w1ck3ds0d4/VeilBreak

**Global Situational Awareness & Intelligence Dashboard** VeilBreak is a desktop-first intelligence platform that aggregates real-time data from 46 live providers into a CesiumJS 3D globe. Track alerts, flights, vessels, military assets, cyber threats, financial markets, health biometrics, deep-research feeds, topic trackers, and global news - all in one interface. Includes a full health intelligence suite with survival medicine, and a hardware builder for designing custom sensor devices. Built with Tauri v2 (Rust) + React + CesiumJS. Runs as a native desktop app with a single Fastify backend server. No Docker, no external databases required. ## Features (Built) ### 3D Globe (CesiumJS) - Interactive globe with day/night lighting, night lights overlay (NASA Black Marble) - Toggleable layers: Alerts, Aircraft, Vessels, Fires, Conflicts, Volcanoes, GPS Jamming, Military - Conflict layer with **tier-aware country highlighting** - belligerents in red, direct military allies in orange, indirect supporters (weapons / financing / intel) in yellow. Live legend in the bottom-right. - Location search (Nominatim geocoding), distance measurement tool - Country click → full intelligence dossier (50+ data points from REST Countries + World Bank) - Space weather badge (NOAA Kp-index) in status bar ### Alerts & Disasters - USGS earthquakes, NOAA weather, GDACS disasters, NASA FIRMS fires, SafeCast radiation - EMSC European-Mediterranean earthquakes, JMA Japan seismic + tsunami, PDC Asia-Pacific disasters - ReliefWeb UN humanitarian crises (global), FEWS NET Africa food security - Copernicus EMS European flood/fire mapping, EFAS river flood warnings - Interpol Red Notices, Europol crime alerts, FBI Most Wanted - CISA KEV vulnerabilities, WHO/CDC health alerts, tsunami warnings - MDI category icons, severity color-coding, 30-day filter ### Tracking ### Cyber Intelligence - 3D cyber globe (globe.gl) with animated attack arcs, submarine cables (TeleGeography), data centers - Threat feeds: AlienVault OTX, URLhaus, Feodo Tracker, CISA KEV - Attack map: DShield + AbuseIPDB, color-coded by type (scan/brute force/malware/DDoS/exploit) - Cyber tools: IP lookup, URL check, CVE search - **37 sub-tabs** organized in 7 grouped dropdowns (CMD CENTER, INTELLIGENCE, OPERATIONS, RECON & OSINT, OFFENSE, DEFENSE, COMMS & LEARN) - CMD Center: SOC dashboard with threat gauge, AI hints, scoreboard (12 achievements, 8 levels), incident timeline - Cyber Terminal: 330+ routed security commands across 71 tool modules (network recon, OSINT, web recon, injection testing, brute force, blue team, cloud security, forensics, malware analysis, compliance, C2 hub, protocol fuzzer, mobile pentest, phishing simulator, dark web monitoring, exploit matching, tunneling/pivoting, evidence capture, threat intel correlation, loot manager, threat analyzer, malware scanner, network discovery, and more) - C2 Hub: Metasploit integration, generic listeners, session management with 4-view dashboard (table, globe, kill chain, network graph) - Protocol Fuzzer: TCP/HTTP/Auth fuzzing with mutation engine and live progress dashboard - Hardware Hub: 40 device types with 8 dashboard sections each, Fast Action extraction, Loot system (SHA-256, chain of custody, 50GB quota) - Threat Analyzer: 23 detection engines across file/URL/IP/domain/hash analysis - Malware Scanner: Full/component system scans (process, filesystem, registry, network, supply chain), 35+ threat signature database with removal guidance, searchable threat library - Network Map: force-directed SVG topology graph with device type icons (router/PC/phone/camera/IoT/server), risk-colored status rings, 30+ identification techniques (mDNS, NetBIOS, UPnP, SNMP, SSH/FTP/HTTP banners, TLS cert, TTL fingerprint, vendor API), offensive tools (ARP spoof, DNS spoof, WiFi deauth, LLMNR listener), attack planner with lateral movement suggestions, scan save/load/diff, passive ARP monitor, traffic capture and analysis - OSINT Graph: entity relationship visualization - Password Cracker: dictionary/brute/mask/rules attacks - Adversary Emulator: MITRE ATT&CK navigator with 14 tactic columns - SIEM Lite: log dashboard with alerts and severity filtering - Attack Surface: asset inventory + monitoring with change detection and cert expiry warnings - Deception Engine: honeypots + canary tokens - Vuln Scanner: target-based vulnerability scanning with scan profiles, live progress, findings feed, NVD CVE database search - Incident Response: structured IR dashboard with incident lifecycle, pre-built playbooks, visual timeline, containment actions - Threat Hunter: IOC search with auto-detection, bulk import, managed IOC database, structured hunting hypotheses - API Security Tester: REST/GraphQL API security testing with saved collections and findings - Compliance Dashboard: security framework compliance tracking with radar charts across 8 frameworks - Forensics Dashboard: evidence collection, chain of custody, OS-specific artifact reference, file analysis workbench - Secure Comms: encrypted P2P messaging + dead drops + steganography - Academy: tutorials, glossary, cheat sheets, attack flow diagrams - Workflow Engine: visual node editor for command pipelines - Pentest Wizard: 10 engagement types with 4-step setup - Mobile Pentest: ADB, iOS diagnostics, lockscreen bypass, AT commands - Phishing Simulator: SMTP campaigns with 8 templates and tracking - Proxy/VPN: SOCKS5 proxy + Tor integration (download + manage from app) ### Authentication & Multi-User - Multi-user authentication with PBKDF2 password hashing and JWT tokens (access + refresh) - Role-based access control: Admin, Analyst, Operator, Viewer - Per-route permission middleware with role enforcement - Audit logging: every action logged with who/what/when/IP to SQLite - Login page with session management, UserBadge in title bar ### Case Management - Create investigation cases with assigned analysts and status workflow (open/active/closed/archived) - Attach evidence with SHA-256 integrity hashing and chain of custody logging - Timeline reconstruction for case events - Link cases to findings, scans, and sessions ### Entity Resolution & Link Analysis - 11 entity types: person, organization, phone, email, IP, domain, address, vehicle, account, cryptocurrency, threat-actor - Automatic link discovery with confidence scoring - BFS path finding between entities - Community detection via label propagation algorithm - Force-directed entity graph visualization ### STIX/TAXII & CoT - STIX 2.1 bundle creation, import, and export - TAXII 2.1 collection endpoints for threat intelligence sharing - Cursor on Target (CoT) XML generation for blue force tracking - Indicator, observable, and relationship object support ### Bulk Data Import - Universal CSV/JSON/XML importer with column mapping - Entity auto-detection and deduplication - Import history with progress tracking ### Map Annotations - Draw points, lines, polygons, circles on CesiumJS globe - Save annotations per case - Import/export KML and GeoJSON formats ### Alerting & Notifications - Rule engine: IF condition THEN notify (configurable per data source) - Channels: in-app toast, desktop notification, webhook (Slack/Teams/custom) - Notification center with read/unread tracking - SSRF-protected webhook delivery ### Debug System - Tiered error reporting based on edition and user role - Centralized error dashboard with severity filtering and retry buttons - Live backend log stream via WebSocket (color-coded by level) - System health monitor: memory, CPU, database sizes, provider status, API response times - Request inspector: method, URL, status, timing, request/response bodies ### Financial - Stocks (Polygon.io), Crypto (CoinGecko), 15 Commodities (NASDAQ Data Link) - TradingView lightweight-charts with candlestick, SMA, RSI, MACD signals - IBKR paper/live trading integration - Market heatmap (squarified treemap, Finviz-style) grouped by sector, sized by market cap, colored by daily change ### AUTOBOT - Autonomous Trading Workbench (FINANCE > AUTOBOT) A multi-engine paper-trading lab where each "agent" is a preset bundle that seeds rules across one or more underlying engines. Operator-facing surface lives at AUTOBOT > OVERVIEW with a unified trading terminal, P&L history chart (segments colored by direction: green up, red down), portfolio P&L strip, and per-agent leaderboard cards (open / cap, W/L, realized, unrealized, top winner, top loser). **Engines**: - **Catalyst IBKR**: news-driven stock trader. Fires when a topic catalyst matches a rule (topic term + side + size + ticker list) within a freshness window. Routes to paper-engine or to IBKR paper account. - **Polymarket Auto-Paper Edge**: structural favorite-longshot bias trader. Buys YES on markets where YES is at or above a tunable threshold (default 0.92), buys NO on markets where YES is at or below threshold (default 0.08). Thresholds editable from the UI (no rebuild needed). - **Polymarket Auto-Paper Catalyst**: reactive Polymarket paper trader. Fires on news topic hits with auto-matched markets and per-rule volume/liquidity floors. - **Polymarket Live Execution**: the only real-money path. Multi-step consent + wallet onboarding + CLOB credentials + passphrase-encrypted hot wallet. Kill switch defaults ON every restart. - **Intraday Auto-Trader**: bar-driven engine on 1-minute OHLCV (Yahoo for ~30 liquid US stocks, Binance for 10 major crypto pairs). 30s tick, auto-exits on stop-loss / take-profit / time-stop. Five registered strategies: `vwap-revert`, `donchian-break`, `opening-range-breakout`, `ema-cross`, `rsi-extremes`. Inline ADD CUSTOM RULE form with strategy dropdown populated from a backend catalog endpoint. **Risk frame** (per-engine): kill switch, max concurrent positions, max daily loss USD, per-rule cooldown, size cap, freshness window. AUTO-DISARM circuit breaker on the OVERVIEW row flips every kill switch when trailing-24h paper P&L drops below a configurable threshold. **Preset catalog** with 6 strategy bundles: FDA/Biotech, PEAD Earnings Drift, Polymarket Favorite-Longshot, Intraday Momentum, Intraday Bar Signals, Macro Info-Arb. Each preset spans one or more engines and seeds rules + an isolated strategy account in one click. REFRESH preserves rule ids across catalog updates so open positions don't get orphaned. **Polymarket paper auto-resolver**: 10-min sweep that direct-fetches each unique open-position market via the gamma-api (bypassing the cache's `closed=false` filter) and auto-closes resolved positions at the settlement payoff. Eliminates the stale-position class of bug where the cache forgot about resolved markets. **Diagnostic endpoint**: `GET /api/v1/earnings/polymarket/auto-paper/diagnose` returns raw wins/losses/zeros/note-tag/ruleId-state counts so the operator can sanity-check leaderboard claims without digging through JSON state files. **Status indicator**: small WIP chip next to AUTOBOT sub-tabs that are still under active development (currently INTRADAY + MANUAL & BOTS). ### Crypto Operations - **8 crypto sub-views** in Finance tab: Wallet, Airdrops, Mining, DeFi, DEX, Whales, NFTs, Token Scanner - Multi-chain wallet tracking: Ethereum, Polygon, Arbitrum, Optimism, Base, BSC, Avalanche, Solana - Airdrop scanner with eligibility checking and claim tracking - Mining dashboard: GPU/CPU/browser mining, 18 hardware profiles, profitability calculator, 10 pool configs - DeFi yield tracker: APY comparison across protocols (DeFi Llama data), impermanent loss calculator - DEX trading: 1inch aggregator quotes, slippage settings, swap history - Whale watcher: Large transaction alerts, exchange flow analysis, smart money tracking - NFT portfolio: Collection gallery, floor prices, marketplace links (OpenSea, Blur, Magic Eden) - Token analytics: GoPlus Security audit, honeypot detection, rug pull scoring, holder distribution - **25+ API endpoints** for wallet/DeFi/mining/scanner operations ### Packet Analyzer (Wireshark-Lite) - 3-panel Wireshark-style UI: packet list, protocol tree, hex dump - Live packet capture via tshark/tcpdump with BPF display filters - Protocol dissection: Ethernet, IPv4, TCP, UDP, DNS, HTTP, TLS, ARP, ICMP - Display filters: ip.src, tcp.port, http.method, dns.query, tcp.flags - TCP stream following with client/server coloring - Statistics: protocol distribution, top talkers, conversations, DNS queries, HTTP requests - Wireshark-style packet coloring by protocol - Simulated capture mode for demo/training when no capture tools available ### CBRN Defense Systems - Nuclear blast calculator (Glasstone & Dolan scaling laws): fireball, overpressure zones (1/5/10/20 psi), thermal radiation, ionizing radiation, EMP radii - Fallout plume prediction: elliptical model with wind speed/direction, downwind contour overlay on globe - Nuclear event timeline: 7-milestone action checklist (0 min → 1 week+) - Supply calculator: water, food, KI tablets, first aid requirements for shelter duration - EMP assessment: HEMP/SREMP radius calculation, equipment vulnerability analysis (13 device categories), Faraday cage designer - Counter-UAS detection: 24-drone RF signature database (DJI, Autel, Skydio, Parrot, military), RF classifier, intercept zone calculator, geofence generator, radar-style display - EOD reference: 8 IED types with recognition features, ATF blast standoff tables, render-safe procedures, 9-line UXO report generator, decision tree flowcharts - Globe overlay: concentric blast radius circles + fallout polygon visualization (toggleable layer) ### Health Intelligence - **40 sub-tabs** across 8 categories: Vitals, Body, Activity, Mental, Analytics, Medical, Devices, Survival - Hybrid tactical+medical HUD dashboard: ECG waveform strip, SVG body silhouette, metric cards, AI insights - Vitals monitoring: Heart rate, HRV, Blood pressure, SpO2, Temperature, ECG, Blood glucose - Body tracking: Composition, pain mapping body map, vision/hearing tests, skin photo diary - Activity: Steps/distance/goals, exercise logging, sleep stages (REM/deep/light), nutrition macros - Mental health: Mood tracker, HRV-derived stress, PHQ-9/GAD-7 screening, meditation timer, cognitive tests - Analytics: Multi-metric trends, z-score anomaly detection, Pearson correlation matrix, FHIR R4 export, Health AI insights - Medical: Lab result tracking, 100-medication database with drug interactions, dosage calculator, chronic condition diary - Survival medicine: Radiation dose tracking (SafeCast + Geiger counter), START triage protocol, wound assessment, 100-drug field pharmacy - Emergency SOS: Auto-detect cardiac events, falls, seizures; one-button GPS alert to emergency contacts; medical ID card - Device management: Serial port connection to custom hardware, Apple Health/Fitbit/Garmin import - **60+ API endpoints** for health data CRUD, AI insights, SOS, medications, radiation, triage, wound care, FHIR export ### Hardware Builder - **30 sub-tabs** across 6 categories: Design, Components, Firmware, Manufacture, 3D Print, Robotics - Project workspace: Create, clone, delete hardware projects; 12 pre-built health device templates - Schematic editor (SVG-based), PCB layout with auto-router (A\* pathfinding), wiring diagrams - SPICE circuit simulation: DC operating point, transient analysis, AC frequency sweep - Component library: 201 electronic parts (MCUs, sensors, passives, connectors), searchable with specs + pricing - Mouser/DigiKey/LCSC component sourcing with stock + price comparison - Firmware: Arduino/ESP-IDF/MicroPython code generation, Monaco editor, compile, flash, serial monitor - OTA firmware updates: Device fleet management, push updates, rollback - BOM generation: Auto-generated from schematic, CSV/JSON export, cost estimator - Gerber RS-274X + Excellon drill file export for PCB manufacturing - JLCPCB/PCBWay integration: Instant price quotes, order tracking - 3D enclosure: Parametric box generator, STL export, G-code slicer (14 printer profiles), OctoPrint integration - **12 health device templates**: Wrist HR monitor ($15), ECG ($20), Geiger counter ($35), Sleep tracker ($15), and 8 more ### KaliCare Robot Cat (Contest Project) - Enhanced OpenCat-style quadruped robot with passive health monitoring - 14-servo design (3 DoF per leg + ears), PCA9685 PWM driver, MPU6050 IMU - Built on Arduino UNO Q (Qualcomm QRB2210 + STM32U585) - Health sensors: MAX30102 (HR/SpO2), MLX90614 (temperature), camera (person/fall detection) - Voice interaction: INMP441 mic + MAX98357A amp + speaker - Cat personality engine: 8 behavioral states driven by health data - Edge Impulse ML integration for on-device inference - Arduino App Lab dashboard generation - 14 gait patterns (walk, trot, sit, stand, wave, stretch, crouch, ear/tail expressions) - Inverse kinematics solver for 3-DOF leg positioning - Parametric 3D body generator: torso, legs, paws, head, ears, tail as printable STLs - Full BOM with 17 components, 17-step build guide - ROBOTICS tab group in Hardware Builder with 6 sub-tabs ### Conflict Intelligence & Enrichment - **Wikipedia infobox scraper** parses `{{Infobox military conflict}}` (both classic and modern Lua `#invoke` form) to backfill missing belligerents, supporters, casualties, commanders, dates, and territorial changes whenever UCDP / Wikidata coverage is incomplete. - **Tier-aware globe highlighting** - every country mentioned in a conflict's infobox is classified as a _belligerent_ (active combatant), _direct ally_ (troop / military support), or _supporter_ (weapons / financing / intelligence). Each tier renders at a different colour and opacity on the Cesium globe, with a live legend. - **Auto-discovery of new conflicts** - a Wikidata SPARQL query (`Q350604` armed conflict, started in last 5 years, no end date) finds new wars beyond the hardcoded seed list. New conflicts get a stable `wd-` zone ID and appear on the next 12h provider tick - no code changes needed when a new war breaks out. - **Dynamic refresh** - provider polls every 12h via the scheduler. On-demand reruns via `POST /api/v1/conflicts/wikipedia/refresh` (singleton-guarded; concurrent calls share the same in-flight scrape). Frontend uses stale-while-revalidate via `useDataSource('conflicts')`, so the globe re-paints whenever the cache updates. - **Defensive parsing** - `` blocks, HTML comments, and `{{cite}}` / `{{efn}}` templates are stripped before country extraction so footnotes don't leak unrelated nations into combatant lists. Bare `[[wikilinks]]` are only counted when they resolve to a known country. ### News - 77+ RSS feeds across 23 categories, 21 languages - Relevance scoring (0-100), 23 intelligence categories (conflict, terrorism, nuclear, cyber, intelligence, geopolitics, disaster, pandemic, politics, unrest, police, humanitarian, economy, supply-chain, resources, energy, crypto, infrastructure, technology, space, health, environment, security) - European coverage: The Local (9 countries), Politico EU, Kyiv Independent, etc. ### Research - Long-form research feed with sub-tabs for PAPERS (ArXiv + PubMed), TRIALS (ClinicalTrials.gov), TECH (HackerNews + curated tech RSS), MEDICINES, PATENTS, GOV DOCS, and ALT narratives. - Cross-source search and bookmark-to-case integration. ### Topics - Topic tracker that runs saved keywords across news, alerts, and FDA recalls. - New-hit badges per topic count matches since last visit (60s polling). - Pin/unpin individual results to investigation cases. ### Survival Library - Survival protocols, field reference cards, prep calculator, blueprints. - 23 library categories: survival, medicine, engineering, electronics, energy, agriculture, water, communications, computing, transportation, security, governance, science, education, reference, blueprints, intelligence, cybersecurity, stealth, logistics, psychology, infrastructure, cbrn. - All catalog data (packs, articles, inline content, blueprints, 72-hour protocol, supply database) lives on the backend at `/api/v1/library/catalog`. The frontend bundle ships no hardcoded library content; the catalog is fetched once on boot. ### Debug Zone - Live dashboard of every fetch, console call, WebSocket frame, and uncaught error from the moment the app boots. - Tiered detail by edition x role, filterable by severity, with retry buttons on failed requests. ## Tech Stack | Layer | Technology | | --------- | ---------------------------------------------------- | | Desktop | Tauri v2 (Rust) - frameless window, custom title bar | | Frontend | React 18 + TypeScript + Vite | | 3D Globe | CesiumJS (main), globe.gl (cyber) | | State | Zustand (persisted to localStorage) | | Backend | Single Fastify server (Node.js) on port 4000 | | Storage | In-memory TTL maps + better-sqlite3 (persistent) | | Real-time | WebSocket (`/ws`) for live updates | | Monorepo | Turborepo + pnpm | ## Prerequisites - **Node.js** >= 22 - **pnpm** >= 9 (`npm install -g pnpm`) - **Rust** (for Tauri desktop builds) No Docker, Redis, PostgreSQL, or NATS required. ## Getting Started # 1. Clone and install git clone https://github.com/your-org/veilbreak.git cd veilbreak pnpm install # 2. Configure environment cp .env.example .env # Set your API keys (all optional - app works without them) # 3. Run (choose one): # Desktop app (Tauri + backend sidecar) pnpm dev:app # Browser dev (two terminals) pnpm dev:unified # Backend on port 4000 cd frontend/web && pnpm dev # Frontend on port 3000 # Backend only pnpm dev:unified ### VS Code Launch Configs - **VeilBreak - Desktop App**: Tauri window + backend sidecar - **VeilBreak - Browser Dev**: Backend + Vite + browser - **VeilBreak - Backend Only**: Just the server ### Service Ports | Service | Port | Notes | | ----------------- | ---- | --------------------------------------- | | Frontend (Vite) | 3000 | Dev server | | Backend (Fastify) | 4000 | All APIs, WebSocket, binds to 127.0.0.1 | ## Environment Variables Copy `.env.example` to `.env`. All keys are optional - the app runs without them using free/keyless APIs. | Variable | Service | Required? | | ------------------------------ | ------------------------------ | ----------- | | `VITE_CESIUM_ION_ACCESS_TOKEN` | CesiumJS globe imagery | Recommended | | `OPENSKY_CLIENT_ID` / `SECRET` | Flight tracking (higher quota) | Optional | | `ALIENVAULT_API_KEY` | OTX cyber threats | Optional | | `ABUSEIPDB_API_KEY` | IP abuse data | Optional | | `NASA_FIRMS_MAP_KEY` | Fire hotspots | Optional | | `AISSTREAM_API_KEY` | Vessel tracking | Optional | | `POLYGON_API_KEY` | Stock data | Optional | | `NASDAQ_DATA_LINK_API_KEY` | Commodity data | Optional | ## Data Sources (46 providers) | Category | Sources | | --------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Alerts | USGS, NOAA, GDACS, NASA FIRMS, SafeCast, CISA KEV, WHO, CDC, EMSC, JMA, PDC, ReliefWeb, FEWS NET, Copernicus EMS, EFAS, Sentinel Asia, Africa Alerts, Europe Alerts | | Law Enforcement | Interpol Red Notices, Europol, FBI Most Wanted | | Tracking | OpenSky, AISStream, adsbdb (flight routes), Kpler (vessel cargo) | | Military | Wikidata SPARQL (bases), USNI Fleet Tracker, adsb.lol (aircraft), GPS Jamming overlays | | Cyber | AlienVault OTX, URLhaus, Feodo Tracker, DShield, AbuseIPDB, internet outage feeds | | Conflict | Backend-seeded zone list + UCDP events + Wikipedia infobox enrichment + Wikidata auto-discovery | | Research | ArXiv, PubMed, ClinicalTrials.gov, HackerNews, FDA recalls | | Infrastructure | TeleGeography (submarine cables), curated data centers | | Globe | CelesTrak (satellites), Smithsonian GVP (volcanoes), NOAA SWPC (space weather) | | News | 77+ RSS feeds + GDELT + Reddit + X/Twitter (Reuters, BBC, CNN, Al Jazeera, The Local, Politico EU, etc.) | | Financial | Polygon.io (stocks), CoinGecko (crypto), NASDAQ Data Link (commodities), FRED, Polymarket, earnings, forex | | Country Data | REST Countries, World Bank (GDP, life expectancy, military expenditure), Wikidata (governance / demographics) | | Weather | MeteoAlarm (European), NOAA (global), air quality | | Social | Social-sentiment provider (cross-platform mention volume) | ## Themes | Theme | Description | | ------------ | ---------------------------------------------------------------- | | **Light** | Clean white interface for daytime use | | **Dark** | Dark interface for low-light environments | | **Tactical** | Command center HQ - angular panels, scan lines, pattern warnings | ## Security - Server binds to `127.0.0.1` only (not exposed to LAN) - CORS restricted to localhost + Tauri origins - Rate limiting on cyber tools + flight route endpoints (`@fastify/rate-limit`) - HTML sanitization on all external data rendered as HTML (XSS prevention) - Private/loopback IP rejection on IP lookup (SSRF prevention) - `sourceUrl` validated to `https?://` only (protocol injection prevention) - `.env` in `.gitignore`, never committed - **Authentication**: PBKDF2 password hashing with timing-safe comparison, JWT access/refresh tokens, session expiry - **Case evidence**: SHA-256 integrity hashing on all evidence files, chain of custody logging - **Entity search**: BFS/community detection bounded to prevent resource exhaustion - **Webhook delivery**: SSRF protection on all outbound webhook URLs (blocks private IPs, cloud metadata) - **Debug system**: Tiered access based on edition + role (viewers see generic errors, admins see full stack traces) - **Error logging**: Zero silent catches - all errors logged with module prefix, trading errors show user-visible banners - **Secret scanning**: Gitleaks runs on every commit (`.gitleaks.toml` + pre-commit hook) and in CI. False positives from high-entropy identifier names are pinned in the allowlist with a comment explaining the source line, so real leaks remain distinguishable. See `SECURITY.md` for the vulnerability disclosure policy. ## What's Not Yet Built - Venuz AI assistant (local Ollama + cloud Claude API, RAG pipeline, autonomous agents) - Email/SMS notification channels (webhook and in-app notifications are built) - Plugin/extension system (load custom tool modules from ~/.veilbreak/plugins/) - Mesh networking / Meshtastic / LoRa integration - Drone control interface (MAVLink, DJI SDK) - VeilBreak OS (bootable Debian-based ISO) - Production build + auto-updater - Live C2 execution (currently simulated -- needs real Metasploit RPC) - Live protocol fuzzer execution (currently simulated -- needs real socket connections) ## License This project is dual-licensed: - [AGPL v3](LICENSE) - free for open-source use. Derivatives and SaaS deployments must release their source under AGPL. - [Commercial license](COMMERCIAL.md) - for proprietary / closed-source use or hosted services that do not want to comply with AGPL source-disclosure requirements. Contact for terms.

标签：自动化攻击