A comprehensive digital forensics platform built with React, Node.js, and Material-UI providing File Analysis, Network Monitoring, Malware Detection, Email Forensics, and File Recovery capabilities.
- Metadata Extraction: Extract detailed file metadata and properties
- Content Inspection: Perform in-depth content analysis
- Hash Generation: Generate MD5, SHA-1, and SHA-256 hashes
- Timeline Analysis: View file creation, modification, and access times
- Multi-Format Support: Analyze various file formats
- Report Generation: Generate detailed analysis reports
- Real-time Traffic Analysis: Monitor network traffic live with WebSocket updates
- Protocol Analysis: Analyze network protocol distribution
- Connection Tracking: Track active connections and bandwidth usage
- Security Alerts: Get real-time security alerts with severity scoring
- Port Scanning Detection: Identify port scanning activities
- Historical Data Analysis: Review historical network activity with charts
- Hacker Map: Visualize attack origins on world map
- Real-time Scanning: Monitor files continuously
- Signature Matching: Detect known malware signatures
- Behavioral Analysis: Identify suspicious patterns
- File Quarantine: Isolate suspicious files
- Threat Reports: Generate detailed threat analysis reports
- VirusTotal Integration: Check files against VirusTotal database
- Header Analysis: Analyze email headers for authenticity
- Attachment Scanning: Check attachments for malware
- Phishing Detection: Identify phishing attempts
- Timeline Reconstruction: Rebuild email timelines
- Metadata Extraction: Extract relevant email metadata
- SPF/DKIM Verification: Validate email authentication
- Deleted File Recovery: Restore accidentally deleted files
- Corrupted File Repair: Attempt to repair damaged files
- Deep Scan: Perform thorough disk scans
- Preview Files: Preview recoverable files before recovery
- Multiple Formats: Support for various file types
- React 18 - Modern React with hooks
- TypeScript - Type-safe development
- Material-UI (MUI) - Modern UI components
- React Router - Client-side routing
- Axios - HTTP client
- Recharts - Data visualization
- Socket.io Client - Real-time updates
- Node.js - JavaScript runtime
- Express.js - Web framework
- Socket.io - Real-time WebSocket server
- PostgreSQL - Primary database
- Redis - Caching (with memory fallback)
- JWT - Authentication
- Winston - Logging
- Swagger - API documentation
- Render.com - Backend hosting (free tier)
- Netlify - Frontend hosting (free tier)
- Supabase - Database hosting (free tier)
- Vite - Build tool
- Docker - Containerization support
- Operating System: Windows 10/11, Linux, or macOS
- RAM: 8GB minimum (16GB recommended)
- Disk Space: 10GB free
- Node.js: v18.x or higher
- Git: Latest version
- Node.js - Download here
- Git - Download here
- VS Code (Recommended) - Download here
git clone https://github.com/Maaz708/cybertoolkit.git
cd cybertoolkit# Install all dependencies (frontend + backend)
npm install# Copy environment template
cp .env.example .env
# Edit .env with your configuration
# Default values work for local development# Start backend server
npm run start
# In new terminal, start frontend
npm run dev- Frontend: http://localhost:5173
- Backend API: http://localhost:5000
- API Docs: http://localhost:5000/api-docs
# Install PostgreSQL
# Windows: https://www.postgresql.org/download/windows/
# Mac: brew install postgresql
# Linux: sudo apt-get install postgresql postgresql-contrib
# Create database
createdb cybertoolkit
# Run setup script
psql -d cybertoolkit -f server/database/init.sqlThe app automatically falls back to in-memory storage if PostgreSQL is not available.
# Server Configuration
PORT=5000
NODE_ENV=development
# Database
DATABASE_URL=postgresql://postgres:password@localhost:5432/cybertoolkit
# JWT
JWT_SECRET=your-super-secret-jwt-key
JWT_EXPIRES_IN=24h
# CORS
FRONTEND_URL=http://localhost:5173
ALLOWED_ORIGINS=http://localhost:5173,http://localhost:3000
# Redis (Optional - uses memory fallback if not available)
REDIS_URL=redis://localhost:6379# Push to GitHub
git add .
git commit -m "Ready for deployment"
git push origin main
# Deploy to Render
# 1. Go to render.com
# 2. New Web Service β Connect GitHub
# 3. Use render.yaml blueprint
# 4. Add environment variables# 1. Create free project at supabase.com
# 2. Run SQL from server/database/init.sql
# 3. Copy connection string to Render env vars# Build and deploy
npm run build
npx netlify-cli deploy --prod --dir=distDATABASE_URL=postgresql://postgres:password@db.xxxxx.supabase.co:5432/postgres
JWT_SECRET=your-256-bit-secret-key
ALLOWED_ORIGINS=https://your-site.netlify.app
FRONTEND_PROD_URL=https://your-site.netlify.appAll protected routes require JWT token:
# Login
POST /api/auth/login
{
"email": "admin@cybertoolkit.com",
"password": "admin123"
}
# Get token in response, use in Authorization header
Authorization: Bearer <token>GET /api/network/status- Network monitoring statusGET /api/network/analytics- Network analytics dataGET /api/network/alerts- Security alertsPOST /api/malware/scan- Scan files for malwarePOST /api/email/analyze- Analyze email filesPOST /api/recovery/recover- Recover files
Full API documentation available at: /api-docs
# Run all tests
npm test
# Run tests with coverage
npm run test:coverage- File Analysis: Upload test files and verify metadata extraction
- Network Monitoring: Start monitoring and check real-time updates
- Malware Detection: Upload EICAR test file for detection
- Email Analysis: Test with sample .eml files
- JWT Authentication: Secure token-based authentication
- Rate Limiting: Prevent API abuse
- CORS Protection: Cross-origin request security
- Input Validation: Joi validation for all inputs
- Helmet.js: Security headers
- File Upload Security: Multer with type restrictions
- SQL Injection Protection: Parameterized queries
# Check if port is in use
netstat -ano | findstr :5000
# Kill process on Windows
taskkill /PID <PID> /F# Check PostgreSQL is running
pg_isready
# Check database exists
psql -l
# Reset database
dropdb cybertoolkit && createdb cybertoolkit# Clear cache
rm -rf node_modules package-lock.json
npm install
# Check TypeScript errors
npx tsc --noEmit- Check if backend is running
- Verify CORS settings
- Check JWT secret in .env
- Clear browser localStorage
- Enable Redis caching for better performance
- Use CDN for static assets in production
- Implement database indexing
- Monitor memory usage with PM2
# View logs
tail -f logs/app.log
# Error logs only
tail -f logs/error.log# API health check
curl http://localhost:5000/api/health
# Database health check
curl http://localhost:5000/api/health/db- Fork the repository
- Create feature branch:
git checkout -b feature/amazing-feature - Commit changes:
git commit -m 'Add amazing feature' - Push to branch:
git push origin feature/amazing-feature - Open Pull Request
- Follow TypeScript best practices
- Write meaningful commit messages
- Add tests for new features
- Update documentation
This project is licensed under the MIT License - see the LICENSE file for details.
- Creator: Mohd Maaz
- Email: maaz7084@gmail.com
- GitHub: @Maaz708
- Issues: Report on GitHub
- Cloud provider integrations (AWS, Azure, GCP)
- Advanced malware analysis with YARA rules
- Machine learning for anomaly detection
- Mobile app version
- Multi-tenant support
- Advanced reporting dashboard
- v1.0.0 - Initial release with core forensics features
- v1.1.0 - Added real-time monitoring and WebSocket support
- v1.2.0 - Enhanced security and deployment automation
Last updated: april 4 2026 Built with β€οΈ by Mohd Maaz