NodeSec is a modern attack surface intelligence platform designed to help organizations understand what is publicly exposed on the internet — without requiring a dedicated cybersecurity team.
Most colleges, SMEs, startups, and local organizations struggle to interpret complex security tools and raw vulnerability reports. NodeSec bridges that gap by transforming scattered OSINT data into clear attack graphs, understandable risk insights, and actionable remediation guidance.
Instead of overwhelming users with technical logs, NodeSec focuses on answering three simple questions:
- What is exposed?
- How serious is the risk?
- What should be fixed first?
Built with FastAPI, React, PostgreSQL, and Docker.
The only prerequisite is Docker Desktop (or Docker Engine + Compose). No local Python, Node, or PostgreSQL needed.
git clone <repo-url>
cd NodeSec
docker compose up --buildThen open http://localhost:8080. The API docs live at http://localhost:8000/docs.
That's it — the database, backend, and frontend all start together, the schema is created automatically, and the app talks to the API through an nginx proxy so it works from any machine or IP with zero configuration.
Convenience wrappers are provided if you prefer:
| OS | Command |
|---|---|
| macOS / Linux | ./run.sh |
| Windows | run.bat |
Useful commands
docker compose up --build -d # run in the background
docker compose logs -f # follow logs
docker compose down # stop
docker compose down -v # stop and wipe all data (fresh start)Configuration is optional — copy .env.example to .env to change ports,
database credentials, or add API keys (HIBP, Shodan). Everything has working
defaults out of the box.
Local development without Docker is still supported: run the backend with
uvicorn main:app --reload(needs a local PostgreSQL) and the frontend withnpm install && npm run dev. Docker is the recommended path for a one-command run.
Traditional security tools are often designed for experienced security engineers and produce outputs that are difficult for non-experts to interpret.
NodeSec simplifies cybersecurity visibility by combining:
- Passive OSINT-based intelligence gathering
- Visual attack surface mapping
- Deterministic attack chain detection
- Severity-based risk scoring
- Plain-language explanations
- Actionable remediation guidance
The goal is to make cybersecurity visibility more accessible for resource-constrained organizations and non-specialist administrators.
- Passive subdomain discovery using public intelligence sources
- DNS, SSL, and exposure analysis
- Visual attack graph generation
- Attack chain detection engine
- Severity-based risk scoring
- Human-readable explanations and fix recommendations
- Interactive dashboard experience
- Dockerized local development setup
| Layer | Technology |
|---|---|
| Frontend | React, Vite, Tailwind CSS, React Flow, Framer Motion |
| Backend | FastAPI, SQLAlchemy, Pydantic |
| Database | PostgreSQL |
| Authentication | JWT + bcrypt |
| OSINT Sources | crt.sh, CertSpotter, OTX, DNS, SSL |
| Containerization | Docker + Docker Compose |
NodeSec is designed with modular scalability in mind.
The architecture separates:
- OSINT collection
- attack analysis
- scoring
- reporting
- frontend visualization
This enables future scaling into:
- distributed scan workers
- real-time monitoring
- enterprise multi-tenant deployments
- cloud-native orchestration
- AI-assisted remediation guidance
- SIEM integrations
- automated alerting pipelines
The backend is containerized using Docker and can be horizontally scaled with orchestration platforms such as Kubernetes in production environments.
NodeSec/
├── nodesec-backend/
│ ├── routers/
│ ├── services/
│ ├── osint/
│ ├── rule_engine/
│ ├── scoring/
│ ├── workers/
│ ├── models/
│ └── schemas/
│
├── nodesec-frontend/
│ ├── src/
│ │ ├── pages/
│ │ ├── components/
│ │ ├── api/
│ │ ├── hooks/
│ │ └── store/
│
├── docker-compose.yml
└── README.md
- User enters a domain
- NodeSec collects public OSINT data
- Backend analyzes attack relationships
- Risk engine scores vulnerabilities
- Dashboard visualizes findings
- User receives explanations and remediation steps
MIT License