Share
## https://sploitus.com/exploit?id=E12BF17A-26CE-5EE3-A4A4-2FA05BBADA41
# DefaceMeter

DefaceMeter is a small, static, browser-based prototype that estimates the *likelihood of a website defacement* given a JSON vulnerability report.

You upload a report (see `sample_report.json`), optionally tune the weights of three factors, and DefaceMeter calculates:

- A per-vulnerability contribution score `Vi`
- An aggregate probability that **at least one** vulnerability could plausibly lead to a defacement outcome (using an independence approximation)
- A single “DefacementScore” shown as a percentage gauge

This project is intentionally lightweight: it runs entirely in the browser with plain HTML/CSS/JavaScript and requires no build step.

---

## What’s in this repo

- `index.html` — UI layout (upload panel, processing panel, results panel)
- `styles.css` — visual styling (glass panels, gauge, table, loader)
- `app.js` — scoring model + UI logic
- `sample_report.json` — an example input file you can use to demo the tool

---

## How it works (scoring model)

DefaceMeter builds a probability from three normalized factors per vulnerability:

### 1) Criticality factor `C`
Derived from CVSS:

- `C = clamp(cvss, 0..10) / 10`

So a CVSS 10.0 maps to `C = 1.0` and CVSS 5.0 maps to `C = 0.5`.

### 2) Exploitability factor `E`
A simple heuristic based on exploit flags:

- If `public_exploit=true` **and** `metasploit=true` → `E = 1.0`
- Else if `poc=true` → `E = 0.8`
- Else if `complex_poc=true` → `E = 0.5`
- Else → `E = 0.05`

If the `exploit` object is missing or invalid, DefaceMeter defaults to `0.05`.

### 3) Historical factor `H`
Normalizes a vulnerability’s historical usage/frequency (`historical.count`) relative to the maximum count in the uploaded dataset:

- `H = log(1 + count) / log(1 + maxCount)`

If counts are missing or invalid, DefaceMeter uses `0.05`.

### Per-vulnerability contribution `Vi`
Each vulnerability gets a weighted score:

- `Vi = wC * C + wE * E + wH * H`

Weights are user-adjustable (`C`, `E`, `H`) and are automatically normalized to sum to 1.

### Aggregate probability and displayed score
To convert multiple `Vi` values into one number, DefaceMeter uses an independent-event approximation:

- `RawProb = 1 - ∏(1 - Vi)`
- `DefacementScore = 100 * RawProb`

This is why the UI warns: *“Interpret cautiously: This is a synthesized probability using independent event approximation.”*

---

## Expected input format (JSON)

DefaceMeter expects JSON shaped like this (matching the schema shown in the UI):

```json
{
  "meta": { "generated": "ISO8601", "scope": "string", "tool": "string" },
  "weights": { "C": 0.5, "E": 0.3, "H": 0.2 },
  "vulnerabilities": [
    {
      "id": "string",
      "title": "string",
      "cvss": 9.8,
      "exploit": {
        "public_exploit": true,
        "metasploit": false,
        "poc": true,
        "complex_poc": false
      },
      "historical": { "count": 37, "class": "SQL Injection" },
      "category": "Injection",
      "asset": "api.example.com",
      "description": "Human readable...",
      "references": ["https://..."],
      "tags": ["critical", "webapp", "sqli"]
    }
  ]
}
```

Notes:

- `weights` in the JSON is optional; the UI also allows overriding weights.
- `historical.count` is used for the historical normalization.
- Extra fields are ignored by the scoring logic (but may appear in the raw JSON viewer).

---

## How to run

Because the UI fetches `sample_report.json` for the “Download Sample JSON” link, the simplest way to run is with a tiny local web server.

### Option A: Python (recommended)

```bash
cd /path/to/defacemeter
python3 -m http.server 8000
```

Then open:

- http://localhost:8000

### Option B: Any static server

Serve the folder with any static server of your choice and open the served URL in your browser.

---

## How to use

1. Open the app in your browser.
2. Upload a vulnerability report JSON (or use the link to download `sample_report.json`).
3. (Optional) Adjust `C`, `E`, `H` weights and click **Normalize**.
4. Review the results:
   - Gauge = aggregate likelihood percent
   - Table = per-vulnerability `C`, `E`, `H`, and `Vi`
   - Insights = short auto-generated guidance based on score and top contributors

---

## Output interpretation and limitations

- This is a *prototype scoring model*, not a guarantee or a forensic conclusion.
- The aggregate probability uses an **independence approximation**; in real environments, vulnerabilities and attacker behavior are often correlated.
- `Vi` values are heuristics derived from CVSS + exploit flags + dataset-local historical normalization; they are best used for **relative prioritization** within the same report.

---

## Customization

If you want to change the model, the core functions are in `app.js`:

- `computeC(cvss)`
- `computeE(exploit)`
- `computeH(count, maxCount)`
- `computeScores(data, overrideWeights)`

The UI uses the returned `contributions` list to render the table and generate top-contributor insights.