233 lines
17 KiB
HTML
233 lines
17 KiB
HTML
<!DOCTYPE html><html lang="en"><head>
|
|
<meta charset="UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1">
|
|
<title>WEVAL Security Scanner — Secret Detection</title>
|
|
<link href="https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&family=JetBrains+Mono:wght@400;500&display=swap" rel="stylesheet">
|
|
<style>
|
|
:root{--bg:#0a0e1a;--card:#111827;--border:#1e293b;--red:#ef4444;--green:#10b981;--yellow:#f59e0b;--blue:#3b82f6;--text:#e2e8f0;--muted:#64748b;--mono:'JetBrains Mono',monospace;--font:'DM Sans',sans-serif}
|
|
*{margin:0;padding:0;box-sizing:border-box}body{background:var(--bg);color:var(--text);font-family:var(--font)}
|
|
.top{display:flex;align-items:center;justify-content:space-between;padding:16px 24px;background:rgba(17,24,39,.95);border-bottom:1px solid var(--border);position:sticky;top:0;z-index:100}
|
|
.logo{font-size:18px;font-weight:700;color:var(--red)}.logo span{color:var(--text);font-weight:400}
|
|
.kpis{display:grid;grid-template-columns:repeat(auto-fit,minmax(160px,1fr));gap:12px;padding:20px 24px}
|
|
.kpi{background:var(--card);border:1px solid var(--border);border-radius:12px;padding:18px;text-align:center}
|
|
.kpi .v{font-size:32px;font-weight:700;font-family:var(--mono)}.kpi .l{font-size:11px;color:var(--muted);text-transform:uppercase;letter-spacing:1px;margin-top:4px}
|
|
.main{display:grid;grid-template-columns:1fr 1fr;gap:16px;padding:0 24px 24px}
|
|
.full{grid-column:1/-1}.card{background:var(--card);border:1px solid var(--border);border-radius:12px;padding:20px;animation:fadeIn .3s}
|
|
.card h3{font-size:14px;font-weight:600;margin-bottom:12px;display:flex;align-items:center;gap:8px}
|
|
.badge{font-size:10px;padding:2px 8px;border-radius:99px;font-weight:500}
|
|
.bg{background:rgba(16,185,129,.2);color:var(--green)}.br{background:rgba(239,68,68,.2);color:var(--red)}.by{background:rgba(245,158,11,.2);color:var(--yellow)}.bb{background:rgba(59,130,246,.2);color:var(--blue)}
|
|
.tool{display:flex;align-items:center;gap:12px;padding:12px;border-bottom:1px solid var(--border)}
|
|
.tool:last-child{border:none}.tool .dot{width:10px;height:10px;border-radius:50%}.tool .name{font-weight:600;font-size:13px}.tool .desc{font-size:11px;color:var(--muted)}
|
|
.finding{padding:10px 12px;border-left:3px solid var(--yellow);background:rgba(245,158,11,.05);margin-bottom:6px;border-radius:0 6px 6px 0;font-size:12px}
|
|
.key{display:flex;justify-content:space-between;align-items:center;padding:8px 12px;border-bottom:1px solid var(--border);font-size:12px}
|
|
.key .kn{font-weight:600;font-family:var(--mono)}.key .kv{color:var(--green);font-size:10px}
|
|
.btn{padding:10px 20px;border-radius:8px;border:none;cursor:pointer;font-weight:700;font-size:13px;transition:.2s}
|
|
.btn:hover{transform:translateY(-1px)}
|
|
.btn-red{background:var(--red);color:white}.btn-green{background:var(--green);color:white}.btn-blue{background:var(--blue);color:white}
|
|
#status{font-family:var(--mono);font-size:12px;padding:4px 12px;border-radius:6px}
|
|
@keyframes fadeIn{from{opacity:0;transform:translateY(8px)}to{opacity:1;transform:translateY(0)}}
|
|
@keyframes pulse{0%,100%{opacity:1}50%{opacity:.5}}
|
|
.scanning{animation:pulse 1s infinite}
|
|
@media(max-width:768px){.main{grid-template-columns:1fr}}
|
|
</style><script src="/widgets/audit-banner.js" defer></script>
|
|
</head><body>
|
|
<div class="top">
|
|
<div class="logo">🔐 WEVAL <span>Security Scanner</span></div>
|
|
<div style="display:flex;gap:8px;align-items:center">
|
|
<span id="status" class="bg">● IDLE</span>
|
|
<button class="btn btn-red" onclick="runScan()">🔍 Scan Now</button>
|
|
<button class="btn btn-blue" onclick="syncKeys()">🔄 Sync Keys</button>
|
|
</div>
|
|
</div>
|
|
<div class="kpis" id="kpis"></div>
|
|
<div class="main">
|
|
<div class="card"><h3>🛠️ Scanner Tools <span class="badge bb" id="tools-count">5</span></h3><div id="tools-list"></div></div>
|
|
<div class="card"><h3>⚠️ Findings <span class="badge by" id="findings-count">0</span></h3><div id="findings-list"></div></div>
|
|
<div class="card"><h3>🔑 Tracked Keys <span class="badge bg" id="keys-count">0</span></h3><div id="keys-list" style="max-height:400px;overflow-y:auto"></div></div>
|
|
<div class="card"><h3>📁 Sensitive Files <span class="badge br" id="files-count">0</span></h3><div id="files-list" style="max-height:400px;overflow-y:auto"></div></div>
|
|
<div class="card full"><h3>📋 Scan History</h3><div id="history" style="font-family:var(--mono);font-size:12px;color:var(--muted)">Loading...</div></div>
|
|
</div>
|
|
<script>
|
|
const API='/api/secret-scanner-api.php';
|
|
async function load(){
|
|
try{
|
|
const r=await fetch(API+'?action=results');
|
|
/* HTML_GUARD_V2_BATCH */ const _t_d=await r.text(); let d=null; {var _q=(_t_d||"").trim();if(_q.startsWith("<!DOCTYPE")||_q.startsWith("<html")){d={error:"[HTTP "+(r.status||"?")+"] Backend indisponible",isHtmlError:true};}else{try{d=JSON.parse(_q)}catch(e){d={error:"[JSON] "+e.message}}}}
|
|
if(d.error){document.getElementById('history').textContent='No scan yet. Click Scan Now.';return}
|
|
// KPIs
|
|
const s=d.summary||{};
|
|
const kpis=[
|
|
{v:s.findings||0,l:'Findings',c:s.findings>5?'var(--red)':'var(--green)'},
|
|
{v:s.tools||5,l:'Tools Active',c:'var(--blue)'},
|
|
{v:(d.tools?.keyhacks?.tracked||0),l:'Keys Tracked',c:'var(--yellow)'},
|
|
{v:s.risk||'LOW',l:'Risk Level',c:s.risk==='HIGH'?'var(--red)':s.risk==='MEDIUM'?'var(--yellow)':'var(--green)'},
|
|
{v:d.repos||0,l:'Repos Scanned',c:'var(--blue)'},
|
|
{v:d.timestamp?.split('T')[1]?.substring(0,5)||'-',l:'Last Scan',c:'var(--muted)'}
|
|
];
|
|
document.getElementById('kpis').innerHTML=kpis.map(k=>'<div class="kpi"><div class="v" style="color:'+k.c+'">'+k.v+'</div><div class="l">'+k.l+'</div></div>').join('');
|
|
// Tools
|
|
const tools=[
|
|
{name:'TruffleHog',desc:'Git repo entropy + regex scanner',icon:'🐷',ok:d.tools?.trufflehog?.ok},
|
|
{name:'detect-secrets',desc:'Yelp secret detection engine',icon:'🔍',ok:d.tools?.['detect-secrets']?.ok!==false},
|
|
{name:'GitHub Dorking',desc:'Regex pattern search (AWS,Stripe,GitHub)',icon:'🕵️',ok:d.tools?.dorking?.ok},
|
|
{name:'KeyHacks',desc:'API key validation reference',icon:'🔑',ok:d.tools?.keyhacks?.ok},
|
|
{name:'shhgit Patterns',desc:'Sensitive file detection',icon:'🤫',ok:d.tools?.shhgit?.ok}
|
|
];
|
|
document.getElementById('tools-list').innerHTML=tools.map(t=>'<div class="tool"><div class="dot" style="background:'+(t.ok?'var(--green)':'var(--red)')+'"></div><div><div class="name">'+t.icon+' '+t.name+'</div><div class="desc">'+t.desc+'</div></div></div>').join('');
|
|
document.getElementById('tools-count').textContent=tools.filter(t=>t.ok).length+'/'+tools.length;
|
|
// Findings
|
|
const findings=d.findings||[];
|
|
document.getElementById('findings-count').textContent=findings.length;
|
|
document.getElementById('findings-list').innerHTML=findings.length?findings.map(f=>'<div class="finding"><strong>'+f.file+'</strong> — '+f.matches+' match(es)</div>').join(''):'<div style="color:var(--green);padding:20px;text-align:center">✅ No exposed secrets found</div>';
|
|
// Keys
|
|
const keys=d.tools?.keyhacks?.keys||[];
|
|
document.getElementById('keys-count').textContent=keys.length;
|
|
document.getElementById('keys-list').innerHTML=keys.map(k=>'<div class="key"><span class="kn">'+k+'</span><span class="kv">● tracked</span></div>').join('');
|
|
// Files
|
|
const files=d.tools?.shhgit?.files||[];
|
|
document.getElementById('files-count').textContent=files.length;
|
|
document.getElementById('files-list').innerHTML=files.map(f=>'<div style="padding:4px 8px;font-size:11px;font-family:var(--mono);border-bottom:1px solid var(--border)">📄 '+f+'</div>').join('')||'<div style="padding:20px;text-align:center;color:var(--muted)">No sensitive files outside secrets.env</div>';
|
|
// History
|
|
document.getElementById('history').textContent='Last scan: '+d.timestamp+' | Repos: '+d.repos+' | Risk: '+s.risk;
|
|
}catch(e){document.getElementById('history').textContent='Error: '+e.message}
|
|
}
|
|
async function runScan(){
|
|
document.getElementById('status').className='badge br scanning';
|
|
document.getElementById('status').textContent='● SCANNING...';
|
|
await fetch(API+'?action=scan');
|
|
setTimeout(()=>{document.getElementById('status').className='badge bg';document.getElementById('status').textContent='● DONE';load()},15000);
|
|
}
|
|
async function syncKeys(){
|
|
document.getElementById('status').textContent='● SYNCING...';
|
|
// Trigger key sync cron
|
|
await fetch(API+'?action=scan');
|
|
setTimeout(load,10000);
|
|
}
|
|
load();setInterval(load,60000);
|
|
</script>
|
|
<!-- WAVE 162 — Unified Pipeline Overlay -->
|
|
<div id="unifiedLiveOverlay" style="position:fixed;bottom:12px;right:12px;width:280px;max-height:calc(100vh - 120px);overflow-y:auto;background:linear-gradient(135deg,rgba(10,14,26,0.94),rgba(30,30,60,0.92));border:1px solid rgba(6,182,212,0.4);border-radius:10px;padding:10px;backdrop-filter:blur(14px);z-index:9999;font:600 9px Nunito,system-ui;color:#e2e8f0;box-shadow:0 4px 30px rgba(0,0,0,0.5)">
|
|
<div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:6px;padding-bottom:5px;border-bottom:1px solid rgba(100,116,139,0.3)">
|
|
<div style="font:900 10px Orbitron,system-ui;color:#06b6d4">🔴 <b id=closeLive style=cursor:pointer;margin-right:6px;color:gray onclick=unifiedLiveOverlay.remove()>x</b>UNIFIED LIVE</div>
|
|
<div id="ulo-ts" style="font-size:8px;color:#64748b"></div>
|
|
</div>
|
|
<div id="ulo-body">Loading...</div>
|
|
</div>
|
|
<script>
|
|
(function(){
|
|
const U='/api/weval-unified-pipeline.php';
|
|
async function tick(){
|
|
try{
|
|
const r=await fetch(U,{cache:'no-cache'});
|
|
if(!r.ok) return;
|
|
/* HTML_GUARD_V2_BATCH */ const _t_d=await r.text(); let d=null; {var _q=(_t_d||"").trim();if(_q.startsWith("<!DOCTYPE")||_q.startsWith("<html")){d={error:"[HTTP "+(r.status||"?")+"] Backend indisponible",isHtmlError:true};}else{try{d=JSON.parse(_q)}catch(e){d={error:"[JSON] "+e.message}}}}
|
|
const body=document.getElementById('ulo-body');
|
|
const ts=document.getElementById('ulo-ts');
|
|
if(!body) return;
|
|
const h=d.l99.health||'?';
|
|
const hc={GREEN:'#10b981',YELLOW:'#f59e0b',RED:'#ef4444'}[h]||'#64748b';
|
|
let html='<div style="background:'+hc+'15;border-left:3px solid '+hc+';padding:5px;margin-bottom:5px;border-radius:3px"><b style="color:'+hc+'">● '+h+'</b> L99 <b>'+d.l99.pass+'/'+d.l99.total+'</b><br><span style="color:#94a3b8">Disk '+d.system.disk_pct+'% Docker '+d.system.docker_count+' Crons '+d.system.cron_count+'</span></div>';
|
|
html+='<div style="display:grid;grid-template-columns:1fr 1fr;gap:4px;margin-bottom:5px"><div style="background:rgba(6,182,212,0.1);border:1px solid rgba(6,182,212,0.3);border-radius:4px;padding:4px"><div style="font:800 8px Orbitron;color:#06b6d4">SOVEREIGN</div><b>'+d.providers.count+'</b> providers<br><b>'+d.ollama.models+'</b> Ollama<br><b>'+d.qdrant.collections.length+'</b> Qdrant</div><div style="background:rgba(139,92,246,0.1);border:1px solid rgba(139,92,246,0.3);border-radius:4px;padding:4px"><div style="font:800 8px Orbitron;color:#8b5cf6">PAPERCLIP</div><b>'+d.goals.length+'</b> goals<br><b>'+d.projects.length+'</b> projects<br><b>'+d.routines.length+'</b> routines</div></div>';
|
|
html+='<div style="background:rgba(245,158,11,0.1);border:1px solid rgba(245,158,11,0.3);border-radius:4px;padding:4px;margin-bottom:5px"><div style="font:800 8px Orbitron;color:#f59e0b">ETHICA</div><b>'+(d.ethica.hcps_validated/1000).toFixed(0)+'K</b> HCPs '+d.ethica.coverage.join(' ')+'</div>';
|
|
const rpa=d.routines_per_agent||{};
|
|
const top=Object.entries(rpa).sort((a,b)=>b[1]-a[1]).slice(0,5);
|
|
if(top.length){
|
|
html+='<div style="font:800 8px Orbitron;color:#10b981;margin:4px 0">TOP AGENTS</div>';
|
|
top.forEach(([n,c])=>{html+='<div style="display:flex;justify-content:space-between;padding:1px 3px;background:rgba(16,185,129,0.05);border-radius:2px;margin-bottom:1px"><span>'+n+'</span><b style="color:#10b981">'+c+'</b></div>';});
|
|
}
|
|
html+='<div style="margin-top:5px;padding-top:4px;border-top:1px solid rgba(100,116,139,0.3);font-size:8px;color:#64748b;text-align:center"><a href="/wevia-master.html" style="color:#06b6d4">Master</a> · <a href="/agents-archi.html" style="color:#06b6d4">Archi</a> · <a href="/wevia-meeting-rooms.html" style="color:#06b6d4">Rooms</a> · <a href="https://paperclip.weval-consulting.com" style="color:#06b6d4" target="_blank">Paperclip</a></div>';
|
|
body.innerHTML=html;
|
|
if(ts) ts.textContent=new Date().toLocaleTimeString('fr-FR',{hour:'2-digit',minute:'2-digit',second:'2-digit'});
|
|
}catch(e){}
|
|
}
|
|
setTimeout(tick,1500);setInterval(tick,30000);
|
|
})();
|
|
</script>
|
|
|
|
<!-- NL-AutoWire-badge-v1 -->
|
|
<a href="/nl-autowire-status.html" id="nlAutowireBadge" style="position:fixed;bottom:8px;right:8px;background:#1a3d2c;color:#56d364;padding:4px 10px;border-radius:12px;font-size:0.78em;font-family:-apple-system,sans-serif;text-decoration:none;z-index:99999;border:1px solid rgba(86,211,100,0.5);box-shadow:0 2px 8px rgba(0,0,0,0.3);">NL-AutoWire ✓</a>
|
|
<!-- CARTO_REMOVED -->
|
|
<!-- CARTO_BANNER_V1 -->
|
|
<div style="position:fixed;bottom:20px;right:20px;z-index:9999;background:linear-gradient(135deg,#141931,#2d1b5e);border:1px solid #64ffda;border-radius:12px;padding:12px 18px;box-shadow:0 4px 20px rgba(100,255,218,.3);font-family:-apple-system,Segoe UI,sans-serif;font-size:13px">
|
|
<a href="/cartographie-screens.html" style="color:#64ffda;text-decoration:none;font-weight:600;display:flex;align-items:center;gap:8px" title="Cartographie exhaustive de tous les ecrans live">
|
|
<span style="font-size:18px">🗺</span> Cartographie live
|
|
<span id="carto-banner-count" style="color:#8892b0;font-size:11px">3914 ecrans</span>
|
|
</a>
|
|
</div>
|
|
<script>
|
|
(function(){
|
|
fetch('/api/screens-health.php?_='+Date.now(),{cache:'no-store'}).then(r=>r.json()).then(d=>{
|
|
const c=d.counts||{}; const up=c.UP||0; const slow=c.SLOW||0; const br=c.BROKEN||0;
|
|
const el=document.getElementById('carto-banner-count');
|
|
if(el) el.innerHTML=`<span style="color:#22c55e">${up} UP</span> / <span style="color:#f59e0b">${slow} Lent</span> / <span style="color:#ef4444">${br} 5xx</span>`;
|
|
}).catch(()=>{});
|
|
})();
|
|
</script>
|
|
<!-- /CARTO_BANNER_V1 -->
|
|
|
|
<!-- === OPUS UNIVERSAL DRILL-DOWN v1 19avr — append-only, doctrine #14 === -->
|
|
<script>
|
|
(function(){
|
|
if (window.__opusUniversalDrill) return; window.__opusUniversalDrill = true;
|
|
var d = document;
|
|
var m = d.createElement('div');
|
|
m.id = 'opus-udrill';
|
|
m.style.cssText = 'position:fixed;inset:0;background:rgba(0,0,0,0.82);backdrop-filter:blur(6px);display:none;align-items:center;justify-content:center;z-index:99995;padding:20px;cursor:pointer';
|
|
var inner = d.createElement('div');
|
|
inner.id = 'opus-udrill-in';
|
|
inner.style.cssText = 'max-width:900px;width:100%;max-height:90vh;overflow:auto;background:#0b0d15;border:1px solid rgba(99,102,241,0.35);border-radius:14px;padding:28px;cursor:default;box-shadow:0 20px 60px rgba(0,0,0,0.6);color:#e2e8f0;font:14px/1.55 Inter,system-ui,sans-serif';
|
|
inner.addEventListener('click', function(e){ e.stopPropagation(); });
|
|
m.appendChild(inner);
|
|
m.addEventListener('click', function(){ m.style.display='none'; });
|
|
d.addEventListener('keydown', function(e){ if(e.key==='Escape') m.style.display='none'; });
|
|
(d.body || d.documentElement).appendChild(m);
|
|
|
|
function openCard(card) {
|
|
// Clone card content + show close btn + increase font-size
|
|
var html = '<div style="display:flex;justify-content:flex-end;margin-bottom:14px"><button id="opus-udrill-close" style="padding:6px 14px;background:#171b2a;border:1px solid rgba(99,102,241,0.25);color:#e2e8f0;border-radius:8px;cursor:pointer;font-size:12px">✕ Fermer (Esc)</button></div>';
|
|
html += '<div style="transform-origin:top left;font-size:1.05em">' + card.outerHTML + '</div>';
|
|
inner.innerHTML = html;
|
|
d.getElementById('opus-udrill-close').onclick = function(){ m.style.display='none'; };
|
|
m.style.display = 'flex';
|
|
}
|
|
|
|
function wire(root) {
|
|
var sels = '.card,[class*="card"],.kpi,[class*="kpi"],.stat,[class*="stat"],.tile,[class*="tile"],.metric,[class*="metric"],.widget,[class*="widget"]';
|
|
var cards = root.querySelectorAll(sels);
|
|
for (var i = 0; i < cards.length; i++) {
|
|
var c = cards[i];
|
|
if (c.__opusWired) continue;
|
|
if (c.closest('button, a, input, select, textarea, #opus-udrill')) continue;
|
|
var r = c.getBoundingClientRect();
|
|
if (r.width < 60 || r.height < 40) continue;
|
|
c.__opusWired = true;
|
|
c.style.cursor = 'pointer';
|
|
c.setAttribute('role','button');
|
|
c.setAttribute('tabindex','0');
|
|
c.addEventListener('click', function(ev){
|
|
// If a more-specific drill is already active (e.g. pp-card custom), let it handle
|
|
if (ev.target.closest('[data-pp-id]') && window.__opusDrillInit) return;
|
|
if (ev.target.closest('a,button,input,select')) return;
|
|
ev.preventDefault(); ev.stopPropagation();
|
|
openCard(this);
|
|
});
|
|
c.addEventListener('keydown', function(ev){ if(ev.key==='Enter'||ev.key===' '){ev.preventDefault();openCard(this);} });
|
|
}
|
|
}
|
|
|
|
// Initial + mutation observer
|
|
var initRun = function(){ wire(d.body || d.documentElement); };
|
|
if (d.readyState === 'loading') d.addEventListener('DOMContentLoaded', initRun);
|
|
else initRun();
|
|
var mo = new MutationObserver(function(muts){
|
|
var newCard = false;
|
|
for (var i=0;i<muts.length;i++) if (muts[i].addedNodes.length) { newCard = true; break; }
|
|
if (newCard) initRun();
|
|
});
|
|
mo.observe(d.body || d.documentElement, {childList:true, subtree:true});
|
|
})();
|
|
</script>
|
|
<!-- === OPUS UNIVERSAL DRILL-DOWN END === -->
|
|
|
|
<script src="/api/archi-meta-badge.js" defer></script>
|
|
</body></html>
|