CYBERAUDIT is a production-quality, interactive cybersecurity educational platform, CLI auditor, and desktop application. It simulates website reconnaissance, security misconfiguration scanning, database vulnerability assessments, and cascading exploit chains within isolated laboratory environments.
Important
EDUCATIONAL USE ONLY: This software is designed exclusively for educational courses, authorized defensive security workshops, and local sandbox auditing. Performing unauthorized scanning, credential exfiltration testing, or service disruptions against public production systems is illegal under national computer fraud acts and is subject to severe criminal prosecution.
- ⭐ Star the Repo to show support
- 🍴 Fork the Project to build your own modules
- 👀 Watch for Updates to get notifications on active releases
- Project Motivation
- Key Features
- Architecture Overview
- Screenshots
- Requirements & Prerequisites
- Installation & Build Guide
- Running the Application
- Desktop Application Overview
- Project Structure
- Technologies Used
- Security Considerations
- Roadmap
- Contributing
- License
- Maintenance Notice
Modern software developers, system engineers, and network administrators often face high "security debt" without understanding how vulnerabilities chain together. Traditional security scanners produce long, dry PDFs that fail to explain the operational impact of vulnerabilities.
CYBERAUDIT aims to bridge this gap. By combining a high-fidelity command-line auditor with a gorgeous, modern desktop interface, it visually demonstrates the "Kill Chain" — showing how minor flaws (such as committing a .env file or leaving a SQL parameter unparameterized) lead directly to database exfiltration, lateral network pivoting, cloud infrastructure compromises, and volumetric DDoS extortion.
- Simulated Reconnaissance Engine: Crawls directories, mines metadata, and checks domain profiles for exposed secrets (like AWS keys, API credentials) and misconfigured
.gitsetups. - Vulnerability Analysis Matrix: Simulates checks for SQL Injection, deprecated cryptographic schemes (such as MD5/SHA1), out-of-date system banners, and unprotected administrative control panels.
- Interactive Exploit Kill Chain: A visual timeline showing how an attacker pivots step-by-step from initial reconnaissance to server backdooring and lateral movement.
- Defensive Mitigation Guide: Offers actionable, secure-by-default code remediation cards for developers, focusing on prepared queries, key rotation, and logging configurations.
- Daemon Log Console: Real-time log capture pane to monitor API requests, scan progress logs, and system events.
- Multi-Theme UI: Sleek dark theme (neon cybersecurity accents) and clean light theme for optimal accessibility in classroom and lab environments.
CYBERAUDIT is split into three decoupled modules:
graph TD
A[Tauri Desktop App] -->|HTTP Fetch| B[FastAPI Backend Daemon]
C[CLI Tool] -->|Direct Import| D[Recon & Scanning Modules]
B -->|Calls API| D
D -->|Generates logs| E[logs/scanner.log]
A -->|Reads stream| B
B -->|Exposes logs| E
- Frontend Client (Desktop): A lightweight webview built with HTML5, Vanilla ES6 Javascript, and glassmorphic Vanilla CSS styling. Wrapped in Rust using Tauri v2 for native desktop window management.
- Backend Daemon (FastAPI): A local REST API that processes scan jobs, hosts logging feeds, and manages guide indexes. Easily started via CLI.
- Core Scanner Engine (Python): The underlying auditing library containing vulnerability check definitions, log rotators, and formatting scripts.
Below are UI mockups for the CYBERAUDIT Desktop Dashboard. (Screenshots will be updated on release).
| Dashboard Overview | Target Scan Progress |
|---|---|
![]() |
![]() |
- Operating System: Linux, macOS, or Windows 10/11
- Python: Version
3.8or newer (withpippackage manager) - Node.js: Version
18.0or newer (for Tauri frontend build) - Rust & Cargo: Version
1.70or newer (required for compiling Tauri binary)
Clone the repository and install the backend/CLI requirements:
# Clone the repository
git clone https://github.com/davytheprogrammer/web-vulnerability-scanner.git
cd web-vulnerability-scanner
# Install Python requirements
pip install -r requirements.txt
# Install the tool globally as a CLI utility
pip install -e .Install the Node.js packages for the Tauri desktop wrapper:
cd desktop
npm install
cd ..You can use CYBERAUDIT in three different setups depending on your needs. Below are the easy-to-follow instructions for each.
To run the full visual interface, you need to start the backend server first, then open the desktop application.
Open a terminal window and run:
web-vuln-scanner apiThis starts a local FastAPI server at http://127.0.0.1:8000 which powers the desktop scans.
Open a new terminal window, navigate to the project directory, and run:
cd desktop
npm run tauri devThe native desktop window will launch, automatically connect to your local backend, and display the landing dashboard!
Tip
Building Standalone Packages:
If you want to build a native installable package (e.g. a .deb file for Linux) so you can run it without terminal commands, run:
cd desktop
npm run tauri buildOnce complete, the installer will be saved at:
desktop/src-tauri/target/release/bundle/deb/desktop_0.1.0_amd64.deb
You can install it on your system by double-clicking it or running sudo dpkg -i <path_to_deb>.
If you prefer terminal-only operation, you can run security audits directly from your terminal. No backend server needs to be running.
# 1. Run a simulated scan on a target website
web-vuln-scanner scan --target demo-shop.local
# 2. Show the detailed vulnerabilities of a target
web-vuln-scanner show-vulns --target insecure-bank.org
# 3. View a simulated penetration attack chain
web-vuln-scanner show-chain --target api.defense-testing.test
# 4. Read secure coding mitigation guidelines
web-vuln-scanner show-preventionIf you are developing custom frontend clients or automated lab scripts, you can spin up the backend API and communicate with it using HTTP client tools (like curl or Postman):
# Start the daemon on a custom port and host
web-vuln-scanner api --port 8080 --host 0.0.0.0- Verify server status: Open
http://127.0.0.1:8080/healthin your browser. - Scan a target via API:
curl -X POST http://127.0.0.1:8080/scan -H "Content-Type: application/json" -d '{"target":"example.com"}'
The CYBERAUDIT GUI is designed for visual teaching and clean demonstrations:
- Landing Dashboard: Review scanned history, statistics widgets, and see the real-time API daemon connection status.
- Audit Launcher: Enter target domains, choose scan presets, monitor progress bars, and view structured, expandable vulnerability cards.
- Kill Chain Explorer: Click through stages from recon to extortion to see simulated code examples and legal warnings.
- Logs Console: Access raw stdout transaction logs directly within the desktop interface, complete with auto-scroll toggles.
web-vulnerability-scanner/
├── pyproject.toml # Python build metadata & entry points
├── requirements.txt # Main python dependencies
├── README.md # Comprehensive documentation
├── .gitignore # Files excluded from Git
├── docs/ # Developer and user guides
│ └── ARCHITECTURE.md # Deep dive into code layout & design
├── src/ # Python Source Code
│ ├── __init__.py
│ ├── api/ # FastAPI Server Layer
│ │ ├── __init__.py
│ │ └── server.py
│ ├── cli/ # Click CLI implementation
│ │ ├── __init__.py
│ │ └── main.py
│ ├── modules/ # Core Scanning Engine
│ │ ├── __init__.py
│ │ └── recon_engine.py
│ └── utils/ # Logging and helpers
│ ├── __init__.py
│ └── log_handler.py
├── desktop/ # Tauri Desktop Application
│ ├── package.json # Node dependencies & tauri scripts
│ ├── src/ # HTML/JS/CSS Frontend Assets
│ │ ├── index.html # Main single-page dashboard
│ │ ├── main.js # Controller code & fetch triggers
│ │ └── styles.css # Styling system & dark theme overrides
│ └── src-tauri/ # Rust Tauri configuration
│ ├── Cargo.toml # Rust crates
│ ├── tauri.conf.json # Window parameters & capabilities
│ └── capabilities/ # Security profiles
└── tests/ # Unit Testing Suite
├── __init__.py
└── test_scanner.py
- Language: Python 3, JavaScript (ES6+), Rust (Tauri Core)
- Framework (Backend): FastAPI, Uvicorn
- Framework (Desktop): Tauri v2
- Styling (CSS): Custom HSL Vanilla CSS Grid/Flexbox styling
- CLI Library: Click, Rich (Rich formatting in terminal)
- Testing: PyTest
- Simulated Payloads: The scanner does not launch real exploit scripts, injection buffers, or packet floods. All exploit dumps, logs, and DDoS actions are simulated on the client to guarantee system safety.
- CORS Configuration: The FastAPI backend is configured with permissive CORS headers to allow connection from Tauri's custom localhost scheme. It should only be run on
127.0.0.1to prevent exposure to external network interfaces. - Log Sanitization: Mock credentials and system paths returned during database dumps do not reflect host-system parameters.
- Add live local SQLite database support to store historical logs permanently.
- Support customized simulation speeds and custom target presets inside Settings.
- Integrate WebSocket endpoints in FastAPI to support live-streaming logs without polling.
- Implement an interactive terminal challenge lab inside the desktop client.
Contributions to CYBERAUDIT are welcome! If you want to add modules:
- Fork the Project.
- Create a Feature Branch (
git checkout -b feature/AmazingFeature). - Commit your changes (
git commit -m 'Add some AmazingFeature'). - Push to the Branch (
git push origin feature/AmazingFeature). - Open a Pull Request.
Distributed under the MIT License. See LICENSE for details.
This repository is actively maintained by the community. Pull requests are regularly reviewed, and vulnerability definitions are updated to align with modern web standard CVE guidelines.

