diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..de2223f --- /dev/null +++ b/.gitignore @@ -0,0 +1,122 @@ +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# Distribution / packaging +.Python +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +pip-wheel-metadata/ +share/python-wheels/ +*.egg-info/ +.installed.cfg +*.egg +MANIFEST + +# PyInstaller +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.nox/ +.coverage +.coverage.* +.cache +nosetests.xml +coverage.xml +*.cover +*.py,cover +.hypothesis/ +.pytest_cache/ + +# Virtual environments +venv/ +ENV/ +env/ + +# Environment variables +.env +.env.local +.env.development.local +.env.test.local +.env.production.local + +# Node.js +node_modules/ +npm-debug.log* +yarn-debug.log* +yarn-error.log* + +# React build +frontend/build/ + +# Docker +.dockerignore + +# IDE +.vscode/ +.idea/ +*.swp +*.swo +*~ + +# OS +.DS_Store +.DS_Store? +._* +.Spotlight-V100 +.Trashes +ehthumbs.db +Thumbs.db + +# Database +*.db +*.sqlite +*.sqlite3 + +# Logs +logs +*.log + +# Runtime data +pids +*.pid +*.seed +*.pid.lock + +# Optional npm cache directory +.npm + +# Optional REPL history +.node_repl_history + +# Output of 'npm pack' +*.tgz + +# Yarn Integrity file +.yarn-integrity + +# parcel-bundler cache +.cache +.parcel-cache + +# Docker volumes +postgres_data/ +redis_data/ diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..cfebe35 --- /dev/null +++ b/Makefile @@ -0,0 +1,70 @@ +.PHONY: help start stop restart build logs clean dev setup + +# Default target +help: + @echo "CVE-SIGMA Auto Generator - Available Commands:" + @echo "==============================================" + @echo " make start - Start the application" + @echo " make stop - Stop the application" + @echo " make restart - Restart the application" + @echo " make build - Build and start with fresh images" + @echo " make logs - Show application logs" + @echo " make clean - Stop and remove all containers/volumes" + @echo " make dev - Start in development mode" + @echo " make setup - Initial setup (copy .env, etc.)" + @echo " make help - Show this help message" + +# Initial setup +setup: + @echo "๐Ÿ”ง Setting up CVE-SIGMA Auto Generator..." + @if [ ! -f .env ]; then \ + cp .env.example .env; \ + echo "โœ… .env file created from .env.example"; \ + echo "๐Ÿ’ก Edit .env to add your NVD API key for better rate limits"; \ + else \ + echo "โœ… .env file already exists"; \ + fi + +# Start the application +start: setup + @echo "๐Ÿš€ Starting CVE-SIGMA Auto Generator..." + docker-compose up -d + @echo "โœ… Application started!" + @echo "๐ŸŒ Frontend: http://localhost:3000" + @echo "๐Ÿ”ง Backend: http://localhost:8000" + @echo "๐Ÿ“š API Docs: http://localhost:8000/docs" + +# Stop the application +stop: + @echo "๐Ÿ›‘ Stopping CVE-SIGMA Auto Generator..." + docker-compose down + @echo "โœ… Application stopped!" + +# Restart the application +restart: stop start + +# Build and start with fresh images +build: setup + @echo "๐Ÿ”จ Building and starting CVE-SIGMA Auto Generator..." + docker-compose up -d --build + @echo "โœ… Application built and started!" + +# Show logs +logs: + @echo "๐Ÿ“‹ Application logs (press Ctrl+C to exit):" + docker-compose logs -f + +# Clean everything +clean: + @echo "๐Ÿงน Cleaning up CVE-SIGMA Auto Generator..." + docker-compose down -v --remove-orphans + docker system prune -f + @echo "โœ… Cleanup complete!" + +# Development mode (with hot reload) +dev: setup + @echo "๐Ÿ”ง Starting in development mode..." + docker-compose -f docker-compose.yml up -d db redis + @echo "๐Ÿ’ก Database and Redis started. Run backend and frontend locally for development." + @echo " Backend: cd backend && pip install -r requirements.txt && uvicorn main:app --reload" + @echo " Frontend: cd frontend && npm install && npm start" diff --git a/README.md b/README.md old mode 100755 new mode 100644 index 91cc28f..0d791e1 --- a/README.md +++ b/README.md @@ -34,14 +34,22 @@ git clone cd cve-sigma-generator ``` -2. (Optional) Set your NVD API Key: +2. **Quick Start** (Recommended): ```bash -export NVD_API_KEY="your-api-key-here" +chmod +x start.sh +./start.sh ``` -3. Start the application: +3. **Manual Setup**: ```bash -docker-compose up -d +# Copy environment file +cp .env.example .env + +# (Optional) Edit .env and add your NVD API key +nano .env + +# Start the application +docker-compose up -d --build ``` 4. Wait for services to initialize (about 30-60 seconds) @@ -186,10 +194,12 @@ docker-compose ps ### Common Issues -1. **CVE Fetch Failing**: Check NVD API rate limits or network connectivity -2. **Database Connection Error**: Ensure PostgreSQL is running and accessible -3. **Frontend Not Loading**: Verify backend is running and CORS is configured -4. **Rule Generation Issues**: Check CVE description quality and template matching +1. **Frontend build fails with "npm ci" error**: This is fixed in the current version. The Dockerfile now uses `npm install` instead of `npm ci`. +2. **CVE Fetch Failing**: Check NVD API rate limits or network connectivity +3. **Database Connection Error**: Ensure PostgreSQL is running and accessible +4. **Frontend Not Loading**: Verify backend is running and CORS is configured +5. **Rule Generation Issues**: Check CVE description quality and template matching +6. **Port conflicts**: If ports 3000, 8000, or 5432 are in use, stop other services or modify docker-compose.yml ### Rate Limits @@ -228,4 +238,4 @@ Planned features: - [ ] Rule effectiveness scoring - [ ] Export to SIEM platforms - [ ] Advanced threat intelligence integration -- [ ] Machine learning-based rule optimization \ No newline at end of file +- [ ] Machine learning-based rule optimization diff --git a/backend/main.py b/backend/main.py index 11936a0..1aca977 100644 --- a/backend/main.py +++ b/backend/main.py @@ -34,7 +34,7 @@ class CVE(Base): published_date = Column(TIMESTAMP) modified_date = Column(TIMESTAMP) affected_products = Column(ARRAY(String)) - references = Column(ARRAY(String)) + reference_urls = Column(ARRAY(String)) created_at = Column(TIMESTAMP, default=datetime.utcnow) updated_at = Column(TIMESTAMP, default=datetime.utcnow) @@ -71,6 +71,7 @@ class CVEResponse(BaseModel): severity: Optional[str] published_date: Optional[datetime] affected_products: Optional[List[str]] + reference_urls: Optional[List[str]] class Config: from_attributes = True @@ -146,9 +147,9 @@ class CVESigmaService: if cpe_match.get("vulnerable"): affected_products.append(cpe_match.get("criteria", "")) - references = [] + reference_urls = [] if cve_data.get("references"): - references = [ref.get("url", "") for ref in cve_data["references"]] + reference_urls = [ref.get("url", "") for ref in cve_data["references"]] cve_obj = CVE( cve_id=cve_id, @@ -158,7 +159,7 @@ class CVESigmaService: published_date=datetime.fromisoformat(cve_data.get("published", "").replace("Z", "+00:00")), modified_date=datetime.fromisoformat(cve_data.get("lastModified", "").replace("Z", "+00:00")), affected_products=affected_products, - references=references + reference_urls=reference_urls ) self.db.add(cve_obj) diff --git a/frontend/Dockerfile b/frontend/Dockerfile index 15e9058..4407e9b 100644 --- a/frontend/Dockerfile +++ b/frontend/Dockerfile @@ -6,18 +6,18 @@ WORKDIR /app COPY package*.json ./ # Install dependencies -RUN npm ci +RUN npm install # Copy source code COPY . . # Create non-root user RUN addgroup -g 1001 -S nodejs -RUN adduser -S nextjs -u 1001 +RUN adduser -S reactuser -u 1001 # Change ownership -RUN chown -R nextjs:nodejs /app -USER nextjs +RUN chown -R reactuser:nodejs /app +USER reactuser EXPOSE 3000 diff --git a/frontend/package.json b/frontend/package.json index 471cdc7..172a63a 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -11,14 +11,14 @@ "react-scripts": "5.0.1", "axios": "^1.6.0", "react-router-dom": "^6.8.0", - "tailwindcss": "^3.3.0", - "autoprefixer": "^10.4.14", - "postcss": "^8.4.24", - "@headlessui/react": "^1.7.17", - "@heroicons/react": "^2.0.18", "react-syntax-highlighter": "^15.5.0", "web-vitals": "^2.1.4" }, + "devDependencies": { + "tailwindcss": "^3.3.0", + "autoprefixer": "^10.4.14", + "postcss": "^8.4.24" + }, "scripts": { "start": "react-scripts start", "build": "react-scripts build", diff --git a/frontend/postcss.config.js b/frontend/postcss.config.js new file mode 100644 index 0000000..33ad091 --- /dev/null +++ b/frontend/postcss.config.js @@ -0,0 +1,6 @@ +module.exports = { + plugins: { + tailwindcss: {}, + autoprefixer: {}, + }, +} diff --git a/frontend/tailwind.config.js b/frontend/tailwind.config.js new file mode 100644 index 0000000..9514451 --- /dev/null +++ b/frontend/tailwind.config.js @@ -0,0 +1,33 @@ +/** @type {import('tailwindcss').Config} */ +module.exports = { + content: [ + "./src/**/*.{js,jsx,ts,tsx}", + "./public/index.html" + ], + theme: { + extend: { + colors: { + 'cve-blue': '#3b82f6', + 'cve-green': '#10b981', + 'cve-red': '#ef4444', + 'cve-orange': '#f97316', + 'cve-yellow': '#eab308', + }, + animation: { + 'fade-in': 'fadeIn 0.5s ease-in-out', + 'slide-up': 'slideUp 0.3s ease-out', + }, + keyframes: { + fadeIn: { + '0%': { opacity: '0' }, + '100%': { opacity: '1' }, + }, + slideUp: { + '0%': { transform: 'translateY(10px)', opacity: '0' }, + '100%': { transform: 'translateY(0)', opacity: '1' }, + }, + }, + }, + }, + plugins: [], +} diff --git a/init.sql b/init.sql index bfa9102..055a452 100644 --- a/init.sql +++ b/init.sql @@ -12,7 +12,7 @@ CREATE TABLE cves ( published_date TIMESTAMP, modified_date TIMESTAMP, affected_products TEXT[], - references TEXT[], + reference_urls TEXT[], created_at TIMESTAMP DEFAULT NOW(), updated_at TIMESTAMP DEFAULT NOW() ); diff --git a/start.sh b/start.sh new file mode 100644 index 0000000..bc38c03 --- /dev/null +++ b/start.sh @@ -0,0 +1,63 @@ +#!/bin/bash + +# CVE-SIGMA Auto Generator Startup Script + +echo "๐Ÿš€ Starting CVE-SIGMA Auto Generator..." +echo "===============================================" + +# Check if Docker and Docker Compose are installed +if ! command -v docker &> /dev/null; then + echo "โŒ Docker is not installed. Please install Docker first." + exit 1 +fi + +if ! command -v docker-compose &> /dev/null; then + echo "โŒ Docker Compose is not installed. Please install Docker Compose first." + exit 1 +fi + +# Check if .env file exists, if not create from example +if [ ! -f .env ]; then + echo "๐Ÿ“ Creating .env file from .env.example..." + cp .env.example .env + echo "โœ… .env file created. Please edit it to add your NVD API key for better rate limits." +fi + +# Stop any existing containers +echo "๐Ÿ›‘ Stopping any existing containers..." +docker-compose down + +# Build and start the application +echo "๐Ÿ”จ Building and starting the application..." +docker-compose up -d --build + +# Wait for services to be ready +echo "โณ Waiting for services to start..." +sleep 10 + +# Check if services are running +echo "๐Ÿ” Checking service status..." +if docker-compose ps | grep -q "Up"; then + echo "โœ… Services are running!" + echo "" + echo "๐ŸŒ Access the application at:" + echo " Frontend: http://localhost:3000" + echo " Backend API: http://localhost:8000" + echo " API Documentation: http://localhost:8000/docs" + echo "" + echo "๐Ÿ“Š The application will automatically:" + echo " - Fetch recent CVEs from NVD" + echo " - Generate SIGMA rules" + echo " - Update every hour" + echo "" + echo "๐Ÿ’ก Tip: Add your NVD API key to .env for higher rate limits" + echo " Get one free at: https://nvd.nist.gov/developers/request-an-api-key" +else + echo "โŒ Some services failed to start. Check logs with:" + echo " docker-compose logs" +fi + +# Show logs +echo "" +echo "๐Ÿ“‹ Recent logs (press Ctrl+C to exit):" +docker-compose logs -f --tail=50