andreathniah / honeywatt Goto Github PK

Is your feature request related to a problem? Please describe.
As a developer, I need a way to facilitate communications between the browser extension and the analysis server.

Describe the solution you'd like
A middleman server that has API routes to capable of applying main logic of detecting and intercepting phishing related traffic.

Additional context
As a developer, the server needs to minimally:

• Act as command and control server between browser extension and analysis server
• Identifying if URL in question should be sent to analysis server
• Capable of taking screenshots of provided URL
• Saving results into database

What is the problem?

We need to be able to determine whether a given URL is a phishing site.

What should be done?

Create an analysis server capable of:

• Receiving URL and site's screenshots
• Determining if website is a phishing site
• Returning status of the site in question

What is the problem?

To determine whether a user is on a phishing site, we should be able to detect a user's URL and redirect them if necessary.

What should be done?

Create a browser extension capable of:

• Identifying user's current URL
• Display alert message when user is detected to be in a phishing site
• Safely redirect users to the correct site

Is your feature request related to a problem? Please describe.
To determine if a site is phishing related, I first require automated means to understand the profile of a given URL.
Note that this is a prerequisite for #2: Determine if website is a phishing site.

Describe the solution you'd like
An ML-based algorithm that could identify the company behind given login page.

Additional context
As a proof of concept, the algorithm will be able to correctly identify the 2 different login page via screenshots:

• Google
• Microsoft

Is your feature request related to a problem? Please describe.
As a company, I would like to find available phishing solutions out in the market that the company can use to increase the security features of the firm.

Describe the solution you'd like
A landing page for HoneyWatt for the public to view and understand our solutions.

Additional context
As a company, I would like to see

• About Us
• Product Description
• Pricing
• Contact Us

Is your feature request related to a problem? Please describe.
As a developer, I would like to ensure that requests coming into the server are authenticated and authorised to do so.

Assuming that Server A is hosting the REST API, and Server B would like to access the API, the OAuth 2.0 Client Credentials Flow involving 3rd party authorization server should be as follows:

• Server B sends a secret key to the authorization server to prove who they are and asks for a temporary token.
• Server B then consumes the REST API as usual but sends the token along with the request.
• Server A asks the authorization server for some metadata that can be used to verify tokens.
• Server A verifies the Server B’s request.
  • If it’s valid, a successful response is sent and Server B is happy.
  • If the token is invalid, an error message is sent instead, and no sensitive information is leaked.

Describe the solution you'd like
Set up OAuth 2.0 server -- preferably by sourcing from open-source or cheap solutions.

Additional context
Further research to be done:

• Check if typical OAuth2.0 flow is suitable for server-to-server solution
• Check if JWT flow is suitable for extension-to-server solution

Is your feature request related to a problem? Please describe.
As a new developer, setting up of development environment is overly complicated especially due to numerous configurations needed for chrome extension, database, and the various servers.

Describe the solution you'd like
Use docker to containerise C2 servers and database. Easy terminal commands will ensure painless setup of development environment and deployment in the future.

Additional context
Some cavets to note:

• Installing Docker into WSL will cause virtualisation programs like VirtualBox and VMware Player to crash

What is the problem?

Current format of Issue and Pull Requests varies from person to person.
It would be good to have a standardized format to allow consistency and maintainability.

What should be done?

Create .github folder with subfolders ISSUE_TEMPLATE and PULL_REQUEST_TEMPLATE