raw Nmap scripts and Acunetix JSON reports into a unified schema.
  • MITRE ATT&CK Mapping: Every finding is automatically tagged with its corresponding MITRE Tactic and Technique, providing a standard framework for mitigation.

Scan Results Screenshot

3. 🌎 Global Threat Intelligence

Continuous monitoring of NVD, MITRE, and Rapid7 feeds. Automatically correlates global CVE data with your specific assets to provide actionable alerts.

![Global Threat Intelligence Screenshot](image

)

4. 🌍 Attack Surface Management (Recon)

Deep reconnaissance mapping of subdomains, open ports, and running services. Provides a "hacker’s eye view" of the entire infrastructure.

![Attack Surface Management Screenshot](image

5. πŸ•΅οΈβ€β™‚οΈ Credential Leak Monitoring

Proactive monitoring of dark web and public data dumps to identify exposed corporate credentials before they are exploited.

![Crednetial Leak Monitoring Screenshot](image

)

6. πŸ“± Mobile Security Analysis

Deep static and dynamic analysis (SAST/DAST) of APK/IPA files using MobSF integration, looking for hardcoded secrets and insecure coding patterns.

![Mobile Security Analysis Screenshot](image

)

7. πŸ•ΈοΈ Attack Graph Visualization

Goes beyond flat lists. Visualizes potential attack paths from an external attacker to your most sensitive assets, helping prioritize remediation where it matters most.

![Attack Graph Screenshot](image

7. πŸ“„ Comprehensive Reporting

Executive and technical PDF reports.

  • Engine: Fast, automated generation using ReportLab.
  • Content: Includes executive summaries, detailed finding lists, and remediation steps generated by AI based on the scan context.

Reports Screenshot Sample Reports Screenshot

8. πŸ’¬ AI Chat & RAG Assistant

A context-aware security expert assistant powered by Retrieval-Augmented Generation (RAG). It has access to your specific report data and technical documentation to provide step-by-step remediation guidance.

![Attack Graph Screenshot](image

)

8. βš™οΈ Task Monitor

Enterprise-grade task management.

  • Persistence: MongoDB stores every task state (Pending, Running, Completed, Failed).
  • Orchestration: Seamlessly manage hundreds of concurrent scans across distributed workers.

![Task Monitor Screenshot](image

)


πŸ›  Tech Stack

Frontend

  • React (Vite): High-performance modern web framework.
  • Vanilla CSS: Premium "Glassmorphism" UI design for a professional, dark-themed experience.
  • D3.js: Interactive force-directed graphs for attack path visualization.
  • React Router: Seamless client-side navigation.

Backend

  • FastAPI: High-performance, asynchronous Python web framework.
  • Motor / MongoDB: Flexible, async document storage for scan results and user data.
  • Celery / Redis: Distributed task queue for long-running security scans (Nmap, MobSF, etc.).
  • Neo4j: Graph database for storing and querying complex attack relationships.

AI Engine

  • Ollama / OpenAI: Inference engines for Large Language Models.
  • ChromaDB: Vector database for RAG (Retrieval-Augmented Generation).
  • Sentence-Transformers: Text embeddings for matching threats to documentation.

πŸ— System Architecture

graph TD
    subgraph Client
        UI[React Frontend]
        D3[D3.js Visualization]
    end

    subgraph API_Gateway
        APP[FastAPI Server]
        WSS[WebSocket Manager]
    end

    subgraph Data_Layer
        DB[(MongoDB)]
        GDB[(Neo4j)]
        VDB[(ChromaDB)]
    end

    subgraph Task_Processing
        REDIS[Redis Broker]
        CELERY[Celery Workers]
    end

    subgraph Security_Tools
        Network[Nmap Scanner]
        Mobile[MobSF Analyzer]
        GARAK[Garak LLM Probe]
        Web[Webs DAST]
    end

    subgraph AI_Core
        LLM[Ollama / OpenAI]
        EMB[Embedding Engine]
    end

    UI <--> APP
    APP <--> DB
    APP <--> GDB
    APP <--> REDIS
    REDIS <--> CELERY
    CELERY <--> NMAP
    CELERY <--> MOBSF
    APP <--> VDB
    VDB <--> EMB
    EMB <--> LLM
    APP <--> WSS
Loading

πŸ”§ Installation & Setup

  1. Clone the repository:

    git clone https://github.com/anshu787/hacknova_ps.git
    cd hacknova_ps
  2. Backend Setup:

    cd backend
    pip install -r requirements.txt
    uvicorn main:app --reload --port 8000
  3. Frontend Setup:

    cd frontend
    npm install
    npm run dev
  4. Environment Variables: Copy .env.example to .env and configure your MongoDB, Redis, and LLM endpoints.


πŸ† HACKNOVA Hackathon Submission

Created with ❀️ for the HACKNOVA Hackathon. CyberGuard represents the future of AI-driven cybersecurity orchestration.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors