Architecture & Workflow

Understanding the hybrid DevSecOps deployment pipeline.

The Technology Stack

Node.js (C2 Server) Python 3 (Exploit Agent) Supabase (PostgreSQL Auth & Telemetry) Vanilla JS (SPA Architecture)

Execution Pipeline

1. Target Initialization

The user defines a target URL via the frontend UI. The request is securely routed to the Node.js Command & Control (C2) server.

2. Agent Deployment

The C2 server spawns an isolated Python agent via child_process. The agent fires safe, non-destructive payloads to test for SSRF, SSTI, SQLi, and XSS.

3. Auto-Remediation & Telemetry

Detected vulnerabilities trigger the generation of a sanitized Node.js patch. Telemetry is logged to Supabase, and the patch is streamed back to the client interface.