From d18e23b20ab20711d75896dd36e38a5b9623bddb Mon Sep 17 00:00:00 2001
From: Krishnasingh020 <workforkrishnasingh@gmail.com>
Date: Wed, 28 Jan 2026 09:37:59 +0530
Subject: [PATCH] Backend of securelens ai

---
 __pycache__/main.cpython-314.pyc | Bin 0 -> 5007 bytes
 main.py                          | 130 +++++++++++++++++++++++++++++++
 2 files changed, 130 insertions(+)
 create mode 100644 __pycache__/main.cpython-314.pyc
 create mode 100644 main.py

diff --git a/__pycache__/main.cpython-314.pyc b/__pycache__/main.cpython-314.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..1f58f9a046ab127ee1939066af6cb88b7776a02c
GIT binary patch
literal 5007
zcmcIoO>7&-6`tjCm!$Y>k`ifAww97DiMA=mwrtCiTt{)F=+~l_1mmE#h&6X5E=nz#
z*=20AK%g`QECWfc1P!b<0isi(-gNY}r>4n;sV$h@CV-3dlAh?;K!fJczFCqIBj>k3
zM$pWgnK$2j`{vEe8y<BzTM(oV{#%r-9)vz4l}57Gg~$H_VFfK9o|;4xlty(D*)(aI
zpf%c%=}GehqcMhTo@6!l3LQoR_2HW3iY30U0lHgWp?IdB;#ngnlI09j>+M9XD2#Y(
z0P(gf%m7_$)og&%x;wrh@ht;XP3G-^-C6CRy}zNeTk?(_Z71Nn0x0L%Vd~_~-6-Pz
zoTx`A-F0D(Pt3}qn3JvvSb`SIxS(pI@ktPE&k3qDn-`_rMV&g5jF@$&kjv$-rSn)`
zk`-0oSF2{QBua`V3pur+u`FrXytq@%N`fe1HM2_+Ayd8b_!tNRSpN#rC?0911&>Cz
zp*%{VlN3(@d#h&VO&XIz8q3qb-mKdb8A0Ktmy43BWr%6&=0RqVi7_AdKsG|H0LX%A
z@Ye{5(At6KsVo&k3F_x)*u+yr2jEPf6Dm4g#5wqATGepGq_c~8yew$CGo8-l1XUH~
zjFwKTM6+u}?~i5k%TjC_%W75;q6t}9%EnYFQ^ZnEQq<^GA@d7K5o61Otn?Rd=#F$+
zP?WqTXi_?@2b<XUH}`;hBGnDqmp9R`(BEv1*CxK85k)<QCiF*iF=ElJ>9is&6O@*8
zdO0r^b3_LGmy1HK-s4WE7iFw!Ia!gEJaq4Cnq;x4WT2@PJ_hK>nY5s3SiV}+B(<iw
z^SK!*mrJK36!sEY#KO;FALQ84$PB&~r~%)b=+_9hHF|U^_S9k<>q7S83gTg-#VBHX
z-LfpHs<0##yPzjwm~aM6$c;{Nbt`hXs3>4zuKND(S8#w#VPwW+gph8-;9qH+&uf^V
z_~Bo5LAHV(I$Fzt;j(?CY#uS#m6(_czVkJwA&Y8|J7kP`+GTj^GW66^jW#Cmx>*!7
z0SrV80tGn%3_Eqz>_m8AlC_f#LU#rI8)YeqePran{bj8*h#8DP#Yj%b4Mrcpc|n{w
zUhilw3RFKTm=?qW%~QMy&MTTX$4oraB(uA6j4qf%=rZ|MBgM@PX}1ic6t%#>DOJ}h
zFexU^?)EpN0-K`ZwnlBY<gJa9r?=j?be?RxlqqiC)oMt*jc?)Yyn}ZFe;4nLnH!@!
zQHox0A0w+=PX#(<=BZ=EkoClyhT*TdWq~?I>{d@jx@aOBocE;Iv*5hqcQe@sOuWE^
z0VcjZOqi#bFwOJ+U?%<_#H6)}N!w4vB=Ccn1e=)b|7n<{*m(U$Y^)n8`Syk<@S(v=
z-@A4lO*{|$G(7teADN>HmXyVV#@|4wU=6`ui8uLMgFk<;!98UqH(MhWY~Q>0YzuVL
z-fKy<#K|eMCoOznSY+Zm_f==g>Odz<U>CBxSnz3%wD92*^d9>>z027D$G4}!Ceyz`
z$c7H0q#0~91~ziMH1l<==32p-bS@y{Ti`1@5O3b2O_SX_4H@XsgK!6lHN8XMs5b;&
zbNCy3UZ}C+dy*92dwD0iO418xpnlHreMyKglBO8MMjYxy2hj8rgofz@NTxV+nOt*5
zVv!gmTnl!->oU1{jFhxDRy;-(O$QL)U9g|Gch^gqlIuv3BcF>fpyW<sK~W2NtZ_5K
z4GHV4tf~;n=q$OBi>l5nVM$U-zJ!EdkuY~5uPn+-HQkbH?0O-uLYz^nlYmW=m!*7B
z)0wQM6=1Z1R%(Ayx~j^W#K|fLkq1{)$rU=0OvV$sRh0l()^6z53sA@zA*VArgA2VV
zUoV}QRDen@$0ZUoTt>p0ya+mgB`6{X!JdqzjAmeQTE2!^3II(FqQIzehXZyrp3ljd
z8>OCEAVlW=76q;r9O{-A1x&8_(%`5l)*FYuZO{-WN{d1<r$tqq;d)gmx7a&ea$ky$
zV~CETa|KP#D{ARrW9~g2b@)<m^Hh6uhPcG&?ARPX`NHJI(*6VlNf|A=vvfP3S@JdJ
zm`EfO4dAI};BOr}#4QWgqY(U@J9+%n$<xm~^UN?OE16tTloG|O&*w?_sFp&bnGD28
zQDQ%w&qYT`3?7{`VsK1u=TeA7@thHitEAxS0Xo-rBvLxVLy%0!bKikO)=|SnRg*+c
ztj&u%33M<4!5Fy6D-u@_v@9nP_mjjSuH@Un6%2j^qSRaWGoh$u$&&!Q1{MPNa1fEg
z69c$m2wA~PC5-d<qR!rcC^LUer@^f-34L{!5l4dqrPWLxOFC;frW!Gq*q9(L%L;^W
z{gU!Z$r2+0VzB`2qI9*m6tUL;thn|tP<47q(sWDx@u9bXPh(BJCTm%p6$%9i&~+BV
zWGokSdu{8bGw|BcZDZFnlHoy^Y<-=ERf@RqA&`w3Fo|w-#-N8!6B(w24XvmWK1-@@
zwPCb0F`BBINugUI#@5pC%+M*UQxc9DFqwQ&(Ts4lhigto45>Rvw3@zF+shbEeMDY-
z>KsIe5Z$)8Zui~lTe(nix>v?44)@Afl|{Dp^@$B(Gq`o892%}z4{TUB!<(13u9Z8_
zSFFMH!HxM%>sD{MeW+?NyV#ZSs$+&?!k_p;cShbG*`PP)@B3n_){3|Nfw${pZ`Y~?
zFg?E8uikofed&R_=dbRbio<(*_SS606DaRLRq?d1PZ{EoiU*?Y>8gzhxt<`#>8?7E
z)4RsMIlVdtL(0BG+m6E<*$0l;*70q}z&%F{kR69NU$}2S*$g>KASVsTegkrTFXa52
zQ+3F`ZAWCY?}6jw*2~+D!F!IA5A7Wr0C=<+@a$f|XMYr6&*sv7`>AF?p!IcznI8q{
zy*+$uxEvU`XFqk<ci%qJ41Ibpbo@s^f5D>A1!~p(nZJAW`Krn3Y^{V2zCZN4p^ePD
z=Qoqvq2p`TPy8KsX5OCJ2yPv}??1IhReb(C=iWNEapAtNx8iTVGyB$TCD>W+9=`kh
z-P7gpbCqD%#uRA@AFl)tl*0pC$*uA7kWlWt3e39OV5M6Fu+pvV>-;;@Yh!>>4jtY0
zAKSe2z<>H~c-ud`?LYl!AM*D-vZ2;PkNc1}xXM&KZSOeOv)i6tknNte(Km)FJ<-+i
zH)q%T?m4<E;5hSdyj1Dw-)VZ-b96_3<OYzcAK6^1Dme9f-RsiE{JYVL)w9-PWI)Zq
zRuRLnUsl7EvsL%_zxt=${{(@ngJ-?xTc3Zot?cHut=v~t8XEtjo`a3`hoPzS=uhFX
zBT)R=@f<sK#`G623zZMgn5IUU56>F%dHZyj{;0(<-9dlUMiIG#fjr{U1B>wMiBORH
zmv??s>4#HH#pE@oTk5@-yuEa5;f5%XGZK>!7@r|+G@MJiOAy8ME<o+QJxFxAh>jUf
zV9huR_P&FyBeh=yeun2jk-XT|n~=fxQPijC#HT3qDLVLf<o*Zid|h6lA0qkz@_vlG
z6|=YEYg;>9X=|^Qq*Apb%J&4Zl<A3wqMU0HupQ;BT9Jvl8F($Q>U+K8k%^+tJ*JV#
eRV7lbFZfz;wf7$7ePSXnUDE6O!VryT?*9O#evq&L

literal 0
HcmV?d00001

diff --git a/main.py b/main.py
new file mode 100644
index 0000000..dc88054
--- /dev/null
+++ b/main.py
@@ -0,0 +1,130 @@
+from fastapi.middleware.cors import CORSMiddleware
+from fastapi import FastAPI
+from pydantic import BaseModel
+import requests
+
+app = FastAPI()
+
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=["*"],
+    allow_credentials=True,
+    allow_methods=["*"],
+    allow_headers=["*"],
+)
+
+class ScanRequest(BaseModel):
+    url: str
+
+
+@app.get("/")
+def read_root():
+    return {"message": "SecureLens AI backend running 🚀"}
+
+
+@app.post("/scan")
+def scan_website(data: ScanRequest):
+    url = data.url
+    issues = []
+    score = 100
+
+    layers = {
+        "Transport Layer": {"issues": 0, "status": "green"},
+        "Server Config Layer": {"issues": 0, "status": "green"},
+        "Exposure Layer": {"issues": 0, "status": "green"}
+    }
+
+    try:
+        response = requests.get(url, timeout=5)
+        headers = response.headers
+
+        # Transport Layer
+        if not url.startswith("https"):
+            issues.append({
+                "issue": "Website is not using HTTPS",
+                "severity": "Critical",
+                "layer": "Transport Layer",
+                "fix": "Install SSL certificate and redirect HTTP to HTTPS"
+            })
+            score -= 15
+            layers["Transport Layer"]["issues"] += 1
+
+        # Server Config
+        if "Content-Security-Policy" not in headers:
+            issues.append({
+                "issue": "Missing Content-Security-Policy header",
+                "severity": "Warning",
+                "layer": "Server Config Layer",
+                "fix": "Add header: Content-Security-Policy: default-src 'self';"
+            })
+            score -= 5
+            layers["Server Config Layer"]["issues"] += 1
+
+        if "X-Frame-Options" not in headers:
+            issues.append({
+                "issue": "Missing X-Frame-Options header",
+                "severity": "Warning",
+                "layer": "Server Config Layer",
+                "fix": "Add header: X-Frame-Options: SAMEORIGIN"
+            })
+            score -= 5
+            layers["Server Config Layer"]["issues"] += 1
+
+        if "Strict-Transport-Security" not in headers:
+            issues.append({
+                "issue": "Missing HSTS header",
+                "severity": "Warning",
+                "layer": "Server Config Layer",
+                "fix": "Add header: Strict-Transport-Security: max-age=31536000; includeSubDomains"
+            })
+            score -= 5
+            layers["Server Config Layer"]["issues"] += 1
+
+        if headers.get("Access-Control-Allow-Origin") == "*":
+            issues.append({
+                "issue": "CORS allows all origins (*)",
+                "severity": "Warning",
+                "layer": "Server Config Layer",
+                "fix": "Restrict Access-Control-Allow-Origin to trusted domains"
+            })
+            score -= 5
+            layers["Server Config Layer"]["issues"] += 1
+
+        # Exposure
+        sensitive_paths = ["/admin", "/.env", "/backup", "/debug"]
+
+        for path in sensitive_paths:
+            try:
+                test_url = url.rstrip("/") + path
+                r = requests.get(test_url, timeout=3)
+                if r.status_code == 200:
+                    issues.append({
+                        "issue": f"Sensitive path exposed: {path}",
+                        "severity": "Critical",
+                        "layer": "Exposure Layer",
+                        "fix": f"Restrict access to {path} using authentication or firewall rules"
+                    })
+                    score -= 15
+                    layers["Exposure Layer"]["issues"] += 1
+            except:
+                pass
+
+    except Exception as e:
+        return {"error": str(e)}
+
+    # Set layer status
+    for layer in layers:
+        count = layers[layer]["issues"]
+        if count == 0:
+            layers[layer]["status"] = "green"
+        elif count < 3:
+            layers[layer]["status"] = "yellow"
+        else:
+            layers[layer]["status"] = "red"
+
+    return {
+        "url": url,
+        "security_score": max(score, 0),
+        "layers": layers,
+        "issues": issues
+    }