A comprehensive, AI-powered web security scanning platform that identifies vulnerabilities, security issues, and anomalies in web applications.
- Multi-Vector Analysis: Security headers, library vulnerabilities, XSS detection, and ML-powered anomaly detection
- AI-Powered Detection: HuggingFace BART model for zero-shot vulnerability classification
- CVE Integration: Real-time vulnerability database lookups with intelligent caching
- Parallel Processing: 40% faster scans through concurrent module execution
- Security Scoring: Comprehensive 0-100 security score alongside anomaly detection
- Security Headers Audit: CSP, HSTS, X-Frame-Options, and more
- Library Scanner: Detects outdated JavaScript libraries (jQuery, Lodash, Bootstrap, Vue.js, etc.)
- XSS Probe: Multi-payload reflected XSS detection with context analysis
- ML Analysis: AI-powered vulnerability pattern recognition
- CVE Lookup: Automated Common Vulnerabilities and Exposures database integration
- Role-Based Access: Admin and User roles with granular permissions
- Secure Authentication: JWT-based auth with issuer/audience validation
- User Profiles: Comprehensive user management with email verification
- Password Security: Bcrypt hashing with secure reset functionality
- Scheduled Scans: Automated periodic security assessments
- On-Demand Scanning: Instant vulnerability analysis
- Background Processing: Non-blocking scan execution
- Scan History: Complete audit trail with detailed reporting
- Interactive Dashboard: Real-time scan results with charts and metrics
- PDF Reports: Professional vulnerability reports with jsPDF
- Severity Classification: Critical, High, Medium, Low vulnerability categorization
- Scan Statistics: Performance metrics and trend analysis
- Export Capabilities: Multiple format support for compliance reporting
- Responsive Design: Mobile-first, adaptive UI
- Dark/Light Mode: User preference-based theming
- Real-time Updates: Live scan progress and notifications
- Interactive Charts: Chart.js powered vulnerability visualization
- Toast Notifications: User-friendly feedback system
- Runtime: Node.js 20+ with TypeScript 5.9+
- Framework: Express.js with comprehensive middleware stack
- Database: MongoDB 7.0+ with Mongoose ODM
- Security: Helmet, CORS, Rate Limiting, Input Validation
- Authentication: JWT with bcrypt password hashing
- Logging: Structured logging with Pino
- Validation: Zod schema validation and express-validator
- Framework: React 19+ with TypeScript
- Build Tool: Vite 7+ for fast development and builds
- Routing: React Router DOM 7+
- State Management: React Context API
- UI Components: Custom components with React Icons
- Charts: Chart.js with React Chart.js 2
- Forms: React Hook Form with validation
- HTTP Client: Axios with interceptors
- Containerization: Docker with multi-stage builds
- Orchestration: Docker Compose for local development
- Cloud Platform: AWS EC2 with ECR container registry
- Web Server: Nginx for static file serving and API proxying
- CI/CD: GitHub Actions with automated deployments
- Monitoring: Health checks and structured logging
- Docker & Docker Compose
- Node.js 20+ (for local development)
- Git
-
Clone the repository
git clone https://github.com/ShalevAtsis/Anomalyze.git cd Anomalyze -
Environment Configuration
# Create backend environment file from template cp backend/.env.example backend/.env # Edit backend/.env with your actual credentials # IMPORTANT: Never commit .env files with real secrets!
Required Environment Variables:
MONGO_URI: Your MongoDB connection stringJWT_SECRET: Strong secret for JWT tokens (use:openssl rand -base64 32)HUGGINGFACE_TOKEN: HuggingFace API token (optional)AWS_ACCESS_KEY_ID&AWS_SECRET_ACCESS_KEY: AWS credentials (optional)GOOGLE_CLIENT_ID&GOOGLE_CLIENT_SECRET: Google OAuth (optional)
-
Start the application
docker-compose up --build
-
Access the application
- Frontend: http://localhost (port 80)
- Backend API: http://localhost:5000
- Health Check: http://localhost/api/health
# Start in development mode with hot reload
docker-compose up --build
# View logs
docker-compose logs -f backend
docker-compose logs -f frontend
# Stop services
docker-compose down
# Clean rebuild
docker-compose down -v
docker-compose up --buildProduction URL: http://YOUR_EC2_PUBLIC_IP
- Frontend served on port 80 via Nginx
- API endpoints available at
/api/* - Automatic API request proxying
- Health monitoring at
/api/health
- Compute: AWS EC2 instance with Docker runtime
- Container Registry: AWS ECR for image storage
- Database: MongoDB Atlas (production) / Local MongoDB (development)
- Load Balancing: Nginx reverse proxy
- SSL/TLS: Ready for certificate integration
# Server Configuration
PORT=5000
HOST=0.0.0.0
NODE_ENV=production
# Database
MONGO_URI=mongodb+srv://user:pass@cluster.mongodb.net/anomalyze
# Security
JWT_SECRET=your-super-secure-jwt-secret-key
JWT_ISSUER=anomalyze-api
JWT_AUDIENCE=anomalyze-client
# External Services
HUGGINGFACE_TOKEN=your-huggingface-token # Optional for ML features
AWS_ACCESS_KEY_ID=your-aws-key # Optional for SES email
AWS_SECRET_ACCESS_KEY=your-aws-secret # Optional for SES email
AWS_REGION=us-east-1 # Optional for SES email
# Security Headers
CLIENT_ORIGIN=http://localhost # CORS origin for frontendPORT=5000
HOST=0.0.0.0
MONGO_URI=mongodb+srv://user:pass@cluster.mongodb.net/anomalyze
JWT_SECRET=production-super-secure-secret
NODE_ENV=production
CLIENT_ORIGIN=http://YOUR_EC2_PUBLIC_IPPush to main branch triggers automatic deployment:
git add .
git commit -m "feat: your feature description"
git push origin mainGitHub Actions Pipeline:
- Build Docker images for backend and frontend
- Push images to AWS ECR with
:latestand:${GITHUB_SHA}tags - Deploy to EC2 instance via AWS SSM
- Health check verification
# SSH into EC2 instance
ssh -i your-key.pem ec2-user@YOUR_EC2_IP
cd /opt/anomalyze
# Pull latest images from ECR
sudo docker compose pull
# Restart with new images (zero-downtime)
sudo docker compose up -d --force-recreate
# Verify deployment
sudo docker compose ps
sudo docker compose logs -f# Check service status
sudo docker compose ps
# View real-time logs
sudo docker compose logs -f
# Check specific service logs
sudo docker compose logs backend
sudo docker compose logs frontend
# Monitor resource usage
sudo docker stats# Restart specific service
sudo docker compose restart backend
sudo docker compose restart frontend
# Full system restart
sudo docker compose restart
# Clean up old images (saves disk space)
sudo docker image prune -f
sudo docker system prune -f
# Check disk usage
df -h
sudo docker system df# Create admin user (run once)
sudo docker compose exec backend npm run seed:admin
# Test email configuration (if SES configured)
sudo docker compose exec backend npm run test:ses
# Check SES configuration
sudo docker compose exec backend npm run check:ses502 Bad Gateway
# Check backend status
sudo docker compose logs backend
# Verify backend is listening on correct host
sudo docker compose exec backend sh -c 'echo "HOST=$HOST"'
# Test internal connectivity
sudo docker compose exec frontend curl -v http://backend:5000/healthDatabase Connection Issues
# Check MongoDB connection
sudo docker compose logs backend | grep -i mongo
# Verify environment variables
sudo docker compose exec backend env | grep MONGO_URIImage Update Problems
# Force pull latest images
sudo docker compose pull --ignore-pull-failures
# Complete rebuild
sudo docker compose down
sudo docker image prune -a -f
sudo docker compose up -dPerformance Issues
# Check resource usage
sudo docker stats
# Monitor system resources
htop
df -h
# Check application logs for errors
sudo docker compose logs backend | tail -100Anomalyze/
├── 📁 backend/ # Node.js + TypeScript API Server
│ ├── 📁 src/
│ │ ├── 📁 controllers/ # Request handlers (auth, scan, user)
│ │ ├── 📁 services/ # Business logic & external integrations
│ │ │ ├── scan.service.ts # Main scan orchestrator
│ │ │ ├── headerAudit.ts # Security headers analysis
│ │ │ ├── xssProbe.ts # XSS vulnerability detection
│ │ │ ├── libraryDetector.ts # Outdated library scanning
│ │ │ ├── huggingface.service.ts # AI-powered analysis
│ │ │ └── nvd.service.ts # CVE database integration
│ │ ├── 📁 models/ # MongoDB schemas (User, Scan)
│ │ ├── 📁 middlewares/ # Auth, validation, error handling
│ │ ├── 📁 routes/ # API route definitions
│ │ ├── 📁 tasks/ # Background job processing
│ │ ├── 📁 utils/ # Helper functions & utilities
│ │ └── 📁 validators/ # Input validation schemas
│ ├── 📄 package.json # Dependencies & scripts
│ ├── 📄 Dockerfile # Production container build
│ └── 📄 tsconfig.json # TypeScript configuration
├── 📁 frontend/ # React + TypeScript UI
│ ├── 📁 src/
│ │ ├── 📁 components/ # React components
│ │ │ ├── 📁 auth/ # Authentication components
│ │ │ ├── 📁 scan/ # Scanning interface components
│ │ │ ├── 📁 report/ # Report generation & display
│ │ │ └── 📁 Profile/ # User profile management
│ │ ├── 📁 services/ # API client services
│ │ ├── 📁 contexts/ # React context providers
│ │ ├── 📁 utils/ # Frontend utilities & helpers
│ │ ├── 📁 charts/ # Chart.js configuration
│ │ └── 📁 assets/ # Images, logos, static files
│ ├── 📄 package.json # Frontend dependencies
│ ├── 📄 Dockerfile # Nginx + React build container
│ ├── 📄 nginx.conf # Nginx configuration
│ └── 📄 vite.config.ts # Vite build configuration
├── 📁 .github/workflows/ # CI/CD automation
│ └── 📄 deploy.yml # GitHub Actions deployment
├── 📁 docs and guides/ # Documentation
│ ├── 📄 DEPLOYMENT.md # Production deployment guide
│ ├── 📄 SCAN-MODULE-TECHNICAL-GUIDE.md # Technical architecture
│ ├── 📄 CHANGELOG.md # Version history & updates
│ └── 📄 AWS_SES_SETUP.md # Email service configuration
├── 📄 docker-compose.yml # Local development setup
├── 📄 docker-compose.prod.yml # Production deployment
├── 📄 README.md # This file
└── 📄 LICENSE # MIT License
# Start development environment
docker-compose up --build
# Backend development (with hot reload)
cd backend
npm run dev
# Frontend development (with hot reload)
cd frontend
npm run dev
# Run tests
cd backend
npm test- TypeScript: Strict type checking enabled
- ESLint: Code linting and formatting
- Prettier: Consistent code formatting
- Git Hooks: Pre-commit validation (planned)
# Create admin user for testing
cd backend
npm run seed:admin
# Test email functionality (if configured)
npm run test:ses
# Check AWS SES configuration
npm run check:ses# Connect to local MongoDB
docker-compose exec mongo mongosh anomalyze
# View scan results
db.scans.find().limit(5)
# View users
db.users.find()- Input Sanitization: DOMPurify integration prevents XSS attacks
- SQL Injection Protection: MongoDB with parameterized queries
- CSRF Protection: SameSite cookies and origin validation
- Rate Limiting: Express rate limiter prevents abuse
- Security Headers: Helmet.js for comprehensive header security
- JWT Security: Secure token handling with issuer/audience validation
- Container Security: Multi-stage Docker builds with minimal attack surface
- Network Security: Nginx reverse proxy with security headers
- Environment Isolation: Separate development and production configurations
- Secret Management: Environment-based secret handling
The application scans for:
- Security Headers: CSP, HSTS, X-Frame-Options, X-Content-Type-Options
- Library Vulnerabilities: Outdated JavaScript libraries with known CVEs
- XSS Vulnerabilities: Reflected cross-site scripting detection
- ML-Detected Patterns: AI-powered anomaly and vulnerability detection
- Average Scan Time: 15-30 seconds per URL
- Parallel Processing: 40% performance improvement
- Cache Hit Rate: 80% reduction in external API calls
- Concurrent Scans: Supports multiple simultaneous scans
- Response Time: < 200ms for API endpoints
- Database Queries: Optimized with compound indexes
- Memory Usage: < 512MB per container in production
- CPU Usage: < 50% under normal load
We welcome contributions to Anomalyze! Here's how you can help:
- Fork the repository
- Create a feature branch:
git checkout -b feature/amazing-feature - Make your changes and test thoroughly
- Commit your changes:
git commit -m 'feat: add amazing feature' - Push to the branch:
git push origin feature/amazing-feature - Open a Pull Request
- Follow TypeScript best practices
- Write comprehensive tests for new features
- Update documentation for API changes
- Follow conventional commit messages
- Ensure all tests pass before submitting
- 🔍 New Scan Modules: Additional vulnerability detection methods
- 🤖 ML Improvements: Enhanced AI models for better detection
- 🎨 UI/UX Enhancements: Improved user interface and experience
- 📊 Reporting Features: Advanced reporting and analytics
- 🔒 Security Hardening: Additional security measures
- 📚 Documentation: Improved guides and tutorials
This project is licensed under the MIT License - see the LICENSE file for details.
- HuggingFace: AI-powered vulnerability detection
- National Vulnerability Database (NVD): CVE data integration
- OWASP: Security best practices and guidelines
- React Community: Frontend framework and ecosystem
- Node.js Community: Backend runtime and packages
- Issues: GitHub Issues
- Discussions: GitHub Discussions
- Documentation: Technical Guides
Built with ❤️ for the security community