Skip to content

regislara-byte/vaxinx-stoplight-code

BranchesTags

Repository files navigation

🛡️ VAXINX Stoplight Scanner — v3.0-VAULT

think_like_attacker → act_like_defender

A Python + JSON + HTML hybrid cybersecurity tool that simulates real-world defensive analysis using a Stoplight Risk Model (RED / YELLOW / GREEN).

Part of the VAXINX Protocol™ ecosystem — a reverse-learning engineering system where:

BUILD → TEST → BREAK → UNDERSTAND → IMPROVE → DEPLOY

This project combines:

  • defensive cybersecurity concepts
  • AI-assisted engineering workflows
  • visual-first documentation
  • modular architecture
  • rapid iteration pipelines
  • automation-assisted deployment

LIVE

https://regislara-byte.github.io/vaxinx-stoplight-code/dashboard/

🌐 Ecosystem Links

Platform Link
🧠 GitHub https://github.com/regislara-byte
📡 Live Dashboard https://regislara-byte.github.io/vaxinx-cert-dashboard/
🎓 Credly https://www.credly.com/users/regis-lara

⚡ What's New in v3.0-VAULT

Feature Details
🤖 YARA Rule Engine Loads all .yar / .yara rules from rules/
🌐 Flask REST API Live scan API + dashboard serving
📡 SSE Streaming Real-time file-by-file scan feed
🔐 Quarantine Vault Fernet encrypted .vxlocked files
🎨 Dashboard Alignment Integrated VAXINX dashboard ecosystem
🧾 Visual Lore Artifacts AI-readable engineering documentation workflow
⚙️ Automation Pipeline Batch deployment + push workflow system

🚦 Stoplight Risk Model

Signal Decision Action
🟢 GREEN Allow Safe — no threat indicators detected
🟡 YELLOW Inspect Suspicious — manual review required
🔴 RED Quarantine High risk — encrypted into .vxlocked vault

🧬 VAXINX Evolution Phases

🟢 PHASE 1 — Scanner Core

Foundation systems:

  • stoplight classification
  • extension analysis
  • JSON reporting
  • quarantine architecture
  • CLI scanning

🟡 PHASE 2 — Defensive Analysis Expansion

Detection upgrades:

  • entropy analysis
  • suspicious keyword logic
  • archive inspection
  • behavior heuristics
  • social engineering pattern checks

🔴 PHASE 3 — Vault Encryption Layer

Security enhancements:

  • Fernet encryption
  • .vxlocked quarantine vault
  • restore workflow
  • secure overwrite concepts
  • logging infrastructure

🔵 PHASE 4 — Live Ecosystem Integration

Operational upgrades:

  • YARA integration
  • Flask REST API
  • SSE live stream
  • dashboard synchronization
  • runtime monitoring

🟣 PHASE 5 — VLA + Automation Workflow

Engineering acceleration systems:

  • Visual Lore Artifacts (VLA)
  • AI-readable architecture documentation
  • push automation scripts
  • deployment pipeline structure
  • workflow optimization

🧠 Core System Modules

VAXINX_SYSTEM = {
  "file_scanner":    "Python-based threat detection engine",
  "stoplight_logic": "RED / YELLOW / GREEN classification",
  "yara_engine":     "Rule-based pattern matching",
  "flask_api":       "REST API + SSE live stream",
  "vault_engine":    "Encrypted quarantine system",
  "json_reports":    "Structured scan output",
  "html_dashboard":  "Visual cyber intelligence UI",
  "vla_system":      "Visual Lore Artifacts workflow",
  "automation":      "Deployment + push workflow pipeline"
}

🔍 Detection Engine

File Analysis

  • Extension risk classification
  • Magic byte scanning
  • Entropy analysis
  • Suspicious filename detection
  • Malware behavior hints
  • Social engineering pattern analysis
  • Hash-based deduplication

Advanced Detection

  • YARA rule integration
  • Script content scanning
  • Encoded payload detection
  • Nested archive inspection
  • Pattern correlation

Quarantine Vault

Triggered automatically when:

stoplight == RED

Features:

  • Fernet encryption
  • .vxlocked vault storage
  • optional overwrite flow
  • restoration pipeline
  • runtime logging

📁 Project Structure

vaxinx-stoplight-code/
├── scanner_v3.py
├── restore_quarantine.py
├── vaxinx_crypto.py
├── README.md
│
├── automation/
│   ├── push_all.bat
│   ├── push_readme.bat
│   ├── push_dashboard.bat
│   ├── push_vla.bat
│   ├── deploy_dashboard.bat
│   ├── launch_scanner.bat
│   └── install_deps_py312.bat
│
├── dashboard/
│   ├── index.html
│   └── Vaxinx_Doppio.gif
│
├── assets/
│   └── visualloreartifacts/
│       ├── 001-python312-install.png
│       ├── 002-yara-ok-repl.png
│       ├── 003-crypto-dependency-fix.png
│       ├── 004-vscode-interpreter-switch.png
│       └── 005-scanner-runtime-validation.png
│
├── test_lab/
├── quarantine/
├── reports/
├── logs/
├── rules/
└── .vault_keys/

🖼️ Visual Lore Artifacts (VLA)

This repository follows a:

Visual Lore Artifacts (VLA)

workflow philosophy.

The folder:

assets/visualloreartifacts/

contains timestamped screenshots documenting:

  • dependency fixes
  • Python environment migration
  • YARA integration
  • cryptography setup
  • terminal debugging
  • architecture evolution
  • dashboard synchronization
  • deployment workflows
  • VS Code configuration
  • runtime validation

🎯 Purpose of VLA

VLA exists to provide:

  • faster human onboarding
  • AI-readable engineering context
  • visual debugging memory
  • architecture evolution tracking
  • workflow storytelling
  • reproducible environment validation

🧠 VLA Philosophy

Instead of only reading code:

README → code → guess architecture

VLA enables:

screenshot → instant context → faster understanding

This creates:

  • visual-first engineering documentation
  • accelerated onboarding
  • easier troubleshooting
  • long-term project memory

⚙️ Automation Workflow

This project uses lightweight .bat automation systems to accelerate deployment and reduce repetitive terminal workflows.

Automation Structure

automation/
├── push_all.bat
├── push_readme.bat
├── push_dashboard.bat
├── push_vla.bat
├── deploy_dashboard.bat
├── launch_scanner.bat
└── install_deps_py312.bat

⚡ Purpose

  • Faster GitHub pushes
  • Cleaner deployment flow
  • Reduced command repetition
  • Easier dependency restoration
  • Faster VLA updates
  • Consistent engineering workflow

🧠 Automation Philosophy

Automate the friction.
Preserve the thinking.

Coding logic, architecture, and security reasoning remain human-directed.

Automation handles:

  • repetitive Git operations
  • environment restoration
  • launch workflows
  • deployment shortcuts

▶️ How to Run

1. Recommended Environment

Recommended:

  • Python 3.12
  • VS Code
  • Python Extension
  • Windows PowerShell or VS Code Terminal

Python 3.12 is recommended for:

  • YARA compatibility
  • cybersecurity libraries
  • stable dependency support

2. Install Dependencies

Core packages:

py -3.12 -m pip install cryptography flask flask-cors

Optional YARA support:

py -3.12 -m pip install yara-python

3. Run Scanner

py -3.12 scanner_v3.py

Default scan target:

test_lab/

Reports generated to:

reports/scan_report.json

4. Web Dashboard Mode

py -3.12 scanner_v3.py --serve

Open browser:

http://127.0.0.1:5000

5. API Endpoints

Method Endpoint Description
GET / Dashboard UI
GET /api/status Scanner health
GET /api/report Latest scan report
GET /api/rules Loaded YARA rules
POST /api/scan Trigger scan
GET /api/stream Live SSE feed

🔄 Quarantine & Restore

Auto-Quarantine

Triggered automatically on:

RED classification

Flow:

  1. File encrypted with Fernet
  2. Stored as .vxlocked
  3. Logged into runtime logs
  4. Optional overwrite process

Restore Vaulted Files

py -3.12 restore_quarantine.py

🧪 Threat Logic Reference

IDS  = detect anomalies
IPS  = block threats inline
SIEM = correlate logs
DLP  = prevent data exfiltration

risk     = probability × impact
security = prevent → detect → respond → recover

🎓 Verified Credentials

All certifications reflected in the VAXINX dashboard ecosystem.

Type Credential
🏅 Badge Introduction to Cybersecurity
📜 Certificate Introduction to Cybersecurity
✅ Achievement Resource Specialist
✅ Achievement Network Defense
✅ Achievement System Safeguards
✅ Achievement Threat Analysis
✅ Achievement Cybersecurity Administration

Issuer:

Cisco Networking Academy

📡 Roadmap

  • Live folder monitoring
  • Remote scan API
  • AI anomaly detection
  • SIEM expansion
  • NetGuard integration
  • Auto dashboard synchronization
  • VLA indexing system
  • GitHub Pages deployment refinement

⚠️ Security Notes

Never Commit

secret.key
.vault_keys/

Recommended .gitignore:

secret.key
.vault_keys/
quarantine/
logs/
*.pyc
__pycache__/

Recommended Practice

Use .gitignore aggressively for:

  • runtime artifacts
  • encryption keys
  • logs
  • quarantine data
  • local secrets
  • temporary payloads
  • experimental test files

Important

This project:

  • does NOT execute scanned payloads
  • is designed for defensive learning
  • focuses on detection + workflow simulation
  • exists for educational cybersecurity engineering

🧠 Engineering Philosophy

This repository is intentionally designed as:

  • a defensive cybersecurity learning system
  • an AI-assisted engineering workflow
  • a modular experimentation environment
  • a visual-first architecture documentation project
  • a deployment workflow ecosystem

The goal is not only to build tools, but to document:

  • debugging
  • dependency resolution
  • architecture evolution
  • workflow refinement
  • environment migration
  • automation systems
  • engineering decision trails

🧾 License — VAXINX Protocol™

Creator : VAXINX (Regis Lara)
Purpose : Educational / Defensive Cybersecurity

✔ Free to use for learning
❌ Not for offensive or malicious use
✔ Attribution required

"One Seed. 12 Phrase. Immunity."

🛡️ VAXINX Protocol™ — You don't just scan files. You understand threats before they happen.

About

VAXINX Stoplight Scanner — Python + JSON + HTML cybersecurity dashboard for detecting suspicious files using a RED / YELLOW / GREEN risk model. Built as a defensive learning system.

regislara-byte.github.io/vaxinx-stoplight-code/

Topics

python api flask json dashboard cybersecurity file-scanner security-tools defensive-security threat-detection html-dashboard siem-lite

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages