Merge pull request #1 from noobpk/dev

Bump v0.1.1 to main
noobpk · Jun 26, 2023 · 2b70fb5 · 2b70fb5
2 parents 69cb4ec + 7449db4
commit 2b70fb5
Show file tree

Hide file tree

Showing 133 changed files with 64,146 additions and 2,223 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,10 @@
+# Changelog
+
+## 26/06/2023
+
+- Release v0.1.1 Gemini-self-protector for Flask
+- Update README.md
+
+## 17/04/2023
+
+- Release v0.1.0 Gemini-self-protector for Flask
diff --git a/README.md b/README.md
@@ -3,6 +3,12 @@
 Gemini - The Runtime Application Self Protection (RASP) Solution Combined With Deep Learning
 
 [![CodeQL](https://github.com/noobpk/gemini-self-protector/actions/workflows/codeql.yml/badge.svg?branch=main)](https://github.com/noobpk/gemini-self-protector/actions/workflows/codeql.yml)
+![Static Badge](https://img.shields.io/badge/python-3.x-blue?logo=python)
+![Static Badge](https://img.shields.io/badge/Deep%20Learning-orange)
+![Static Badge](https://img.shields.io/badge/Convolutional%20Neural%20Network-yellow)
+![Static Badge](https://img.shields.io/badge/Recurrent%20neural%20network-%23ff6666)
+
+
 
 ## Architecture
 
@@ -18,7 +24,7 @@ The architecture of gemini-self-protector is composed of seven layers however it
 
 ## Deep Learning
 
-Gemini uses a deep learning model that combines Convolutional Neural Network (CNN) and Long short-term memory (LSTM) to detect and identify vulnerabilities. This model uses convolution operation to determine the feature attributes and internal relationships in the input data thereby improving the accuracy of vulnerability detection.
+Gemini uses a deep learning model that combines Convolutional Neural Network (CNN) and a family of Recurrent neural network (RNN) techniques to detect and identify vulnerabilities.
 
 For more details: [Web-Vuln-Detection-Predict](https://github.com/noobpk/Web-Vuln-Detection-Predict)
 
@@ -34,7 +40,7 @@ For more details: [Web-Vuln-Detection-Predict](https://github.com/noobpk/Web-Vul
 
 | Injections                 | Supported          |
 | -------------------------- | ------------------ |
-| Command Injection          |                    |
+| Command Injection          | :white_check_mark: |
 | Cross-Site Scripting       | :white_check_mark: |
 | Cross-Site Request Forgery |                    |
 | CSS & HTML Injection       |                    |
@@ -47,6 +53,42 @@ For more details: [Web-Vuln-Detection-Predict](https://github.com/noobpk/Web-Vul
 | Weak Browser Caching         | :white_check_mark: |
 | Vulnerable Dependencies      | :white_check_mark: |
 | Weak Cryptography            |                    |
+| HTTP Response Headers        | :white_check_mark: |
+| API Rate Limit               | :white_check_mark: |
+
+## Gemini Security Response Headers
+
+| HTTP Response Headers | Default configuration | 
+| ------------------------------ | --------------------- |
+| X-Frame-Options                | SAMEORIGIN            |
+| X-XSS-Protection               | 1; mode=block         |
+| X-Content-Type-Options         | nosniff               |
+| Referrer-Policy                | no-referrer-when-downgrade |
+| Content-Type                   | N/A                   |
+| Strict-Transport-Security      | max-age=31536000; includeSubDomains; preload |
+| Expect-CT                      | enforce; max-age=31536000 |
+| Content-Security-Policy        | N/A                   |
+| X-Permitted-Cross-Domain-Policies | none               |
+| Feature-Policy                 | fullscreen 'self'     |
+| Cache-Control                  | no-cache, no-store, must-revalidate |
+| Pragma                         | no-cache              |
+| Expires                        | 0                     |
+| X-UA-Compatible                | IE=Edge,chrome=1      |
+| Access-Control-Allow-Origin    | *                     |
+| Access-Control-Allow-Methods   | *                     |
+| Access-Control-Allow-Headers   | *                     |
+| Access-Control-Allow-Credentials | true                |
+| Cross-Origin-Opener-Policy     | N/A                   |
+| Cross-Origin-Embedder-Policy   | N/A                   |
+| Cross-Origin-Resource-Policy   | N/A                   |
+| Permissions-Policy             | N/A                   |
+| FLoC                           | N/A                   |
+| Server                         | gemini                |
+| X-Powered-By                   | N/A                   |
+| X-AspNet-Version               | N/A                   |
+| X-AspNetMvc-Version            | N/A                   |
+| X-DNS-Prefetch-Control         | N/A                   |
+
 
 ## Installation
 
@@ -64,27 +106,55 @@ Gemini supports 3 modes and recommends sensitivity levels for the application to
 | monitor | 70        |
 | block   | 50        |
 
+## Support Predict Server
+
+| Address | Version |
+| ------- | --------- |
+| https://web-vuln-detect.my-app.in  | 19-06-2023  |
+
 ## License Key
 
 The license key is used for authentication with the API.
-| | |
-| ------- | --------- |
-|Key|988907ce-9803-11ed-a8fc-0242ac120002|
 
-## Dashboard Features
+Key: `988907ce-9803-11ed-a8fc-0242ac120002`
+
+## GUI Features
 
-👉 Hot Configuration config.yml
+👉 Monitor Abnormal Event
 
-👉 Access List Control
+👉 Hot Configuration
+
+👉 Access Control List
 
 👉 Log Activity
 
 👉 Dependency Vulnerability Check
 
-👉 Monitor Abnormal Request
+## Theme
+https://appseed.us/product/datta-able/flask/
+
+## Screenshot
+
+### Dashboard Screen
+
+![image](https://github.com/noobpk/gemini-self-protector/assets/31820707/112e227b-9f43-4189-b1fd-038e7cd324ee)
+
+### Configurate Screen
+
+![image](https://github.com/noobpk/gemini-self-protector/assets/31820707/e2b4fc0b-c188-4c52-b21e-afd7e8d52582)
+
+### Access Control List
+
+![image](https://github.com/noobpk/gemini-self-protector/assets/31820707/ca2ae9a7-7956-4b83-866d-8fa5f9c4ce2b)
+
+### Dependency Check
+
+![image](https://github.com/noobpk/gemini-self-protector/assets/31820707/e5b58af5-fe2a-4f3a-ab03-e25923bd72ee)
 
 ## Contributing
 
 Interested in contributing? Check out the contributing guidelines. Please note that this project is released with a Code of Conduct. By contributing to this project, you agree to abide by its terms.
 
-## ChangeLog
+## License
+
+`gemini_self_protector` was created by lethanhphuc. It is licensed under the terms of the MIT license.
diff --git a/gemini-python/gemini_self_protector/CHANGELOG.md b/gemini-python/gemini_self_protector/CHANGELOG.md
@@ -1,7 +1,14 @@
 # Changelog
 
-<!--next-version-placeholder-->
+## v0.1.1 (24/06/2023)
 
-## v0.1.0 (19/01/2023)
+- Refactor source code
+- Gemini can run as two mode `GUI` or `CLI`
+- Using sqllite for store config and data
+- Update new template GUI
+- Add mAnti Dos 
+- Fix bug
 
-- First release of `gemini_self_protector`!
+## v0.1.0 (17/04/2023)
+
+- First release of `gemini_self_protector`!
diff --git a/gemini-python/gemini_self_protector/README.md b/gemini-python/gemini_self_protector/README.md
@@ -1,10 +1,10 @@
 # gemini_self_protector
 
-Runtime Application Self-Protection
+Gemini - The Runtime Application Self Protection (RASP) Solution Combined With Deep Learning
 
 ## Installation
 
-```bash
+```
 $ pip install gemini_self_protector
 ```
 
@@ -21,26 +21,44 @@ Gemini supports 3 modes and recommends sensitivity levels for the application to
 ## License Key
 
 The license key is used for authentication with the API.
-| | |
-| ------- | --------- |
-|Key|988907ce-9803-11ed-a8fc-0242ac120002|
 
-## Basic Usage
+Key: `988907ce-9803-11ed-a8fc-0242ac120002`
 
-With the basic usage, Gemini runs in the default mode of "monitor" and allows a sensitivity level of under 50, above which requests will be stored for monitoring purposes. The protection mode and sensitivity can be adjusted in the config.yml file after the first run.
+## Init Gemini self-protector
+
+### CLI Mode
 
 ```
-from flask import Flask
-from flask import jsonify
-from flask import request
+from flask import Flask, request
+from gemini_self_protector import GeminiManager
+
+app = Flask(__name__)
+gemini = GeminiManager()
+```
+
+### GUI Mode
 
+```
+from flask import Flask, request
 from gemini_self_protector import GeminiManager
 
 app = Flask(__name__)
-gemini = GeminiManager(license_key=os.getenv("GEMINI_LICENSE_KEY"))
+gemini = GeminiManager(app)
+```
+
+## Basic Usage
+
+With the basic usage, Gemini runs in the default mode of "monitoring" and allows a sensitivity level of under 50, above which requests will be stored for monitoring purposes.
+
+```
+from flask import Flask, request, jsonify
+from gemini_self_protector import GeminiManager
+
+app = Flask(__name__)
+gemini = GeminiManager(app)
 
 @app.route('/api/login', methods=['POST'])
-@gemini.flask_protect_extended()
+@gemini.flask_protect_extended() <--- Declare gemini below flask route and without option
 def login():
     username = request.json['username']
     password = request.json['password']
@@ -73,10 +91,10 @@ from flask import request
 from gemini_self_protector import GeminiManager
 
 app = Flask(__name__)
-gemini = GeminiManager(app, license_key=os.getenv("GEMINI_LICENSE_KEY"))
+gemini = GeminiManager(app)
 
 @app.route('/api/login', methods=['POST'])
-@gemini.flask_protect_extended(protect_mode='block')
+@gemini.flask_protect_extended(protect_mode='block') <--- Declare gemini below flask route with protect mode option
 def login():
     username = request.json['username']
     password = request.json['password']
@@ -97,6 +115,67 @@ if __name__ == "__main__":
     app.run()
 ```
 
+## Gemini Protect Against
+
+| Attacks                 | Supported          |
+| ----------------------- | ------------------ |
+| Malformed Content Types |                    |
+| HTTP Method Tampering   | :white_check_mark: |
+| Large Requests          | :white_check_mark: |
+| Path Traversal          |                    |
+| Unvalidated Redirects   | :white_check_mark: |
+
+| Injections                 | Supported          |
+| -------------------------- | ------------------ |
+| Command Injection          | :white_check_mark: |
+| Cross-Site Scripting       | :white_check_mark: |
+| Cross-Site Request Forgery |                    |
+| CSS & HTML Injection       |                    |
+| JSON & XML Injection       |                    |
+| SQL Injection              | :white_check_mark: |
+
+| Weaknesses                   | Supported          |
+| ---------------------------- | ------------------ |
+| Insecure Cookies & Transport |                    |
+| Weak Browser Caching         | :white_check_mark: |
+| Vulnerable Dependencies      | :white_check_mark: |
+| Weak Cryptography            |                    |
+| HTTP Response Headers        | :white_check_mark: |
+| API Rate Limit               | :white_check_mark: |
+
+## Gemini Security Response Headers
+
+| HTTP Response Headers | Default configuration | 
+| ------------------------------ | --------------------- |
+| X-Frame-Options                | SAMEORIGIN            |
+| X-XSS-Protection               | 1; mode=block         |
+| X-Content-Type-Options         | nosniff               |
+| Referrer-Policy                | no-referrer-when-downgrade |
+| Content-Type                   | N/A                   |
+| Strict-Transport-Security      | max-age=31536000; includeSubDomains; preload |
+| Expect-CT                      | enforce; max-age=31536000 |
+| Content-Security-Policy        | N/A                   |
+| X-Permitted-Cross-Domain-Policies | none               |
+| Feature-Policy                 | fullscreen 'self'     |
+| Cache-Control                  | no-cache, no-store, must-revalidate |
+| Pragma                         | no-cache              |
+| Expires                        | 0                     |
+| X-UA-Compatible                | IE=Edge,chrome=1      |
+| Access-Control-Allow-Origin    | *                     |
+| Access-Control-Allow-Methods   | *                     |
+| Access-Control-Allow-Headers   | *                     |
+| Access-Control-Allow-Credentials | true                |
+| Cross-Origin-Opener-Policy     | N/A                   |
+| Cross-Origin-Embedder-Policy   | N/A                   |
+| Cross-Origin-Resource-Policy   | N/A                   |
+| Permissions-Policy             | N/A                   |
+| FLoC                           | N/A                   |
+| Server                         | gemini                |
+| X-Powered-By                   | N/A                   |
+| X-AspNet-Version               | N/A                   |
+| X-AspNetMvc-Version            | N/A                   |
+| X-DNS-Prefetch-Control         | N/A                   |
+
 ## Contributing
 
 Interested in contributing? Check out the contributing guidelines. Please note that this project is released with a Code of Conduct. By contributing to this project, you agree to abide by its terms.