sssnake/Autarch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Autarch/web/app.py

183 lines
7.3 KiB
Python
Raw Normal View History

Initial public release — AUTARCH v1.0.0 Full security platform with web dashboard, 16 Flask blueprints, 26 modules, autonomous AI agent, WebUSB hardware support, and Archon Android companion app. Includes Hash Toolkit, debug console, anti-stalkerware shield, Metasploit/RouterSploit integration, WireGuard VPN, OSINT reconnaissance, and multi-backend LLM support. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-01 03:57:32 -08:00
"""
AUTARCH Web Application Factory
Flask-based web dashboard for the AUTARCH security platform
"""
import os
import sys
from pathlib import Path
from flask import Flask
# Ensure framework is importable
Add system tray, dual-exe build, and installer scripts - core/tray.py: System tray icon with Start/Stop/Restart/Open Dashboard/Exit - autarch_web.py: Windowless web launcher entry point (Win32GUI, no console) - core/paths.py: Frozen build support — dual-directory pattern for PyInstaller - core/menu.py: Module loading scans both bundled and user module directories - web/app.py: Template/static paths resolve correctly in frozen builds - autarch.py: --no-tray flag, tray integration for --web mode - autarch_public.spec: Dual-exe PyInstaller spec with MERGE/COLLECT - setup_msi.py: Dual executables, LocalAppData install, model inclusion - installer.iss: Inno Setup script (model stored uncompressed to avoid OOM) - installer.nsi: NSIS installer script with MUI2 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-02 22:02:22 -08:00
if getattr(sys, 'frozen', False):
FRAMEWORK_DIR = Path(sys._MEIPASS)
else:
FRAMEWORK_DIR = Path(__file__).parent.parent
Initial public release — AUTARCH v1.0.0 Full security platform with web dashboard, 16 Flask blueprints, 26 modules, autonomous AI agent, WebUSB hardware support, and Archon Android companion app. Includes Hash Toolkit, debug console, anti-stalkerware shield, Metasploit/RouterSploit integration, WireGuard VPN, OSINT reconnaissance, and multi-backend LLM support. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-01 03:57:32 -08:00
sys.path.insert(0, str(FRAMEWORK_DIR))
def create_app():
Add system tray, dual-exe build, and installer scripts - core/tray.py: System tray icon with Start/Stop/Restart/Open Dashboard/Exit - autarch_web.py: Windowless web launcher entry point (Win32GUI, no console) - core/paths.py: Frozen build support — dual-directory pattern for PyInstaller - core/menu.py: Module loading scans both bundled and user module directories - web/app.py: Template/static paths resolve correctly in frozen builds - autarch.py: --no-tray flag, tray integration for --web mode - autarch_public.spec: Dual-exe PyInstaller spec with MERGE/COLLECT - setup_msi.py: Dual executables, LocalAppData install, model inclusion - installer.iss: Inno Setup script (model stored uncompressed to avoid OOM) - installer.nsi: NSIS installer script with MUI2 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-02 22:02:22 -08:00
# In frozen builds, templates/static are inside _MEIPASS, not next to __file__
bundle_web = FRAMEWORK_DIR / 'web'
Initial public release — AUTARCH v1.0.0 Full security platform with web dashboard, 16 Flask blueprints, 26 modules, autonomous AI agent, WebUSB hardware support, and Archon Android companion app. Includes Hash Toolkit, debug console, anti-stalkerware shield, Metasploit/RouterSploit integration, WireGuard VPN, OSINT reconnaissance, and multi-backend LLM support. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-01 03:57:32 -08:00
app = Flask(
__name__,
Add system tray, dual-exe build, and installer scripts - core/tray.py: System tray icon with Start/Stop/Restart/Open Dashboard/Exit - autarch_web.py: Windowless web launcher entry point (Win32GUI, no console) - core/paths.py: Frozen build support — dual-directory pattern for PyInstaller - core/menu.py: Module loading scans both bundled and user module directories - web/app.py: Template/static paths resolve correctly in frozen builds - autarch.py: --no-tray flag, tray integration for --web mode - autarch_public.spec: Dual-exe PyInstaller spec with MERGE/COLLECT - setup_msi.py: Dual executables, LocalAppData install, model inclusion - installer.iss: Inno Setup script (model stored uncompressed to avoid OOM) - installer.nsi: NSIS installer script with MUI2 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-02 22:02:22 -08:00
template_folder=str(bundle_web / 'templates'),
static_folder=str(bundle_web / 'static')
Initial public release — AUTARCH v1.0.0 Full security platform with web dashboard, 16 Flask blueprints, 26 modules, autonomous AI agent, WebUSB hardware support, and Archon Android companion app. Includes Hash Toolkit, debug console, anti-stalkerware shield, Metasploit/RouterSploit integration, WireGuard VPN, OSINT reconnaissance, and multi-backend LLM support. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-01 03:57:32 -08:00
)
# Config
from core.config import get_config
config = get_config()
app.secret_key = config.get('web', 'secret_key', fallback=None) or os.urandom(32).hex()
# Upload config
from core.paths import get_uploads_dir
upload_dir = str(get_uploads_dir())
os.makedirs(upload_dir, exist_ok=True)
app.config['UPLOAD_FOLDER'] = upload_dir
app.config['MAX_CONTENT_LENGTH'] = 50 * 1024 * 1024 # 50MB
# Store config on app for route access
app.autarch_config = config
# Register blueprints
from web.routes.auth_routes import auth_bp
from web.routes.dashboard import dashboard_bp
from web.routes.defense import defense_bp
from web.routes.offense import offense_bp
from web.routes.counter import counter_bp
from web.routes.analyze import analyze_bp
from web.routes.osint import osint_bp
from web.routes.simulate import simulate_bp
from web.routes.settings import settings_bp
from web.routes.upnp import upnp_bp
from web.routes.wireshark import wireshark_bp
from web.routes.hardware import hardware_bp
from web.routes.android_exploit import android_exploit_bp
from web.routes.iphone_exploit import iphone_exploit_bp
from web.routes.android_protect import android_protect_bp
from web.routes.wireguard import wireguard_bp
from web.routes.revshell import revshell_bp
from web.routes.archon import archon_bp
from web.routes.msf import msf_bp
from web.routes.chat import chat_bp
from web.routes.targets import targets_bp
from web.routes.encmodules import encmodules_bp
Add Threat Monitor with drill-down popups, Hal agent mode, Windows defense, LLM trainer - Threat Monitor: 7-tab monitoring page (live, connections, network intel, threats, packet capture, DDoS mitigation, counter-attack) with real-time SSE streaming and optimized data collection (heartbeat, cached subprocess calls, bulk process name cache) - Drill-down popups: Every live monitor stat is clickable, opening a popup with detailed data (connections list with per-connection detail view, GeoIP lookup, process kill, bandwidth, ARP spoof, port scan, DDoS status) - Hal agent mode: Chat routes rewritten to use Agent system with create_module tool, SSE streaming of thought/action/result steps - Windows defense module with full security audit - LLM trainer module and routes - Defense landing page with platform-specific sub-pages - Clean up stale files (get-pip.py, download.png, custom_adultsites.json) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-02 21:08:11 -08:00
from web.routes.llm_trainer import llm_trainer_bp
v2.0 — Re-integrate autonomy framework from Linux non-public build Add multi-model autonomous threat response system (SLM/SAM/LAM): - ModelRouter: concurrent model tiers with fallback chains - RulesEngine: condition-action automation with 11 condition/action types - AutonomyDaemon: background threat monitoring and rule dispatch - Web UI: 4-tab dashboard (Dashboard, Rules, Activity Log, Models) - Config: [slm], [sam], [lam], [autonomy] settings sections Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-03 00:51:18 -08:00
from web.routes.autonomy import autonomy_bp
v2.2.0 — Full arsenal expansion: 16 new security modules Add WiFi Audit, API Fuzzer, Cloud Scanner, Threat Intel, Log Correlator, Steganography, Anti-Forensics, BLE Scanner, Forensics, RFID/NFC, Malware Sandbox, Password Toolkit, Web Scanner, Report Engine, Net Mapper, and C2 Framework. Each module includes CLI interface, Flask routes, and web UI template. Also includes Go DNS server source + binary, IP Capture service, SYN Flood, Gone Fishing mail server, and hack hijack modules from v2.0 work. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-03 05:16:31 -08:00
from web.routes.loadtest import loadtest_bp
from web.routes.phishmail import phishmail_bp
from web.routes.dns_service import dns_service_bp
from web.routes.ipcapture import ipcapture_bp
from web.routes.hack_hijack import hack_hijack_bp
from web.routes.password_toolkit import password_toolkit_bp
from web.routes.webapp_scanner import webapp_scanner_bp
from web.routes.report_engine import report_engine_bp
from web.routes.net_mapper import net_mapper_bp
from web.routes.c2_framework import c2_framework_bp
from web.routes.wifi_audit import wifi_audit_bp
from web.routes.threat_intel import threat_intel_bp
from web.routes.steganography import steganography_bp
from web.routes.api_fuzzer import api_fuzzer_bp
from web.routes.ble_scanner import ble_scanner_bp
from web.routes.forensics import forensics_bp
from web.routes.rfid_tools import rfid_tools_bp
from web.routes.cloud_scan import cloud_scan_bp
from web.routes.malware_sandbox import malware_sandbox_bp
from web.routes.log_correlator import log_correlator_bp
from web.routes.anti_forensics import anti_forensics_bp
v2.3.0 — RCS exploit v2.0, Starlink hack, SMS forge, Archon RCS module Major RCS/SMS exploitation rewrite (v2.0): - bugle_db direct extraction (plaintext messages, no decryption needed) - CVE-2024-0044 run-as privilege escalation (Android 12-13) - AOSP RCS provider queries (content://rcs/) - Archon app relay for Shizuku-elevated bugle_db access - 7-tab web UI: Extract, Database, Forge, Modify, Exploit, Backup, Monitor - SQL query interface for extracted databases - Full backup/restore/clone with SMS Backup & Restore XML support - Known CVE database (CVE-2023-24033, CVE-2024-49415, CVE-2025-48593) - IMS/RCS diagnostics, Phenotype verbose logging, Pixel tools New modules: Starlink hack, SMS forge, SDR drone detection Archon Android app: RCS messaging module with Shizuku integration Updated manuals to v2.3, 60 web blueprints confirmed Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-03 13:50:29 -08:00
from web.routes.vuln_scanner import vuln_scanner_bp
from web.routes.social_eng import social_eng_bp
from web.routes.deauth import deauth_bp
from web.routes.exploit_dev import exploit_dev_bp
from web.routes.ad_audit import ad_audit_bp
from web.routes.container_sec import container_sec_bp
from web.routes.sdr_tools import sdr_tools_bp
from web.routes.reverse_eng import reverse_eng_bp
from web.routes.email_sec import email_sec_bp
from web.routes.mitm_proxy import mitm_proxy_bp
from web.routes.pineapple import pineapple_bp
from web.routes.incident_resp import incident_resp_bp
from web.routes.sms_forge import sms_forge_bp
from web.routes.starlink_hack import starlink_hack_bp
from web.routes.rcs_tools import rcs_tools_bp
Add Port Scanner, fix Hack Hijack SSE, fix debug console, fix tab layout bugs - Add advanced Port Scanner with live SSE output, nmap integration, result export - Add Port Scanner to sidebar nav and register blueprint - Fix Hack Hijack scan: replace polling with SSE streaming, add live output box and real-time port discovery table; add port_found_cb/status_cb to module - Fix debug console: capture print()/stdout/stderr via _PrintCapture wrapper, install handler at startup (not just on toggle), fix SSE stream history replay - Add missing CSS: .card, .tabs, .btn-sm, .form-control, --primary, --surface - Fix tab switching bug: style.display='' falls back to CSS display:none; use explicit 'block' in hack_hijack, c2_framework, net_mapper, password_toolkit, report_engine, social_eng, webapp_scanner - Fix defense/linux layout: rewrite with card-based layout, remove slow load_modules() call on every page request - Fix sms_forge missing run() function warning on startup - Fix port scanner JS: </style> was used instead of </script> closing tag - Port scanner advanced options: remove collapsible toggle, show as always-visible bar Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-08 18:09:49 -07:00
from web.routes.port_scanner import port_scanner_bp
Initial public release — AUTARCH v1.0.0 Full security platform with web dashboard, 16 Flask blueprints, 26 modules, autonomous AI agent, WebUSB hardware support, and Archon Android companion app. Includes Hash Toolkit, debug console, anti-stalkerware shield, Metasploit/RouterSploit integration, WireGuard VPN, OSINT reconnaissance, and multi-backend LLM support. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-01 03:57:32 -08:00
app.register_blueprint(auth_bp)
app.register_blueprint(dashboard_bp)
app.register_blueprint(defense_bp)
app.register_blueprint(offense_bp)
app.register_blueprint(counter_bp)
app.register_blueprint(analyze_bp)
app.register_blueprint(osint_bp)
app.register_blueprint(simulate_bp)
app.register_blueprint(settings_bp)
app.register_blueprint(upnp_bp)
app.register_blueprint(wireshark_bp)
app.register_blueprint(hardware_bp)
app.register_blueprint(android_exploit_bp)
app.register_blueprint(iphone_exploit_bp)
app.register_blueprint(android_protect_bp)
app.register_blueprint(wireguard_bp)
app.register_blueprint(revshell_bp)
app.register_blueprint(archon_bp)
app.register_blueprint(msf_bp)
app.register_blueprint(chat_bp)
app.register_blueprint(targets_bp)
app.register_blueprint(encmodules_bp)
Add Threat Monitor with drill-down popups, Hal agent mode, Windows defense, LLM trainer - Threat Monitor: 7-tab monitoring page (live, connections, network intel, threats, packet capture, DDoS mitigation, counter-attack) with real-time SSE streaming and optimized data collection (heartbeat, cached subprocess calls, bulk process name cache) - Drill-down popups: Every live monitor stat is clickable, opening a popup with detailed data (connections list with per-connection detail view, GeoIP lookup, process kill, bandwidth, ARP spoof, port scan, DDoS status) - Hal agent mode: Chat routes rewritten to use Agent system with create_module tool, SSE streaming of thought/action/result steps - Windows defense module with full security audit - LLM trainer module and routes - Defense landing page with platform-specific sub-pages - Clean up stale files (get-pip.py, download.png, custom_adultsites.json) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-02 21:08:11 -08:00
app.register_blueprint(llm_trainer_bp)
v2.0 — Re-integrate autonomy framework from Linux non-public build Add multi-model autonomous threat response system (SLM/SAM/LAM): - ModelRouter: concurrent model tiers with fallback chains - RulesEngine: condition-action automation with 11 condition/action types - AutonomyDaemon: background threat monitoring and rule dispatch - Web UI: 4-tab dashboard (Dashboard, Rules, Activity Log, Models) - Config: [slm], [sam], [lam], [autonomy] settings sections Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-03 00:51:18 -08:00
app.register_blueprint(autonomy_bp)
v2.2.0 — Full arsenal expansion: 16 new security modules Add WiFi Audit, API Fuzzer, Cloud Scanner, Threat Intel, Log Correlator, Steganography, Anti-Forensics, BLE Scanner, Forensics, RFID/NFC, Malware Sandbox, Password Toolkit, Web Scanner, Report Engine, Net Mapper, and C2 Framework. Each module includes CLI interface, Flask routes, and web UI template. Also includes Go DNS server source + binary, IP Capture service, SYN Flood, Gone Fishing mail server, and hack hijack modules from v2.0 work. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-03 05:16:31 -08:00
app.register_blueprint(loadtest_bp)
app.register_blueprint(phishmail_bp)
app.register_blueprint(dns_service_bp)
app.register_blueprint(ipcapture_bp)
app.register_blueprint(hack_hijack_bp)
app.register_blueprint(password_toolkit_bp)
app.register_blueprint(webapp_scanner_bp)
app.register_blueprint(report_engine_bp)
app.register_blueprint(net_mapper_bp)
app.register_blueprint(c2_framework_bp)
app.register_blueprint(wifi_audit_bp)
app.register_blueprint(threat_intel_bp)
app.register_blueprint(steganography_bp)
app.register_blueprint(api_fuzzer_bp)
app.register_blueprint(ble_scanner_bp)
app.register_blueprint(forensics_bp)
app.register_blueprint(rfid_tools_bp)
app.register_blueprint(cloud_scan_bp)
app.register_blueprint(malware_sandbox_bp)
app.register_blueprint(log_correlator_bp)
app.register_blueprint(anti_forensics_bp)
v2.3.0 — RCS exploit v2.0, Starlink hack, SMS forge, Archon RCS module Major RCS/SMS exploitation rewrite (v2.0): - bugle_db direct extraction (plaintext messages, no decryption needed) - CVE-2024-0044 run-as privilege escalation (Android 12-13) - AOSP RCS provider queries (content://rcs/) - Archon app relay for Shizuku-elevated bugle_db access - 7-tab web UI: Extract, Database, Forge, Modify, Exploit, Backup, Monitor - SQL query interface for extracted databases - Full backup/restore/clone with SMS Backup & Restore XML support - Known CVE database (CVE-2023-24033, CVE-2024-49415, CVE-2025-48593) - IMS/RCS diagnostics, Phenotype verbose logging, Pixel tools New modules: Starlink hack, SMS forge, SDR drone detection Archon Android app: RCS messaging module with Shizuku integration Updated manuals to v2.3, 60 web blueprints confirmed Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-03 13:50:29 -08:00
app.register_blueprint(vuln_scanner_bp)
app.register_blueprint(social_eng_bp)
app.register_blueprint(deauth_bp)
app.register_blueprint(exploit_dev_bp)
app.register_blueprint(ad_audit_bp)
app.register_blueprint(sdr_tools_bp)
app.register_blueprint(reverse_eng_bp)
app.register_blueprint(container_sec_bp)
app.register_blueprint(email_sec_bp)
app.register_blueprint(mitm_proxy_bp)
app.register_blueprint(pineapple_bp)
app.register_blueprint(incident_resp_bp)
app.register_blueprint(sms_forge_bp)
app.register_blueprint(starlink_hack_bp)
app.register_blueprint(rcs_tools_bp)
Add Port Scanner, fix Hack Hijack SSE, fix debug console, fix tab layout bugs - Add advanced Port Scanner with live SSE output, nmap integration, result export - Add Port Scanner to sidebar nav and register blueprint - Fix Hack Hijack scan: replace polling with SSE streaming, add live output box and real-time port discovery table; add port_found_cb/status_cb to module - Fix debug console: capture print()/stdout/stderr via _PrintCapture wrapper, install handler at startup (not just on toggle), fix SSE stream history replay - Add missing CSS: .card, .tabs, .btn-sm, .form-control, --primary, --surface - Fix tab switching bug: style.display='' falls back to CSS display:none; use explicit 'block' in hack_hijack, c2_framework, net_mapper, password_toolkit, report_engine, social_eng, webapp_scanner - Fix defense/linux layout: rewrite with card-based layout, remove slow load_modules() call on every page request - Fix sms_forge missing run() function warning on startup - Fix port scanner JS: </style> was used instead of </script> closing tag - Port scanner advanced options: remove collapsible toggle, show as always-visible bar Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-08 18:09:49 -07:00
app.register_blueprint(port_scanner_bp)
Initial public release — AUTARCH v1.0.0 Full security platform with web dashboard, 16 Flask blueprints, 26 modules, autonomous AI agent, WebUSB hardware support, and Archon Android companion app. Includes Hash Toolkit, debug console, anti-stalkerware shield, Metasploit/RouterSploit integration, WireGuard VPN, OSINT reconnaissance, and multi-backend LLM support. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-01 03:57:32 -08:00
# Start network discovery advertising (mDNS + Bluetooth)
try:
from core.discovery import get_discovery_manager
enabled = config.get('discovery', 'enabled', fallback='true').lower() == 'true'
if enabled:
discovery = get_discovery_manager()
results = discovery.start_all()
for method, result in results.items():
if result['ok']:
print(f" [discovery] {method}: {result['message']}")
except Exception as e:
print(f" [discovery] Warning: {e}")
return app
Reference in New Issue Copy Permalink