customer-engineering/gitex2026
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
gitex2026/aasd/docs/STATE_OF_DEVELOPMENT.md
administrator 4f533c6c8f feat: complete AASD booth application rewrite 
- Replace email input with domain input (no data collection)
- Interactive subdomain selection flow with live progress
- IP fast-path (skip discovery for IP addresses)
- HTTPS/TLS-based subdomain probing (5000-name SecLists wordlist)
- Wildcard DNS detection with TLS cert validation filter
- Rename reports: visitor_{token}.html and consultant_{token}.html
- Remove domain-scan dependency (ineffective without API keys)
- Fix race condition in discovery vs scan phase
- Rearrange repo structure: AttackSurface/ -> aasd/src/
- Add live probe progress counter in frontend
- Admin dashboard shows consultant report only when file exists
2026-04-28 12:45:45 +00:00

103 lines
4.3 KiB
Markdown
Raw Blame History

# State of Development
**Version**: 2026-04.1 | **Last Updated**: 2026-04-28
## Booth Flow
```
Visitor enters: example.com
POST /start → ProbeSubdomains() checks 5000 names via HTTPS/TLS
Live progress: "Checking 142 / 5000 subdomains…"
Discovered subdomains shown — visitor picks one
GoTestWAF scans selected subdomain against Wallarm endpoint
AI generates resilience narrative (or fallback)
Visitor sees report with QR code; consultant accesses full GoTestWAF output
```
## Key Features
| Feature | Status | Details |
|---------|--------|---------|
| **Domain Input** | ✅ Complete | Replaced email — no data-collection appearance |
| **Subdomain Discovery** | ✅ Complete | 5000-name SecLists wordlist, HTTPS/TLS probe |
| **Wildcard DNS Detection** | ✅ Complete | Filters catch-all via TLS cert validation |
| **Live Probe Progress** | ✅ Complete | Frontend shows "checked N / total" with pulse |
| **Interactive Selection** | ✅ Complete | User picks which subdomain to scan |
| **IP Fast-Path** | ✅ Complete | Skips discovery, scans IP directly |
| **GoTestWAF Integration** | ✅ Complete | 120s timeout, consultant_{token}.html output |
| **AI Narrative** | ✅ Complete | DeepSeek API (fallback HTML when unavailable) |
| **Admin Dashboard** | ✅ Complete | Basic auth, per-scan consultant report links |
| **Report Serving** | ✅ Complete | visitor_{token}.html + consultant_{token}.html |
| **QR Code** | ✅ Complete | Booth scanning workflow |
| **Graceful Shutdown** | ✅ Complete | SIGINT/SIGTERM handling |
| **Booth Network** | ✅ Complete | Binds to 0.0.0.0:8080 |
## Technical Specifications
| Aspect | Value |
|--------|-------|
| **Language** | Go 1.25.0 |
| **Framework** | Gin web framework |
| **Subdomain Wordlist** | 5000 names (SecLists) |
| **Probe Concurrency** | 10 workers, 3s timeout |
| **Probe Duration** | ~2 minutes for 5000 names |
| **WAF Scanner** | GoTestWAF (120s timeout) |
| **AI Provider** | DeepSeek API (optional, graceful fallback) |
| **Reports** | Static HTML at /opt/aasd/reports/ |
| **Storage** | Scan metadata: in-memory; Reports: files on disk |
| **Deployment** | systemd service at /opt/aasd/ |
| **Credentials** | sechpoint / Git3x2o26 |
## Deployment
```
/opt/aasd/
├── aasd 31M — Compiled binary
├── config.yaml — Server URL, admin creds, AI key
├── prompt.txt — DeepSeek system prompt
├── subdomains.txt — 5000-name wordlist
├── gotestwaf 27M — WAF scanner binary
├── gotestwaf-config.yaml — HTTP headers for scans
├── testcases/ — GoTestWAF attack payloads
├── static/ — Frontend HTML/JS
├── templates/ — Admin dashboard template
├── reports/ — Generated scan reports
└── logs/ — Server logs
```
## API Endpoints
| Endpoint | Method | Description |
|----------|--------|-------------|
| `/` | GET | Landing page (domain input) |
| `/start` | POST | Submit domain, start discovery pipeline |
| `/select-subdomain` | GET | Subdomain selection page |
| `/select-subdomain` | POST | Select target, start GoTestWAF scan |
| `/analysing` | GET | Scan progress page |
| `/scan-status/:token` | GET | Poll scan status (JSON) |
| `/admin-dashboard` | GET | Consultant dashboard (basic auth) |
| `/api/scans` | GET | Scan list (JSON) |
| `/report-data/:token` | GET | Raw scan result (JSON) |
| `/reports/*` | GET | Static report files |
| `/qrcode` | GET | QR code generator |
| `/email-report` | POST | Send report via email |
| `/simulation` | GET | Legacy alias for /analysing |
## Known Limitations
- **Scan results are in-memory** — restarting the service clears all scan metadata (reports on disk survive)
- **GoTestWAF requires HTTPS** — targets without HTTPS will fail to scan (fallback report generated)
- **Probe takes ~2 minutes** for 5000 names at 10 concurrent workers with 3s timeout
- **Wildcard DNS + Zoraxy defaults** — subdomains that return the exact same Zoraxy default page may be filtered out even if they exist (rare edge case)
## Next Steps
- Production deployment with proper SSL termination via Zoraxy
- DeepSeek API key configuration for AI-powered reports
- Fine-tune wordlist for booth-relevant domains
Reference in a new issue View git blame Copy permalink