🚀 Live Demo: https://webshield-cyber-audit.netlify.app
WebShield is a production-grade, full-stack website security scanner and risk intelligence engine. It performs multi-layered scans (Headers, SSL, Content, Ports) and integrates with threat intelligence services to provide a comprehensive risk score and actionable recommendations.
This repository contains both the frontend and backend components in a monorepo structure.
- Comprehensive Security Scanning: Analyzes HTTPS/SSL configurations, HTTP security headers, and open ports.
- Risk Intelligence: Proprietary scoring engine based on industry best practices for evaluating website security posture.
- Threat Integration: Built-in support for VirusTotal and OWASP ZAP.
- Modern User Interface: A dynamic, interactive frontend built with React, Vite, and Framer Motion for a premium user experience.
- High-Performance Backend: Fast and scalable backend powered by FastAPI (Python) using asynchronous execution (
asyncio).
/backend: Contains the FastAPI python application./frontend: Contains the React/Vite web application.
- Framework: React, Vite
- Styling: Vanilla CSS, Framer Motion (for animations)
- Icons: Lucide React
- Framework: FastAPI (Python 3.10+)
- Analysis: BeautifulSoup4, Python-nmap, SSL/TLS inspection
- Integrations: VirusTotal API, zapv2 (OWASP ZAP)
git clone https://github.com/vaibhavy06/webshield-security-platform..git
cd webshield-security-platform.Navigate to the backend directory:
cd backendCreate a .env file based on .env.example:
VIRUSTOTAL_API_KEY=your_key_here
ZAP_API_KEY=your_zap_key_hereRun with Docker Compose (if applicable) or locally using Python:
pip install -r requirements.txt
uvicorn demo_working:app --reloadThe API documentation (Swagger) will be available at http://localhost:8000/docs.
Navigate to the frontend directory:
cd frontendInstall dependencies and run the development server:
npm install
npm run devThe web application will be accessible at http://localhost:5173.
POST /api/v1/scan
Request:
{
"url": "https://example.com"
}This tool is for educational and authorized security testing purposes only. The developers are not responsible for any misuse or illegal activities performed using this software. Only scan targets you own or have explicit permission to test.