Share
## https://sploitus.com/exploit?id=D63B84A1-A624-5F2E-AB72-AD2A289E0B7D
# ๐ก๏ธ ShieldPatch
### Predict . Protect . Prevail
AI-driven vulnerability detection and automated patch management platform that helps organizations identify, prioritize, and remediate software vulnerabilities faster โ closing the gap between vulnerability discovery and patching.
---
## ๐ Problem
Organizations face a constant flood of new vulnerabilities. Manual detection and patching is slow and error-prone, while attackers increasingly use automation to exploit weaknesses faster than traditional tools can respond โ leading to data breaches, ransomware, and downtime.
## ๐ก Solution
ShieldPatch is an AI-based automated patch prioritization system. It pulls live threat data from **NVD, EPSS, and ExploitDB**, uses **machine learning** to score and rank vulnerabilities by real exploit risk, tests patches safely in a **sandbox**, and gives admins a **dashboard + AI chatbot** to monitor and act โ all with minimal manual effort.
## โจ Key Features
- **Live Threat Intelligence** โ Continuous CVE, EPSS, and ExploitDB feed integration
- **ML-Based Risk Scoring** โ Exploit prediction, risk scoring, and patch compatibility models (Scikit-learn, TensorFlow, XGBoost)
- **File & System Scanning** โ APK (Androguard) and EXE (pefile) analysis, OSQuery-based system scans
- **Sandbox Testing & Rollback** โ Safe patch simulation via Docker/VirtualBox with automatic rollback on failure
- **AI Chatbot** โ Rasa-powered assistant for patch guidance and Q&A
- **Admin Dashboard** โ Real-time vulnerability status, risk levels, and patch reporting
- **Alerts & Logging** โ Instant notifications for high-risk threats and full audit trail of scans/patches
## ๐๏ธ Architecture
The system follows a 4-layer architecture:
| Layer | Responsibility |
|---|---|
| **Presentation Layer** | UI, Dashboard, AI Chatbot (React) |
| **Business Layer** | User Management, Access Control, File Upload Handling |
| **Service Layer** | Scan & Analysis, Threat Intelligence Aggregation, ML Risk Prediction, Patch Recommendation, Reporting |
| **Data Service Layer** | MySQL Database, Sandbox Environment |
## ๐ Process Flow
Input Data โ Preprocessing โ ML Models (Exploit Prediction, Risk Scoring, Patch Compatibility)
โ Probability Score Calculation โ Risk Scoring & Patch Recommendation
โ Admin Review (Confirm/Reject) โ Sandbox Testing โ Deployment
โ Feedback stored in MySQL โ Model Retraining
## ๐ ๏ธ Tech Stack
| Category | Tools |
|---|---|
| Frontend | React.js, Bootstrap, HTML5, CSS3 |
| Backend | Python (Flask) |
| Database | MySQL |
| System Scanning | OSQuery, PowerShell, Bash |
| File Analysis | Androguard (APK), pefile (EXE) |
| ML & AI | Scikit-learn, TensorFlow, XGBoost |
| Threat Intel | Requests, BeautifulSoup (CVE/NVD/ExploitDB scraping) |
| Sandbox | Docker, VirtualBox |
| Chatbot | Rasa, Gemini AI |
## ๐ Getting Started
### Prerequisites
- Python 3.9+, Node.js 16+, MySQL 8.0+, Docker
### Installation
```bash
git clone https://github.com/AjayZordan/ShieldPatch.git
cd ShieldPatch
# Backend
cd backend
pip install -r requirements.txt
python app.py
# Frontend
cd ../shieldpatch-frontend
npm install
npm start
```
## ๐ Academic Context
This project was developed as part of the **Capstone Project (UQ24CA741A)** at **PES University, Bengaluru**, under the guidance of Prof. Archana A.
## ๐ค Author
**R. Ajay Kumar**
[LinkedIn](https://linkedin.com/in/ajaykumar-secdev) ยท ajaykumar040702@gmail.com