customer-engineering/gitex2026
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
gitex2026/README.md
administrator db41397368 chore: auto-commit 2026-04-24 12:36
2026-04-24 12:36:21 +00:00

96 lines
No EOL
3.8 KiB
Markdown
Raw Blame History

# Resilience Challenge - Interactive Booth Experience
An interactive booth experience that captures corporate emails, runs background security simulations using GoTestWAF, and provides a "Resilience Code" for lead conversion.
## Project Structure
```
gitex2026/
├── AttackSurface/ # Main application folder
│ ├── bin/ # Executables (GoTestWAF binary, compiled app)
│ ├── src/ # Source code (Go server, frontend)
│ │ ├── cmd/ # Go command entry points
│ │ ├── static/ # HTML/JS/CSS frontend files
│ │ ├── templates/ # Go HTML templates
│ │ ├── gotestwaf/ # GoTestWAF configuration
│ │ ├── internal/ # Internal Go packages
│ │ └── pkg/ # Public Go packages
│ ├── reports/ # GoTestWAF output reports (generated)
│ ├── logs/ # Server logs
│ ├── docs/ # Documentation (CHANGELOG.md, DEVELOPMENT_STATUS.md)
│ └── start.sh # Server startup script
└── README.md # This file
```
## Tech Stack
- **Backend**: Go (Golang) with Gin web framework
- **Frontend**: HTML5, JavaScript, CSS
- **Security Testing**: GoTestWAF (external binary)
- **Data Storage**: In-memory map (volatile) for demo purposes
## Features
1. **Email Capture & Validation**: POST `/start` endpoint with regex validation and security checks
2. **Background Security Scan**: Concurrent GoTestWAF execution with 120-second timeout
3. **Real-time Status Tracking**: Polling endpoint `/scan-status/:domain` for live updates
4. **Interactive Simulation**: Frontend step sequencer with animated progress visualization
5. **Resilience Code**: Static code `WX-2026` displayed after simulation completion
6. **Consultant Dashboard**: Protected `/admin-dashboard` to monitor all scan results
7. **Report Generation**: HTML reports served at `/reports/report_*.html`
8. **Graceful Shutdown**: OS signal handling (SIGINT, SIGTERM) with proper cleanup
## Quick Start
```bash
# Option 1: Use startup script (recommended)
cd gitex2026/AttackSurface
./start.sh
# Option 2: Manual build and run
cd AttackSurface/src
go build -o ../bin/resilience-challenge ./cmd/resilience-challenge
cd ..
./bin/resilience-challenge
# Access the application
# Frontend: http://localhost:8080 (or booth Wi-Fi IP)
# Admin dashboard: http://localhost:8080/admin-dashboard
# Reports: http://localhost:8080/reports/report_*.html
```
## Development
### Current Status
**Version 0.3.0** - Production ready for Phase 5 testing. All critical bugs fixed.
### Documentation
- [CHANGELOG.md](AttackSurface/docs/CHANGELOG.md) - Version history and detailed changes
- [DEVELOPMENT_STATUS.md](AttackSurface/docs/DEVELOPMENT_STATUS.md) - Current status and testing results
### Key Improvements in 0.3.0
- Fixed GoTestWAF integration bugs causing scan failures
- Enhanced security with comprehensive input validation
- Added graceful shutdown with OS signal handling
- Improved code quality and concurrency safety
## Testing
### Target Server
The application is configured to test `https://git.sechpoint.app` (your Wallarm-protected server in monitoring mode).
### Test Flow
1. User submits email at booth → Domain extracted → GoTestWAF scan initiated
2. Real-time status updates via frontend polling (`/scan-status/:domain`)
3. HTML report generated upon completion (120-second timeout)
4. Consultant monitors all scans via admin dashboard
### Verification
- Server binds to `0.0.0.0:8080` for booth Wi-Fi accessibility
- All endpoints respond correctly (frontend, API, reports)
- Graceful shutdown handles SIGINT/SIGTERM signals
- GoTestWAF integration uses valid flags for current version
## License
Proprietary - For internal event use only.
Reference in a new issue View git blame Copy permalink