## https://sploitus.com/exploit?id=F47DE014-75BF-520E-BE8F-61BB56ADD3F0
# Intelligent Exploit & Patch Management Platform
A full-stack web application that helps organizations detect vulnerabilities in installed software, suggest patches, and show exploit details.
## Features
- **Dashboard**: Displays total vulnerabilities detected, severity distribution, and quick actions
- **Software Scan**: Upload CSV files or manually enter software names and versions
- **Exploit Analysis**: Fetch CVE data and match against known exploits
- **Patch Suggestions**: Get recommendations for the latest software versions
- **Reports**: Generate and download detailed vulnerability reports
- **Authentication**: Secure user authentication with JWT
## Tech Stack
- **Frontend**: React, TypeScript, Tailwind CSS, Framer Motion, React Query
- **Backend**: Python, Flask, SQLAlchemy, JWT Authentication
- **Data Sources**: NVD API, ExploitDB, CVEDetails
## Getting Started
### Prerequisites
- Node.js (v16 or later)
- Python (3.10 or later)
- npm or yarn
- pip
### Backend Setup
1. Navigate to the backend directory:
```bash
cd backend
```
2. Create a virtual environment and activate it:
```bash
# On Windows
python -m venv venv
.\\venv\\Scripts\\activate
# On macOS/Linux
python3 -m venv venv
source venv/bin/activate
```
3. Install the required dependencies:
```bash
pip install -r requirements.txt
```
4. Set up environment variables. Create a `.env` file in the backend directory with the following content:
```
FLASK_APP=app.py
FLASK_ENV=development
JWT_SECRET_KEY=your-secret-key-here
DATABASE_URL=sqlite:///exploit_patch.db
NVD_API_KEY=your-nvd-api-key # Optional but recommended for production
```
5. Initialize the database:
```bash
flask db init
flask db migrate -m "Initial migration"
flask db upgrade
```
6. Run the backend server:
```bash
flask run
```
The backend server will be available at `http://localhost:5000`
### Frontend Setup
1. Navigate to the frontend directory:
```bash
cd frontend
```
2. Install the dependencies:
```bash
npm install
# or
yarn install
```
3. Start the development server:
```bash
npm run dev
# or
yarn dev
```
The frontend will be available at `http://localhost:3000`
## Project Structure
```
exploit-patch-platform/
โโโ backend/ # Flask backend
โ โโโ app.py # Main application file
โ โโโ requirements.txt # Python dependencies
โ โโโ config.py # Configuration settings
โ โโโ models/ # Database models
โ โโโ routes/ # API routes
โ โโโ services/ # Business logic and services
โ
โโโ frontend/ # React frontend
โโโ public/ # Static files
โโโ src/
โโโ components/ # Reusable UI components
โโโ pages/ # Page components
โโโ context/ # React context providers
โโโ hooks/ # Custom React hooks
โโโ services/ # API service functions
โโโ types/ # TypeScript type definitions
โโโ App.tsx # Main application component
โโโ main.tsx # Application entry point
```
## Available Scripts
In the frontend directory, you can run:
- `npm run dev` or `yarn dev` - Start the development server
- `npm run build` or `yarn build` - Build the app for production
- `npm run lint` or `yarn lint` - Run the linter
- `npm run test` or `yarn test` - Run tests
## Environment Variables
### Backend
- `FLASK_APP` - The entry point of the application
- `FLASK_ENV` - The environment (development, production, testing)
- `JWT_SECRET_KEY` - Secret key for JWT token generation
- `DATABASE_URL` - Database connection URL
- `NVD_API_KEY` - API key for NVD (National Vulnerability Database)
- `EXPLOIT_DB_PATH` - Path to the ExploitDB database
### Frontend
- `VITE_API_URL` - Base URL for API requests (default: `http://localhost:5000`)
## Deployment
### Backend
The backend can be deployed to any WSGI-compatible server. For production, consider using:
- Gunicorn with Nginx
- uWSGI
- Docker
Example with Gunicorn:
```bash
gunicorn --bind 0.0.0.0:5000 wsgi:app
```
### Frontend
Build the frontend for production:
```bash
npm run build
```
This will create a `dist` directory with the production build that can be served with any static file server or CDN.
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
## Acknowledgments
- [NVD (National Vulnerability Database)](https://nvd.nist.gov/)
- [ExploitDB](https://www.exploit-db.com/)
- [CVEDetails](https://www.cvedetails.com/)
- [React](https://reactjs.org/)
- [Flask](https://flask.palletsprojects.com/)
- [Tailwind CSS](https://tailwindcss.com/)
- [Framer Motion](https://www.framer.com/motion/)