The ultimate cybersecurity toolkit with 40+ security tools, AI-powered threat detection, and enterprise-grade penetration testing capabilities.
π Live Demo β’ π Documentation β’ π Report Bug β’ π‘ Request Feature
- π― Overview
- π Key Features
- ποΈ Tech Stack
- β‘ Quick Start
- π₯οΈ Live Demo & Screenshots
- π Deployment Guide
- π§ API Reference & Examples
- π Environment Variables
- π€ Contributing
- π¬ Support & Community
- πΊοΈ Roadmap
- π₯ Contributors
- π License
- π Acknowledgments
CyberShield is a modern, full-stack cybersecurity platform built with Next.js 15 and TypeScript. It provides security professionals with a comprehensive suite of real network tools, vulnerability scanners, and AI-powered threat detection capabilities - all accessible through a beautiful, responsive web interface.
| π§ Tool Categories | π― Capabilities | π Status |
|---|---|---|
| Network & Reconnaissance | 15+ Tools | β Active |
| Web Security Testing | 12+ Tools | β Active |
| AI-Powered Security | 8+ Tools | π Enhanced |
| Expert Exploitation | 10+ Tools | β‘ Advanced |
| Tool | Description | Key Features |
|---|---|---|
| π Network Scanner | Comprehensive network discovery | Live host detection, TCP/UDP scanning, OS fingerprinting |
| π Port Scanner | Advanced port enumeration | Service detection, banner grabbing, stealth scanning |
| π‘ DNS Lookup | Complete DNS analysis | A, AAAA, MX, TXT, NS, SOA records, Zone transfers |
| π WHOIS Lookup | Domain intelligence gathering | Registration data, ownership info, DNS servers |
| ποΈ Subdomain Enumeration | Hidden subdomain discovery | Certificate transparency, brute force, DNS enumeration |
| π Ping Sweep | Network range discovery | ICMP, TCP, UDP ping variants, host enumeration |
| Tool | Description | Vulnerability Focus |
|---|---|---|
| π·οΈ XSS Scanner | Cross-site scripting detection | Reflected, Stored, DOM-based XSS |
| π SQL Injection Scanner | Database vulnerability assessment | Union, Boolean, Time-based attacks |
| ποΈ Directory Buster | Hidden resource discovery | Common paths, backup files, admin panels |
| π‘οΈ WAF Bypass | Firewall evasion techniques | Encoding, fragmentation, protocol abuse |
| π HTTP Headers Analyzer | Security header assessment | CSP, HSTS, X-Frame-Options, CORS |
| πΆ Wireless Scanner | WiFi security assessment | Network enumeration, security analysis |
| AI Tool | Capability | Use Case |
|---|---|---|
| π£ AI Phishing Detection | Email/URL threat analysis | Real-time phishing detection |
| π§ AI Threat Intelligence | Behavioral threat analysis | Anomaly detection, pattern recognition |
| π€ AI Security Assistant | Intelligent recommendations | Vulnerability prioritization, remediation |
| π AI Fraud Detection | Financial fraud prevention | Transaction analysis, risk scoring |
| Advanced Tool | Description | Expertise Level |
|---|---|---|
| π₯ Metasploit Integration | Professional exploitation | π΄ Expert |
| π― Payload Generator | Custom payload creation | π΄ Expert |
| π Social Engineering | Attack simulation | π Advanced |
| π¬ Reverse Shell Generator | Post-exploitation tools | π΄ Expert |
| π£ Exploit Database | Vulnerability research | π Advanced |
- Framework: Next.js 15.5.3 with App Router
- Language: TypeScript 5.0+
- Styling: Tailwind CSS 3.4+ with custom themes
- UI Components: Radix UI with shadcn/ui
- State Management: React Hooks with Context API
- Authentication: JWT with refresh tokens
- API: Next.js API Routes with Edge Runtime
- Database: MongoDB Atlas with Mongoose ODM
- Authentication: bcryptjs password hashing
- Security: Rate limiting, CORS, input validation
- Email: Nodemailer with Gmail SMTP
- SMS: Twilio integration for 2FA
- Deployment: Vercel (recommended) or any Node.js hosting
- Database: MongoDB Atlas (cloud) or self-hosted MongoDB
- File Storage: Local storage with planned cloud integration
- Monitoring: Built-in logging and error tracking
- Node.js 18.0 or higher
- MongoDB Atlas account or local MongoDB installation
- Gmail account for email notifications (optional)
- Twilio account for SMS 2FA (optional)
-
Clone the repository
git clone https://github.com/sumansingh20/CyberShield.git cd CyberShield -
Install dependencies
npm install # or pnpm install # or yarn install
-
Environment Setup
Create a
.env.localfile in the root directory:# Database Configuration MONGODB_URI=your_mongodb_connection_string # JWT Secrets JWT_SECRET=your_jwt_secret_key JWT_REFRESH_SECRET=your_jwt_refresh_secret # Optional: Email Configuration (Gmail) SMTP_HOST=smtp.gmail.com SMTP_PORT=587 SMTP_USER=your_gmail_address SMTP_PASS=your_gmail_app_password # Optional: Twilio SMS (for 2FA) TWILIO_ACCOUNT_SID=your_twilio_sid TWILIO_AUTH_TOKEN=your_twilio_token TWILIO_PHONE_NUMBER=your_twilio_phone
-
Run the development server
npm run dev # or pnpm dev # or yarn dev
-
Open your browser
Navigate to http://localhost:3000 to see the application.
Professional cybersecurity tools accessible directly in your browser
| Feature | Demo | Status |
|---|---|---|
| π§ 40+ Security Tools | All functional | β Live |
| π€ AI-Powered Analysis | Real-time detection | β Active |
| π‘οΈ Enterprise Auth | JWT + 2FA | β Secure |
| π Professional UI | Responsive design | β Modern |
Perfect for: Production deployments with global CDN and auto-scaling
# 1. Clone and setup
git clone https://github.com/sumansingh20/CyberShield.git
cd CyberShield
npm install
# 2. Configure environment
cp .env.example .env.local
# Edit .env.local with your MongoDB URI and JWT secrets
# 3. Deploy to Vercel
npm run build
npx vercel --prodPerfect for: Containerized deployments and local development
# Quick start with Docker
docker build -t cybershield .
docker run -d -p 3000:3000 --name cybershield-app cybershield
# Or use Docker Compose (includes MongoDB)
docker-compose up -d| Platform | Type | Best For | Setup Time |
|---|---|---|---|
| π Vercel | Serverless | Production (Recommended) | 2 min |
| π Railway | Container | Full-stack with DB | 3 min |
| π¨ Render | Static/Server | Custom configurations | 5 min |
| π Netlify | Static | Frontend-only builds | 3 min |
| βοΈ AWS/GCP | Custom | Enterprise/Scale | 15+ min |
For traditional hosting providers:
# Build optimized production bundle
npm run build
# Start production server
npm start
# Or generate static export
npm run export # Deploy 'out' folderconst scanResult = await fetch('/api/tools/network-scanner', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
target: '192.168.1.0/24',
ports: '22,80,443,3389',
timeout: 5000
})
});const vulnScan = await fetch('/api/tools/vuln-scanner', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
target: 'https://example.com',
scanType: 'comprehensive'
})
});| Variable | Description | Required | Default |
|---|---|---|---|
MONGODB_URI |
MongoDB connection string | β | - |
JWT_SECRET |
JWT signing secret | β | - |
JWT_REFRESH_SECRET |
JWT refresh token secret | β | - |
SMTP_HOST |
Email server hostname | β | smtp.gmail.com |
SMTP_PORT |
Email server port | β | 587 |
SMTP_USER |
Email username | β | - |
SMTP_PASS |
Email password/app password | β | - |
TWILIO_ACCOUNT_SID |
Twilio account SID | β | - |
TWILIO_AUTH_TOKEN |
Twilio auth token | β | - |
TWILIO_PHONE_NUMBER |
Twilio phone number | β | - |
NEXT_PUBLIC_APP_URL |
Public app URL | β | http://localhost:3000 |
We welcome contributions from the community! Please read our contributing guidelines before submitting pull requests.
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests if applicable
- Submit a pull request
- Use TypeScript for all new code
- Follow ESLint configuration
- Use Prettier for code formatting
- Write meaningful commit messages
This platform is designed for authorized security testing and educational purposes only. Users must ensure they have proper authorization before testing any systems.
If you discover a security vulnerability, please email: security@cybershield.dev
// Comprehensive network discovery
const networkScan = await fetch('/api/tools/network-scanner', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
target: '192.168.1.0/24',
ports: '22,80,443,3389',
timeout: 5000,
scanType: 'comprehensive'
})
});
const results = await networkScan.json();
console.log('Live hosts:', results.liveHosts);// Cross-site scripting detection
const xssScan = await fetch('/api/tools/xss-scanner', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
url: 'https://target-site.com',
testType: 'comprehensive',
payloads: ['<script>alert(1)</script>', '"><script>alert(1)</script>']
})
});
const vulnerabilities = await xssScan.json();// AI-powered threat detection
const threatAnalysis = await fetch('/api/ai/threat-analysis', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
input: 'suspicious-url-or-content',
analysisType: 'comprehensive',
includeRecommendations: true
})
});We welcome contributions from the cybersecurity community!
- π΄ Fork the repository
- πΏ Create your feature branch (
git checkout -b feature/amazing-tool) - β Test your changes thoroughly
- π Commit with clear messages (
git commit -m 'Add amazing security tool') - π Push to your branch (
git push origin feature/amazing-tool) - π Create a Pull Request
# Clone your fork
git clone https://github.com/your-username/CyberShield.git
# Install dependencies
npm install
# Run development server
npm run dev
# Run tests
npm test
# Build for production
npm run build| Resource | Description | Link |
|---|---|---|
| π Documentation | Comprehensive guides & API docs | docs/README.md |
| π Bug Reports | Report issues & bugs | GitHub Issues |
| π‘ Feature Requests | Suggest new features | GitHub Issues |
| π¬ Discussions | Community discussions | GitHub Discussions |
| π§ Email Support | Direct support | security@cybershield.dev |
- Advanced AI Models: Enhanced threat detection algorithms
- Custom Payloads: User-defined payload templates
- Team Features: Collaboration and sharing tools
- Advanced Reports: Comprehensive security assessment reports
- Mobile App: Native iOS/Android applications
- Cloud Integration: AWS/Azure security services integration
- Enterprise SSO: SAML/OAuth enterprise authentication
- Real-time Monitoring: Continuous security monitoring dashboard
Dynamic Trio - Lead Developers & Security Architects
See our amazing Contributors
Want to contribute? Check out our Contributing Guidelines
This project is licensed under the MIT License - see the LICENSE file for details.
β
Commercial use
β
Modification
β
Distribution
β
Private use
Special thanks to the amazing open-source community:
- Next.js Team - Revolutionary React framework
- MongoDB - Robust NoSQL database
- Tailwind CSS - Utility-first CSS framework
- Radix UI - Accessible component primitives
- Vercel - Seamless deployment platform
- Security Research Community - Continuous inspiration and knowledge sharing