#!/usr/bin/env bash # ============================================================================ # NeuroSploit v3 - Rebuild & Launch Script # ============================================================================ # Usage: chmod +x rebuild.sh && ./rebuild.sh # Options: # --backend-only Only start the backend (skip frontend) # --frontend-only Only start the frontend (skip backend) # --build Build frontend for production instead of dev mode # --install Force reinstall all dependencies # --reset-db Delete and recreate the database (for schema changes) # ============================================================================ set -e PROJECT_DIR="/opt/NeuroSploitv2" VENV_DIR="$PROJECT_DIR/venv" FRONTEND_DIR="$PROJECT_DIR/frontend" DATA_DIR="$PROJECT_DIR/data" LOGS_DIR="$PROJECT_DIR/logs" PID_DIR="$PROJECT_DIR/.pids" DB_PATH="$DATA_DIR/neurosploit.db" # Colors RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' CYAN='\033[0;36m' NC='\033[0m' # Parse args BACKEND_ONLY=false FRONTEND_ONLY=false PRODUCTION_BUILD=false FORCE_INSTALL=false RESET_DB=false for arg in "$@"; do case $arg in --backend-only) BACKEND_ONLY=true ;; --frontend-only) FRONTEND_ONLY=true ;; --build) PRODUCTION_BUILD=true ;; --install) FORCE_INSTALL=true ;; --reset-db) RESET_DB=true ;; esac done header() { echo "" echo -e "${CYAN}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}" echo -e "${CYAN} $1${NC}" echo -e "${CYAN}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}" } step() { echo -e "${GREEN}[+]${NC} $1" } warn() { echo -e "${YELLOW}[!]${NC} $1" } fail() { echo -e "${RED}[x]${NC} $1" exit 1 } # ============================================================================ # 0. Kill previous instances # ============================================================================ header "Stopping previous instances" mkdir -p "$PID_DIR" # Kill by PID files if they exist for pidfile in "$PID_DIR"/*.pid; do [ -f "$pidfile" ] || continue pid=$(cat "$pidfile" 2>/dev/null) if [ -n "$pid" ] && kill -0 "$pid" 2>/dev/null; then step "Stopping process $pid ($(basename "$pidfile" .pid))" kill "$pid" 2>/dev/null || true sleep 1 kill -9 "$pid" 2>/dev/null || true fi rm -f "$pidfile" done # Also kill any lingering uvicorn/vite on our ports if lsof -ti:8000 >/dev/null 2>&1; then step "Killing process on port 8000" kill $(lsof -ti:8000) 2>/dev/null || true fi if lsof -ti:3000 >/dev/null 2>&1; then step "Killing process on port 3000" kill $(lsof -ti:3000) 2>/dev/null || true fi sleep 1 step "Previous instances stopped" # ============================================================================ # 1. Ensure directories exist # ============================================================================ header "Preparing directories" mkdir -p "$DATA_DIR" "$LOGS_DIR" "$PID_DIR" mkdir -p "$PROJECT_DIR/reports/screenshots" mkdir -p "$PROJECT_DIR/reports/benchmark_results/logs" step "Directories ready" # ============================================================================ # 1b. Database reset (if requested) # ============================================================================ if [ "$RESET_DB" = true ]; then header "Resetting database" if [ -f "$DB_PATH" ]; then BACKUP="$DB_PATH.backup.$(date +%Y%m%d%H%M%S)" step "Backing up existing DB to $BACKUP" cp "$DB_PATH" "$BACKUP" rm -f "$DB_PATH" step "Database deleted (will be recreated with new schema on startup)" else step "No existing database found" fi fi # ============================================================================ # 2. Environment check # ============================================================================ header "Checking environment" if [ ! -f "$PROJECT_DIR/.env" ]; then if [ -f "$PROJECT_DIR/.env.example" ]; then warn ".env not found, copying from .env.example" cp "$PROJECT_DIR/.env.example" "$PROJECT_DIR/.env" else fail ".env file not found and no .env.example to copy from" fi fi step ".env file present" # Check Python if command -v python3 &>/dev/null; then PYTHON=python3 elif command -v python &>/dev/null; then PYTHON=python else fail "Python not found. Install Python 3.10+" fi step "Python: $($PYTHON --version)" # Check Node if command -v node &>/dev/null; then step "Node: $(node --version)" else if [ "$BACKEND_ONLY" = false ]; then fail "Node.js not found. Install Node.js 18+" fi fi # Check Docker (optional - needed for sandbox & benchmarks) if command -v docker &>/dev/null; then step "Docker: $(docker --version 2>/dev/null | head -1)" # Check compose if docker compose version &>/dev/null 2>&1; then step "Docker Compose: plugin (docker compose)" elif command -v docker-compose &>/dev/null; then step "Docker Compose: standalone ($(docker-compose version --short 2>/dev/null))" else warn "Docker Compose not found (needed for sandbox & benchmarks)" fi else warn "Docker not found (optional - needed for sandbox & benchmarks)" fi # ============================================================================ # 3. Python virtual environment & dependencies # ============================================================================ if [ "$FRONTEND_ONLY" = false ]; then header "Setting up Python backend" if [ ! -d "$VENV_DIR" ] || [ "$FORCE_INSTALL" = true ]; then step "Creating virtual environment..." $PYTHON -m venv "$VENV_DIR" fi source "$VENV_DIR/bin/activate" step "Virtual environment activated" if [ "$FORCE_INSTALL" = true ] || [ ! -f "$VENV_DIR/.deps_installed" ]; then step "Installing backend dependencies..." pip install --quiet --upgrade pip # Install from requirements files (pyproject.toml is for tool config only) pip install --quiet -r "$PROJECT_DIR/backend/requirements.txt" 2>&1 | tail -5 pip install --quiet -r "$PROJECT_DIR/requirements.txt" 2>&1 | tail -5 touch "$VENV_DIR/.deps_installed" step "Core dependencies installed" # Try optional deps (may fail on Python <3.10) if [ -f "$PROJECT_DIR/requirements-optional.txt" ]; then step "Installing optional dependencies (best-effort)..." pip install --quiet -r "$PROJECT_DIR/requirements-optional.txt" 2>/dev/null && \ step "Optional deps installed (mcp, playwright)" || \ warn "Some optional deps skipped (Python 3.10+ required for mcp/playwright)" fi else step "Dependencies already installed (use --install to force)" fi # Validate key modules step "Validating Python modules..." $PYTHON -c " import sys modules = [ ('backend.main', 'FastAPI app'), ('backend.config', 'Settings'), ('backend.api.v1.vuln_lab', 'VulnLab API'), ('backend.models.vuln_lab', 'VulnLab Model'), ('core.llm_manager', 'LLM Manager'), ('core.model_router', 'Model Router'), ('core.scheduler', 'Scheduler'), ('core.knowledge_augmentor', 'Knowledge Augmentor'), ('core.browser_validator', 'Browser Validator'), ('core.mcp_client', 'MCP Client'), ('core.mcp_server', 'MCP Server'), ('core.sandbox_manager', 'Sandbox Manager'), ('backend.core.agent_memory', 'Agent Memory'), ('backend.core.response_verifier', 'Response Verifier'), ('backend.core.vuln_engine.registry', 'VulnEngine Registry'), ('backend.core.vuln_engine.payload_generator', 'VulnEngine Payloads'), ('backend.core.vuln_engine.ai_prompts', 'VulnEngine AI Prompts'), ] errors = 0 for mod, name in modules: try: __import__(mod) print(f' OK {name} ({mod})') except Exception as e: print(f' WARN {name} ({mod}): {e}') errors += 1 if errors > 0: print(f'\n {errors} module(s) had import warnings (optional deps may be missing)') else: print('\n All modules loaded successfully') " 2>&1 || true # Validate knowledge base step "Validating knowledge base..." $PYTHON -c " import json, os kb_path = os.path.join('$PROJECT_DIR', 'data', 'vuln_knowledge_base.json') if os.path.exists(kb_path): kb = json.load(open(kb_path)) types = len(kb.get('vulnerability_types', {})) insights = len(kb.get('xbow_insights', kb.get('attack_insights', {}))) print(f' OK Knowledge base: {types} vuln types, {insights} insight categories') else: print(' WARN Knowledge base not found at data/vuln_knowledge_base.json') " 2>&1 || true # Validate VulnEngine coverage step "Validating VulnEngine coverage..." $PYTHON -c " from backend.core.vuln_engine.registry import VulnerabilityRegistry from backend.core.vuln_engine.payload_generator import PayloadGenerator from backend.core.vuln_engine.ai_prompts import VULN_AI_PROMPTS r = VulnerabilityRegistry() p = PayloadGenerator() total_payloads = sum(len(v) for v in p.payload_libraries.values()) print(f' OK Registry: {len(r.VULNERABILITY_INFO)} types, {len(r.TESTER_CLASSES)} testers') print(f' OK Payloads: {total_payloads} across {len(p.payload_libraries)} categories') print(f' OK AI Prompts: {len(VULN_AI_PROMPTS)} per-vuln decision prompts') " 2>&1 || true fi # ============================================================================ # 4. Frontend dependencies # ============================================================================ if [ "$BACKEND_ONLY" = false ]; then header "Setting up React frontend" cd "$FRONTEND_DIR" if [ ! -d "node_modules" ] || [ "$FORCE_INSTALL" = true ]; then step "Installing frontend dependencies..." npm install --silent 2>&1 | tail -3 step "Frontend dependencies installed" else step "node_modules present (use --install to force)" fi cd "$PROJECT_DIR" fi # ============================================================================ # 5. Launch backend # ============================================================================ if [ "$FRONTEND_ONLY" = false ]; then header "Starting FastAPI backend (port 8000)" source "$VENV_DIR/bin/activate" # Export env vars set -a source "$PROJECT_DIR/.env" set +a PYTHONPATH="$PROJECT_DIR" uvicorn backend.main:app \ --host 0.0.0.0 \ --port 8000 \ --reload \ --log-level info \ > "$LOGS_DIR/backend.log" 2>&1 & BACKEND_PID=$! echo "$BACKEND_PID" > "$PID_DIR/backend.pid" step "Backend started (PID: $BACKEND_PID)" step "Backend logs: $LOGS_DIR/backend.log" # Wait for backend to be ready step "Waiting for backend..." for i in $(seq 1 15); do if curl -s http://localhost:8000/docs >/dev/null 2>&1; then step "Backend is ready" break fi if [ $i -eq 15 ]; then warn "Backend may still be starting. Check logs." fi sleep 1 done fi # ============================================================================ # 6. Launch frontend # ============================================================================ if [ "$BACKEND_ONLY" = false ]; then header "Starting React frontend (port 3000)" cd "$FRONTEND_DIR" if [ "$PRODUCTION_BUILD" = true ]; then step "Building production frontend..." npm run build 2>&1 | tail -5 step "Build complete. Serving from dist/" npx vite preview --port 3000 \ > "$LOGS_DIR/frontend.log" 2>&1 & else step "Starting development server..." npx vite --port 3000 \ > "$LOGS_DIR/frontend.log" 2>&1 & fi FRONTEND_PID=$! echo "$FRONTEND_PID" > "$PID_DIR/frontend.pid" step "Frontend started (PID: $FRONTEND_PID)" step "Frontend logs: $LOGS_DIR/frontend.log" cd "$PROJECT_DIR" # Wait for frontend for i in $(seq 1 10); do if curl -s http://localhost:3000 >/dev/null 2>&1; then break fi sleep 1 done fi # ============================================================================ # 7. Summary # ============================================================================ header "NeuroSploit v3 is running" echo "" if [ "$FRONTEND_ONLY" = false ]; then echo -e " ${GREEN}Backend API:${NC} http://localhost:8000" echo -e " ${GREEN}API Docs:${NC} http://localhost:8000/docs" echo -e " ${GREEN}Scheduler API:${NC} http://localhost:8000/api/v1/scheduler/" echo -e " ${GREEN}VulnLab API:${NC} http://localhost:8000/api/v1/vuln-lab/" fi if [ "$BACKEND_ONLY" = false ]; then echo -e " ${GREEN}Frontend UI:${NC} http://localhost:3000" fi echo "" echo -e " ${BLUE}Logs:${NC}" [ "$FRONTEND_ONLY" = false ] && echo -e " Backend: tail -f $LOGS_DIR/backend.log" [ "$BACKEND_ONLY" = false ] && echo -e " Frontend: tail -f $LOGS_DIR/frontend.log" echo "" echo -e " ${YELLOW}Stop:${NC} $0 (re-run kills previous)" echo -e " kill \$(cat $PID_DIR/backend.pid) \$(cat $PID_DIR/frontend.pid)" echo "" echo -e "${CYAN}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}" echo -e "${GREEN} NeuroSploit v3 - Autonomous Security Agent${NC}" echo -e "" echo -e " ${BLUE}VulnEngine (100-Type):${NC}" echo -e " - Registry: 100 vuln types, 428 payloads, 100 testers" echo -e " - AI Prompts: 100 per-vuln AI decision prompts" echo -e " - Agent Memory: Bounded dedup stores, baseline caching" echo -e " - Multi-Signal: 4-signal verification (tester+baseline+" echo -e " payload_effect+error_patterns)" echo -e " - Payload Effect: Baseline-compared checks (eliminates FP" echo -e " for NoSQL, HPP, type juggling, HTML inj)" echo -e " - Anti-Hallucination: AI cross-validation, evidence grounding" echo -e " - Knowledge Base: 100 vuln types + insight categories" echo -e " - Attack Plan: 5-tier priority (P1 critical -> P5 info)" echo -e "" echo -e " ${BLUE}Autonomous Agent:${NC}" echo -e " - Full Auto: One-click full vulnerability assessment" echo -e " - Auto Pentest: 6-phase automated penetration testing" echo -e " - Pause/Resume/Stop: Real-time scan control (pause, resume, terminate)" echo -e " - MCP Server: 12 tools (screenshot, dns, port scan, etc.)" echo -e " - Security Sandbox: Docker-based tool isolation (22 tools)" echo -e " - Benchmark Runner: 104 CTF challenges for accuracy testing" echo -e "" echo -e " ${BLUE}Vulnerability Lab:${NC}" echo -e " - Isolated Testing: Test individual vuln types one at a time" echo -e " - 100 Vuln Types: All VulnEngine types available for testing" echo -e " - Lab/CTF Support: PortSwigger, CTFs, custom targets" echo -e " - Auth Support: Cookie, Bearer, Basic, Custom headers" echo -e " - Detection Stats: Per-type & per-category detection rates" echo -e " - Challenge History: Full history with results tracking" echo -e "" echo -e " ${BLUE}Verification & Reports:${NC}" echo -e " - Anti-FP: Baseline-compared payload effect checks" echo -e " - ZIP Reports: Download HTML report + screenshots as ZIP" echo -e " - OHVR Reports: Observation-Hypothesis-Validation-Result" echo -e " - Severity Sorting: Critical/High findings appear first" echo -e "" echo -e " ${BLUE}Platform Features:${NC}" echo -e " - Scheduler: /scheduler (cron & interval scheduling)" echo -e " - OpenRouter: Settings > LLM Configuration > OpenRouter" echo -e " - Model Routing: Settings > Advanced Features toggle" echo -e " - Knowledge Aug: Settings > Advanced Features toggle" echo -e " - Browser Validation: Settings > Advanced Features toggle" echo -e " - Skip-to-Phase: Agent + Scan pages (skip ahead in pipeline)" echo -e " - Reset DB: ./rebuild.sh --reset-db (schema changes)" echo -e "${CYAN}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}" echo "" # Keep script running so bg processes stay alive wait