mirror of
https://github.com/CyberSecurityUP/NeuroSploit.git
synced 2026-07-06 19:37:57 +02:00
Add files via upload
This commit is contained in:
@@ -5,6 +5,7 @@ from backend.models.endpoint import Endpoint
|
||||
from backend.models.vulnerability import Vulnerability, VulnerabilityTest
|
||||
from backend.models.report import Report
|
||||
from backend.models.agent_task import AgentTask
|
||||
from backend.models.vuln_lab import VulnLabChallenge
|
||||
|
||||
__all__ = [
|
||||
"Scan",
|
||||
@@ -14,5 +15,6 @@ __all__ = [
|
||||
"Vulnerability",
|
||||
"VulnerabilityTest",
|
||||
"Report",
|
||||
"AgentTask"
|
||||
"AgentTask",
|
||||
"VulnLabChallenge"
|
||||
]
|
||||
|
||||
@@ -0,0 +1,94 @@
|
||||
"""
|
||||
NeuroSploit v3 - Vulnerability Lab Challenge Model
|
||||
|
||||
Tracks isolated vulnerability testing sessions (labs, CTFs, PortSwigger, etc.)
|
||||
"""
|
||||
from datetime import datetime
|
||||
from typing import Optional, List
|
||||
from sqlalchemy import String, Integer, Float, Boolean, DateTime, Text, JSON, ForeignKey
|
||||
from sqlalchemy.orm import Mapped, mapped_column
|
||||
from backend.db.database import Base
|
||||
import uuid
|
||||
|
||||
|
||||
class VulnLabChallenge(Base):
|
||||
"""Individual vulnerability lab/challenge test record"""
|
||||
__tablename__ = "vuln_lab_challenges"
|
||||
|
||||
id: Mapped[str] = mapped_column(String(36), primary_key=True, default=lambda: str(uuid.uuid4()))
|
||||
|
||||
# Target info
|
||||
target_url: Mapped[str] = mapped_column(Text)
|
||||
challenge_name: Mapped[Optional[str]] = mapped_column(String(255), nullable=True)
|
||||
|
||||
# Vulnerability scope
|
||||
vuln_type: Mapped[str] = mapped_column(String(100)) # e.g. xss_reflected, sqli_union
|
||||
vuln_category: Mapped[Optional[str]] = mapped_column(String(50), nullable=True) # injection, auth, client_side, etc.
|
||||
|
||||
# Authentication
|
||||
auth_type: Mapped[Optional[str]] = mapped_column(String(20), nullable=True) # cookie, bearer, basic, header
|
||||
auth_value: Mapped[Optional[str]] = mapped_column(Text, nullable=True)
|
||||
|
||||
# Execution state
|
||||
status: Mapped[str] = mapped_column(String(20), default="pending") # pending, running, completed, failed, stopped
|
||||
result: Mapped[Optional[str]] = mapped_column(String(20), nullable=True) # detected, not_detected, error
|
||||
|
||||
# Agent linkage
|
||||
agent_id: Mapped[Optional[str]] = mapped_column(String(36), nullable=True)
|
||||
scan_id: Mapped[Optional[str]] = mapped_column(String(36), nullable=True)
|
||||
|
||||
# Results
|
||||
findings_count: Mapped[int] = mapped_column(Integer, default=0)
|
||||
critical_count: Mapped[int] = mapped_column(Integer, default=0)
|
||||
high_count: Mapped[int] = mapped_column(Integer, default=0)
|
||||
medium_count: Mapped[int] = mapped_column(Integer, default=0)
|
||||
low_count: Mapped[int] = mapped_column(Integer, default=0)
|
||||
info_count: Mapped[int] = mapped_column(Integer, default=0)
|
||||
|
||||
# Findings detail (JSON list of finding summaries)
|
||||
findings_detail: Mapped[List] = mapped_column(JSON, default=list)
|
||||
|
||||
# Timing
|
||||
started_at: Mapped[Optional[datetime]] = mapped_column(DateTime, nullable=True)
|
||||
completed_at: Mapped[Optional[datetime]] = mapped_column(DateTime, nullable=True)
|
||||
duration: Mapped[Optional[int]] = mapped_column(Integer, nullable=True) # seconds
|
||||
|
||||
# Notes
|
||||
notes: Mapped[Optional[str]] = mapped_column(Text, nullable=True)
|
||||
|
||||
# Logs (JSON list of log entries persisted after completion)
|
||||
logs: Mapped[List] = mapped_column(JSON, default=list)
|
||||
|
||||
# Endpoints discovered count
|
||||
endpoints_count: Mapped[int] = mapped_column(Integer, default=0)
|
||||
|
||||
# Timestamps
|
||||
created_at: Mapped[datetime] = mapped_column(DateTime, default=datetime.utcnow)
|
||||
|
||||
def to_dict(self) -> dict:
|
||||
return {
|
||||
"id": self.id,
|
||||
"target_url": self.target_url,
|
||||
"challenge_name": self.challenge_name,
|
||||
"vuln_type": self.vuln_type,
|
||||
"vuln_category": self.vuln_category,
|
||||
"auth_type": self.auth_type,
|
||||
"status": self.status,
|
||||
"result": self.result,
|
||||
"agent_id": self.agent_id,
|
||||
"scan_id": self.scan_id,
|
||||
"findings_count": self.findings_count,
|
||||
"critical_count": self.critical_count,
|
||||
"high_count": self.high_count,
|
||||
"medium_count": self.medium_count,
|
||||
"low_count": self.low_count,
|
||||
"info_count": self.info_count,
|
||||
"findings_detail": self.findings_detail or [],
|
||||
"started_at": self.started_at.isoformat() if self.started_at else None,
|
||||
"completed_at": self.completed_at.isoformat() if self.completed_at else None,
|
||||
"duration": self.duration,
|
||||
"notes": self.notes,
|
||||
"logs": self.logs or [],
|
||||
"endpoints_count": self.endpoints_count,
|
||||
"created_at": self.created_at.isoformat() if self.created_at else None,
|
||||
}
|
||||
@@ -87,6 +87,21 @@ class Vulnerability(Base):
|
||||
# AI Analysis
|
||||
ai_analysis: Mapped[Optional[str]] = mapped_column(Text, nullable=True)
|
||||
|
||||
# PoC Code (executable proof-of-concept: HTML, Python, curl, etc.)
|
||||
poc_code: Mapped[Optional[str]] = mapped_column(Text, nullable=True)
|
||||
|
||||
# Screenshots (list of base64 data URIs or filesystem paths)
|
||||
screenshots: Mapped[List] = mapped_column(JSON, default=list)
|
||||
|
||||
# Source URL and parameter (for finding_id reconstruction)
|
||||
url: Mapped[Optional[str]] = mapped_column(Text, nullable=True)
|
||||
parameter: Mapped[Optional[str]] = mapped_column(String(500), nullable=True)
|
||||
|
||||
# Validation status (manual review workflow)
|
||||
validation_status: Mapped[str] = mapped_column(String(20), default="ai_confirmed")
|
||||
# Values: "ai_confirmed" | "ai_rejected" | "validated" | "false_positive" | "pending_review"
|
||||
ai_rejection_reason: Mapped[Optional[str]] = mapped_column(Text, nullable=True)
|
||||
|
||||
# Timestamps
|
||||
created_at: Mapped[datetime] = mapped_column(DateTime, default=datetime.utcnow)
|
||||
|
||||
@@ -116,5 +131,11 @@ class Vulnerability(Base):
|
||||
"remediation": self.remediation,
|
||||
"references": self.references,
|
||||
"ai_analysis": self.ai_analysis,
|
||||
"poc_code": self.poc_code,
|
||||
"screenshots": self.screenshots or [],
|
||||
"url": self.url,
|
||||
"parameter": self.parameter,
|
||||
"validation_status": self.validation_status or "ai_confirmed",
|
||||
"ai_rejection_reason": self.ai_rejection_reason,
|
||||
"created_at": self.created_at.isoformat() if self.created_at else None
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user