Share
## https://sploitus.com/exploit?id=F47DE014-75BF-520E-BE8F-61BB56ADD3F0
# Intelligent Exploit & Patch Management Platform

A full-stack web application that helps organizations detect vulnerabilities in installed software, suggest patches, and show exploit details.

## Features

- **Dashboard**: Displays total vulnerabilities detected, severity distribution, and quick actions
- **Software Scan**: Upload CSV files or manually enter software names and versions
- **Exploit Analysis**: Fetch CVE data and match against known exploits
- **Patch Suggestions**: Get recommendations for the latest software versions
- **Reports**: Generate and download detailed vulnerability reports
- **Authentication**: Secure user authentication with JWT

## Tech Stack

- **Frontend**: React, TypeScript, Tailwind CSS, Framer Motion, React Query
- **Backend**: Python, Flask, SQLAlchemy, JWT Authentication
- **Data Sources**: NVD API, ExploitDB, CVEDetails

## Getting Started

### Prerequisites

- Node.js (v16 or later)
- Python (3.10 or later)
- npm or yarn
- pip

### Backend Setup

1. Navigate to the backend directory:
   ```bash
   cd backend
   ```

2. Create a virtual environment and activate it:
   ```bash
   # On Windows
   python -m venv venv
   .\\venv\\Scripts\\activate
   
   # On macOS/Linux
   python3 -m venv venv
   source venv/bin/activate
   ```

3. Install the required dependencies:
   ```bash
   pip install -r requirements.txt
   ```

4. Set up environment variables. Create a `.env` file in the backend directory with the following content:
   ```
   FLASK_APP=app.py
   FLASK_ENV=development
   JWT_SECRET_KEY=your-secret-key-here
   DATABASE_URL=sqlite:///exploit_patch.db
   NVD_API_KEY=your-nvd-api-key  # Optional but recommended for production
   ```

5. Initialize the database:
   ```bash
   flask db init
   flask db migrate -m "Initial migration"
   flask db upgrade
   ```

6. Run the backend server:
   ```bash
   flask run
   ```
   The backend server will be available at `http://localhost:5000`

### Frontend Setup

1. Navigate to the frontend directory:
   ```bash
   cd frontend
   ```

2. Install the dependencies:
   ```bash
   npm install
   # or
   yarn install
   ```

3. Start the development server:
   ```bash
   npm run dev
   # or
   yarn dev
   ```
   The frontend will be available at `http://localhost:3000`

## Project Structure

```
exploit-patch-platform/
โ”œโ”€โ”€ backend/                  # Flask backend
โ”‚   โ”œโ”€โ”€ app.py               # Main application file
โ”‚   โ”œโ”€โ”€ requirements.txt      # Python dependencies
โ”‚   โ”œโ”€โ”€ config.py            # Configuration settings
โ”‚   โ”œโ”€โ”€ models/              # Database models
โ”‚   โ”œโ”€โ”€ routes/              # API routes
โ”‚   โ””โ”€โ”€ services/            # Business logic and services
โ”‚
โ””โ”€โ”€ frontend/                # React frontend
    โ”œโ”€โ”€ public/              # Static files
    โ””โ”€โ”€ src/
        โ”œโ”€โ”€ components/      # Reusable UI components
        โ”œโ”€โ”€ pages/           # Page components
        โ”œโ”€โ”€ context/         # React context providers
        โ”œโ”€โ”€ hooks/           # Custom React hooks
        โ”œโ”€โ”€ services/        # API service functions
        โ”œโ”€โ”€ types/           # TypeScript type definitions
        โ”œโ”€โ”€ App.tsx          # Main application component
        โ””โ”€โ”€ main.tsx         # Application entry point
```

## Available Scripts

In the frontend directory, you can run:

- `npm run dev` or `yarn dev` - Start the development server
- `npm run build` or `yarn build` - Build the app for production
- `npm run lint` or `yarn lint` - Run the linter
- `npm run test` or `yarn test` - Run tests

## Environment Variables

### Backend

- `FLASK_APP` - The entry point of the application
- `FLASK_ENV` - The environment (development, production, testing)
- `JWT_SECRET_KEY` - Secret key for JWT token generation
- `DATABASE_URL` - Database connection URL
- `NVD_API_KEY` - API key for NVD (National Vulnerability Database)
- `EXPLOIT_DB_PATH` - Path to the ExploitDB database

### Frontend

- `VITE_API_URL` - Base URL for API requests (default: `http://localhost:5000`)

## Deployment

### Backend

The backend can be deployed to any WSGI-compatible server. For production, consider using:

- Gunicorn with Nginx
- uWSGI
- Docker

Example with Gunicorn:
```bash
gunicorn --bind 0.0.0.0:5000 wsgi:app
```

### Frontend

Build the frontend for production:
```bash
npm run build
```

This will create a `dist` directory with the production build that can be served with any static file server or CDN.

## License

This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.

## Acknowledgments

- [NVD (National Vulnerability Database)](https://nvd.nist.gov/)
- [ExploitDB](https://www.exploit-db.com/)
- [CVEDetails](https://www.cvedetails.com/)
- [React](https://reactjs.org/)
- [Flask](https://flask.palletsprojects.com/)
- [Tailwind CSS](https://tailwindcss.com/)
- [Framer Motion](https://www.framer.com/motion/)