Skip to content

Kuxha/Cloud-Based-Source-Code-Vulnerability-Detector

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
backend
backend
 
 
frontend
frontend
 
 
infrastructure
infrastructure
 
 
lambda_functions
lambda_functions
 
 
.gitignore
.gitignore
 
 
PROJECT_STRUCTURE.md
PROJECT_STRUCTURE.md
 
 
README.md
README.md
 
 

Repository files navigation

Cloud-Based Source Code Vulnerability Detector

AI-powered security scanner for GitHub repositories that detects vulnerabilities in Python code.

Features

  • GitHub repository scanning
  • Python vulnerability detection
  • AI-powered fix suggestions
  • Modern web interface
  • Real-time scan progress
  • Downloadable reports (PDF/JSON)

What's Implemented

Web Interface

  • Repository URL input with validation
  • Branch selection support
  • Animated loading states
  • Results dashboard with filtering and sorting
  • Severity-based vulnerability cards
  • Error handling with helpful messages
  • Dark themed modern UI

GitHub Integration

  • Automatic repository fetching
  • Branch detection and fallback
  • Rate limit handling
  • File size management
  • Commit tracking for incremental scans
  • Private repository detection

Vulnerability Scanning

  • Bandit integration for static analysis
  • Custom regex pattern matching
  • SQL injection detection
  • Hardcoded credentials detection
  • Command injection detection
  • Severity classification

AI Features

  • Google Gemini integration
  • Intelligent fix recommendations
  • Context-aware suggestions

Reporting

  • Detailed vulnerability reports
  • OWASP Top 10 categorization
  • Export to PDF or JSON
  • Summary statistics

Tech Stack

Frontend: React, Vite, Axios
Backend: Flask, PyGithub, Bandit
AI: Google Gemini API
Testing: Pytest (31 tests passing)

Getting Started

Prerequisites

  • Node.js 18+
  • Python 3.9+
  • GitHub Personal Access Token
  • Google Gemini API Key (optional)

Installation

  1. Clone the repository
git clone https://github.com/Nishanth2969/Cloud-Based-Source-Code-Vulnerability-Detector.git
cd Cloud-Based-Source-Code-Vulnerability-Detector
  1. Install frontend dependencies
cd frontend
npm install
  1. Install backend dependencies
cd backend
pip install -r requirements.txt
  1. Configure environment variables
cd backend
cp .env.example .env
# Add your GitHub token to .env

Running Locally

Start the frontend:

cd frontend
npm run dev

Start the backend:

cd backend
python app.py

Access at http://localhost:3000

Testing

Run all backend tests:

cd backend
python -m pytest tests/ -v

Usage

  1. Enter a GitHub repository URL
  2. Select branch (defaults to main/master)
  3. Click "Start Scanning"
  4. View results with severity levels
  5. Download report as PDF or JSON

Architecture

frontend/          React application
backend/           Flask API server
  ├── api/         API routes
  ├── services/    Core services
  ├── models/      Data models
  ├── utils/       Utilities
  └── tests/       Test suite
lambda_functions/  AWS Lambda handlers
infrastructure/    Deployment configs

License

MIT

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Python 47.0%
  • JavaScript 28.1%
  • CSS 22.5%
  • HCL 1.1%
  • Shell 0.5%
  • HTML 0.5%
  • Dockerfile 0.3%