ZeroHack is a comprehensive cybersecurity platform that combines AI-powered threat detection, blockchain forensics, and autonomous response capabilities. This enhanced version provides a production-ready architecture with proper API integration, security hardening, and scalable deployment options.
- Central API Gateway: Single entry point for all services
- Service Layer: Modular services for AI, blockchain, notifications
- Database Layer: SQLAlchemy with async support
- Security: JWT authentication, 2FA, role-based access control
- Real-time: WebSocket support for live updates
- Modern UI: Tailwind CSS with dark theme
- API Integration: Centralized API client
- Real-time Updates: WebSocket integration
- Responsive Design: Mobile-first approach
- Multi-model Detection: Isolation Forest, Autoencoder, LSTM
- Backend-driven Inference: Centralized model management
- Real-time Analysis: Text, image, and network traffic analysis
- Explainability: SHAP integration for model explanations
- Evidence Chain: Immutable incident logging
- Smart Contracts: Automated response triggers
- Forensics: Tamper-proof evidence verification
- Docker and Docker Compose
- Node.js 18+ (for local development)
- Python 3.11+ (for local development)
git clone <repository-url>
cd zerohack
cp .env.example .env
# Edit .env with your configuration# Start all services
docker-compose up -d
# View logs
docker-compose logs -f
# Stop services
docker-compose down- Frontend: http://localhost:3000
- Backend API: http://localhost:8008
- API Documentation: http://localhost:8008/api/docs
cd backend
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
pip install -r requirements.txt
# Set environment variables
export ZEROHACK_DATABASE_URL="sqlite:///./zerohack.db"
export ZEROHACK_SECRET_KEY="your-secret-key"
# Run the server
python -m uvicorn backend.main:app --reload --host 0.0.0.0 --port 8008cd frontend
npm install
npm run dev- JWT-based authentication
- Two-factor authentication (2FA) with TOTP
- Role-based access control (Admin, Analyst, Commander, Viewer)
- Password strength validation
- Session management
- CORS protection
- Rate limiting
- Input validation with Pydantic
- SQL injection prevention
- XSS protection
- Immutable evidence logging
- Cryptographic file hashing
- Smart contract integration
- Tamper detection
- Isolation Forest: Anomaly detection in network traffic
- Autoencoder: Behavioral pattern analysis
- LSTM: Sequential data analysis
- Signature Engine: Rule-based detection
- Text Analysis: Code, logs, descriptions
- Image Analysis: Steganography detection
- Network Traffic: Real-time traffic analysis
- Comprehensive: Multi-vector analysis
- Centralized model loading
- Async inference
- Model status monitoring
- Retraining capabilities
- System health status
- Active threat count
- AI model status
- Blockchain connection status
- Incident creation and tracking
- Evidence file upload
- Blockchain logging
- Status updates
- Threat heatmap
- Recent activity feed
- Performance metrics
- Model explanations
POST /api/auth/login- User loginPOST /api/auth/register- User registrationPOST /api/auth/refresh- Token refreshPOST /api/auth/setup-2fa- Setup 2FA
GET /api/incidents- List incidentsPOST /api/incidents- Create incidentGET /api/incidents/{id}- Get incident detailsPUT /api/incidents/{id}- Update incident
POST /api/ai/analyze/text- Text analysisPOST /api/ai/analyze/image- Image analysisPOST /api/ai/analyze/network- Network analysisGET /api/ai/models/status- Model status
GET /api/blockchain/status- Blockchain statusGET /api/blockchain/evidence/{id}- Evidence chainPOST /api/blockchain/verify-evidence- Verify evidence
GET /api/dashboard/stats- Dashboard statisticsGET /api/dashboard/threat-heatmap- Threat heatmapGET /api/dashboard/recent-activity- Recent activity
- Environment Setup: Configure production environment variables
- Database: Set up PostgreSQL database
- Blockchain: Deploy smart contracts to mainnet/testnet
- SSL: Configure SSL certificates
- Monitoring: Set up logging and monitoring
# Build and deploy
docker-compose -f docker-compose.prod.yml up -d
# Scale services
docker-compose up -d --scale backend=3# Apply Kubernetes manifests
kubectl apply -f k8s/- Application health:
/health - Database connectivity
- Blockchain connectivity
- AI model status
- Structured logging with JSON format
- Log levels: DEBUG, INFO, WARNING, ERROR
- Centralized logging with ELK stack support
- Request/response times
- Error rates
- AI model performance
- Blockchain transaction status
See .env.example for all available configuration options.
ZEROHACK_DATABASE_URL: Database connection stringZEROHACK_SECRET_KEY: JWT secret keyZEROHACK_BLOCKCHAIN_RPC_URL: Blockchain RPC endpointZEROHACK_SMTP_*: Email configuration
cd backend
pytest tests/ -vcd frontend
npm testdocker-compose -f docker-compose.test.yml up --abort-on-container-exit- API Documentation: Available at
/api/docswhen running - Code Documentation: Inline docstrings and type hints
- Architecture Diagrams: See
/docs/architecture/ - Deployment Guides: See
/docs/deployment/
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests
- Submit a pull request
This project is licensed under the MIT License - see the LICENSE file for details.
- Issues: GitHub Issues
- Discussions: GitHub Discussions
- Documentation:
/docs/ - Email: support@zerohack.local
- ✅ Centralized API gateway
- ✅ JWT authentication with 2FA
- ✅ Real-time WebSocket updates
- ✅ Backend-driven AI inference
- ✅ Blockchain evidence chain
- ✅ Production-ready deployment
- ✅ Comprehensive security hardening
- ✅ Docker containerization
- ✅ Database integration
- ✅ Notification system
ZeroHack - Advanced Cybersecurity Platform with AI and Blockchain Integration