customer-engineering/gitex2026
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
gitex2026/README.md
administrator db41397368 chore: auto-commit 2026-04-24 12:36
2026-04-24 12:36:21 +00:00

3.8 KiB
Raw Blame History

Resilience Challenge - Interactive Booth Experience

An interactive booth experience that captures corporate emails, runs background security simulations using GoTestWAF, and provides a "Resilience Code" for lead conversion.

Project Structure

gitex2026/
├── AttackSurface/          # Main application folder
│   ├── bin/               # Executables (GoTestWAF binary, compiled app)
│   ├── src/               # Source code (Go server, frontend)
│   │   ├── cmd/           # Go command entry points
│   │   ├── static/        # HTML/JS/CSS frontend files
│   │   ├── templates/     # Go HTML templates
│   │   ├── gotestwaf/     # GoTestWAF configuration
│   │   ├── internal/      # Internal Go packages
│   │   └── pkg/           # Public Go packages
│   ├── reports/           # GoTestWAF output reports (generated)
│   ├── logs/              # Server logs
│   ├── docs/              # Documentation (CHANGELOG.md, DEVELOPMENT_STATUS.md)
│   └── start.sh           # Server startup script
└── README.md              # This file

Tech Stack

  • Backend: Go (Golang) with Gin web framework
  • Frontend: HTML5, JavaScript, CSS
  • Security Testing: GoTestWAF (external binary)
  • Data Storage: In-memory map (volatile) for demo purposes

Features

  1. Email Capture & Validation: POST /start endpoint with regex validation and security checks
  2. Background Security Scan: Concurrent GoTestWAF execution with 120-second timeout
  3. Real-time Status Tracking: Polling endpoint /scan-status/:domain for live updates
  4. Interactive Simulation: Frontend step sequencer with animated progress visualization
  5. Resilience Code: Static code WX-2026 displayed after simulation completion
  6. Consultant Dashboard: Protected /admin-dashboard to monitor all scan results
  7. Report Generation: HTML reports served at /reports/report_*.html
  8. Graceful Shutdown: OS signal handling (SIGINT, SIGTERM) with proper cleanup

Quick Start

# Option 1: Use startup script (recommended)
cd gitex2026/AttackSurface
./start.sh

# Option 2: Manual build and run
cd AttackSurface/src
go build -o ../bin/resilience-challenge ./cmd/resilience-challenge
cd ..
./bin/resilience-challenge

# Access the application
# Frontend: http://localhost:8080 (or booth Wi-Fi IP)
# Admin dashboard: http://localhost:8080/admin-dashboard
# Reports: http://localhost:8080/reports/report_*.html

Development

Current Status

Version 0.3.0 - Production ready for Phase 5 testing. All critical bugs fixed.

Documentation

Key Improvements in 0.3.0

  • Fixed GoTestWAF integration bugs causing scan failures
  • Enhanced security with comprehensive input validation
  • Added graceful shutdown with OS signal handling
  • Improved code quality and concurrency safety

Testing

Target Server

The application is configured to test https://git.sechpoint.app (your Wallarm-protected server in monitoring mode).

Test Flow

  1. User submits email at booth → Domain extracted → GoTestWAF scan initiated
  2. Real-time status updates via frontend polling (/scan-status/:domain)
  3. HTML report generated upon completion (120-second timeout)
  4. Consultant monitors all scans via admin dashboard

Verification

  • Server binds to 0.0.0.0:8080 for booth Wi-Fi accessibility
  • All endpoints respond correctly (frontend, API, reports)
  • Graceful shutdown handles SIGINT/SIGTERM signals
  • GoTestWAF integration uses valid flags for current version

License

Proprietary - For internal event use only.