Skip to content

Latest commit

 

History

History
233 lines (175 loc) · 9.3 KB

README.md

File metadata and controls

233 lines (175 loc) · 9.3 KB

MIT License LinkedIn


Logo

bluebeam

audit websites in one click

Table of Contents
  1. About The Project
  2. Getting Started
  3. Usage
  4. Example
  5. Roadmap
  6. Contributing
  7. License
  8. Contact

Built With

  • Go
  • Docker
  • Mariadb
  • Javascript
  • Python
  • GoogleCloudPlatform

And OpenAI API, and Gemini API.

Getting Started

To get a local copy up and running, follow these simple example steps. It will lauch the server of the application with docker-compose. If you do not use a Linux distro, I recommand that you read the documentation on how to lauch docker-compose on your OS.

git clone https://github.com/BolvicBolvicovic/bluebeam
cd bluebeam/goserv
sudo make

Then, if you intend to use the extension, in a new terminal at the root of the repository, run the following commands:

cd ext
web-ext run

Prerequisites

You will need go and docker-compose to lauch the project. If you intend to run the extension, you will need web-ext.

  • go
wget https://go.dev/dl/go1.23.2.linux-amd64.tar.gz
rm -rf /usr/local/go && tar -C /usr/local -xzf go1.23.2.linux-amd64.tar.gz
export PATH=$PATH:/usr/local/go/bin # You should put this in your .bashrc
  • web-ext, docker and docker-compose
sudo apt update && sudo apt upgrade
sudo apt install -y web-ext docker docker-compose

If you want to use the google spreadsheet feature, add your google credentials file as googlecredentials.json at ./goserv/app/startup/ Furthermore, you will need to create an OAuth2.0 client in your google cloud account for your project and add the clientId to the dashboard.js file.

(back to top)

Usage

Once you have launched the server

  • If you intend to use the web extension:
    Running web-ext will open firefox. Because the server is running on localhost and the certificate is self-signed (at the moment), you need to go to Settings -> Tools -> Advanced -> View Certificates -> Servers -> Add Exception then Add https://localhost.
  • If you intend to use the dashboard:
    Start your browser and go on localhost.
  • If you intend to use the API:
    You will have to wait, it is not implemented yet :)

Register an account and log in

  • If you intend to use the web extension:
    Open your extension, (You have to be on a website that accepts scripting) and click on register a new account. Fill all fields. It's important that the email you give is a valid Google email account. It will enable the extension to provide access to the output Google Spreadsheet. If you get a response that is positive, you can go back and login with this account. Else, try with an other username/password.
  • If you intend to use the dashboard:
    Click on the login button at the top of the page and follow the same steps as for the extension. Once you are logged in, you will get access to a new section: dashboard.

An HTTP-only cookie will keep you connected for a day and you will not need to reconnect yourself everytime you open the extension or the website.

Analyse

If you have not given any criteria file, you will get an error. For both the extension and the website, this is done in the dashboard. (You have a button on the extension to access it directly.) Current possible inputs are:

  • a JSON file
  • the first sheet of a google spreadsheet

For a JSON file, it has to contain an array of features described in the template example.json at the root of the repository. For the first sheet of a google spreadsheet, there is a screenshot in the folder images at the root of the repository.

Furthermore, you will need to put your OpenAI API key (mendatory for the extension) or your Gemini API key to make it work. It is stored with the data related to your account and only you has access to it.

Once everything is set, for the extension, you can click on the analyze button and you will get a response for the current page. For the dashboard, you need to write the root urls you want to analyze then you click on the analyze button and you will get a response for the whole website (maximum size is currently 20 000 bytes but that can be manually change in the code).
Current possible outputs are:

  • a blob containing a JSON file
  • a google spreadsheet

See roadmap below for future improvements.

(back to top)

Example

Here is a concret output example with the example.json file used as an input and the Go website. Alt text

Roadmap

  • Response with a json/google spreadsheet that applies the chosen criteria on the website
  • Google spreadsheet format as the criteria's input
  • Possibility to audit many websites at the same time
  • Possibility to choose your AI
  • API service that can be integrated to your application
  • Image analysis
  • Scraping social-medias
  • Response with the posibility to create a report with graphs and text

See the open issues for a full list of proposed features (and known issues).

(back to top)

Contributing

Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.

If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!

  1. Fork the Project
  2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
  3. Commit your Changes (git commit -m 'Add some AmazingFeature')
  4. Push to the Branch (git push origin feature/AmazingFeature)
  5. Open a Pull Request

License

Distributed under the EUPL-1.2 License. See LICENSE.txt for more information.

Contact

Project Link: https://github.com/BolvicBolvicovic/bluebeam Mail: victor.bolheme@gmail.com

(back to top)