diff --git a/storage/nonreg_report_20260313_235548.json b/storage/nonreg_report_20260313_235548.json new file mode 100644 index 00000000..b7052852 --- /dev/null +++ b/storage/nonreg_report_20260313_235548.json @@ -0,0 +1,1239 @@ +{ + "date": "13\/03\/2026 23:55:48", + "elapsed": 21.5, + "total": 170, + "pass": 149, + "fail": 21, + "rate": 87.6, + "ppm": 123529, + "sigma": "<3\u03c3", + "constraints": [ + { + "name": "Ollama Models DOWN", + "impact": "IA provider local indisponible", + "priority": "HIGH" + }, + { + "name": "Click Redirect", + "impact": "BLOCKED: S151 Tracking", + "priority": "CRITICAL" + }, + { + "name": "Zero trust auth in pg_hba", + "impact": "BLOCKED: Security PG", + "priority": "CRITICAL" + }, + { + "name": "S151 redirect intact", + "impact": "BLOCKED: Security Tracking", + "priority": "CRITICAL" + }, + { + "name": "Ollama API alive", + "impact": "BLOCKED: WEVIA IA", + "priority": "CRITICAL" + }, + { + "name": "upload.php removed", + "impact": "BLOCKED: S88 Security", + "priority": "CRITICAL" + }, + { + "name": "ssscaleway blocked", + "impact": "BLOCKED: Incident Backdoors", + "priority": "CRITICAL" + } + ], + "tests": [ + { + "cat": "S89 Back", + "name": "Apache Port 5821 (WEVADS)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "Apache Port 5890 (Arsenal)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "PostgreSQL 5432", + "pass": true, + "detail": "Connected", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "PostgreSQL adx_clients", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "Sentinel API", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Schema", + "name": "Schema admin (672 tables)", + "pass": true, + "detail": "672 tables (min:100)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema production (13 tables)", + "pass": true, + "detail": "13 tables (min:5)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema affiliate (8 tables)", + "pass": true, + "detail": "8 tables (min:3)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema ethica (30 tables)", + "pass": true, + "detail": "30 tables (min:5)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema products (11 tables)", + "pass": true, + "detail": "11 tables (min:3)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema actions (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema lists (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema mta (4 tables)", + "pass": true, + "detail": "4 tables (min:1)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema saas (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema richscraper (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema system_admin (1 tables)", + "pass": true, + "detail": "1 tables (min:1)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "MTA Servers (5 rows)", + "pass": true, + "detail": "5 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "VMTAs (5 rows)", + "pass": true, + "detail": "5 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Office Accounts (1364 rows)", + "pass": true, + "detail": "1364 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Brain Configs (646 rows)", + "pass": true, + "detail": "646 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Offers (1211 rows)", + "pass": true, + "detail": "1211 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Links (1763 rows)", + "pass": true, + "detail": "1763 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Creatives (1285 rows)", + "pass": true, + "detail": "1285 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Ethica HCPs (49706 rows)", + "pass": true, + "detail": "49706 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Brain SACRED Winners (101)", + "pass": true, + "detail": "101 winners", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Data", + "name": "Contacts Pool (adx_clients)", + "pass": true, + "detail": "0 contacts", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Data", + "name": "Ethica Countries (3)", + "pass": true, + "detail": "3 countries", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Activity", + "name": "Cron Activity (0 recent)", + "pass": true, + "detail": "0 cron runs", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Activity", + "name": "Tracking Events 7d (1263)", + "pass": true, + "detail": "1263 events", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: arsenal-login.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: dashboard.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: menu.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: emailing-pipeline.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: offer-engine.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: scout-intelligence.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: data-manager.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: account-creator.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: ultimate-dashboard.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: office-workflow.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: office-management.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: multiInstall.js (12KB)", + "pass": true, + "detail": "12KB", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: main.js (37KB)", + "pass": true, + "detail": "37KB", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: installation.js (36KB)", + "pass": true, + "detail": "36KB", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Sentinel Brain (HTTP 200)", + "pass": true, + "detail": "Port 5890, 11407B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Ethica Stats (HTTP 200)", + "pass": true, + "detail": "Port 5821, 363B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Brain Main API (HTTP 404)", + "pass": true, + "detail": "Port 5821, 16B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Brain API (HTTP 404)", + "pass": true, + "detail": "Port 5821, 16B", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "arsenal-common.js", + "pass": true, + "detail": "25KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Back", + "name": "Nginx Port 5880", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S88 Back", + "name": "Ollama Port 11434", + "pass": false, + "detail": "May be off", + "severity": "INFO" + }, + { + "cat": "S88 Front", + "name": "Cyber Monitor (HTTP 200)", + "pass": true, + "detail": "2.6KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Front", + "name": "Site Principal (HTTP 200)", + "pass": true, + "detail": "13.1KB", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "Ollama Models (0)", + "pass": false, + "detail": "0 models loaded", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "WEVIA KB", + "pass": true, + "detail": "Check via cyber monitor", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "vLLM Health (HTTP 0)", + "pass": false, + "detail": "Optional service", + "severity": "INFO" + }, + { + "cat": "S151 Network", + "name": "HTTP Port 80", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S151 Network", + "name": "SSH Port 22", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Open (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Click (HTTP 204)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Unsub (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S151 Tracking", + "name": "Click Redirect", + "pass": false, + "detail": "No redirect", + "severity": "CRITICAL" + }, + { + "cat": "S202 Network", + "name": "SMTP Port 25", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S202 Network", + "name": "HTTP Port 80", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S202 Network", + "name": "SSH Port 22", + "pass": false, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 MTA", + "name": "Installed MTA Servers (5)", + "pass": true, + "detail": "5 servers", + "severity": "STANDARD" + }, + { + "cat": "S89 MTA", + "name": "VMTAs Configured (5)", + "pass": true, + "detail": "5 VMTAs", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "Vault Master", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "Vault Extended", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "htaccess Protection", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Ethica", + "name": "Consent Endpoint (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "DNS\/CF", + "name": "weval-consulting.com", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "DNS\/CF", + "name": "wevup.app DNS", + "pass": true, + "detail": "2 records", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: send", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: warmup", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: brain", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: conversions", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: guardian", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S88 (88.198.4.195:5880)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S151 (151.80.235.110:80)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S202 (204.168.152.13:25)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security PG", + "name": "Zero trust auth in pg_hba", + "pass": false, + "detail": "-1 trust lines", + "severity": "CRITICAL" + }, + { + "cat": "Security PG", + "name": "PG listen localhost only", + "pass": true, + "detail": "listen=127.0.0.1", + "severity": "CRITICAL" + }, + { + "cat": "Security Shield", + "name": "Shield file exists", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Shield", + "name": "Khalil IP blocked", + "pass": true, + "detail": "41.142.60.205 in blacklist", + "severity": "CRITICAL" + }, + { + "cat": "Security Auth", + "name": ".htaccess protection", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "O365 passwords column", + "pass": true, + "detail": "1364 passwords in DB", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "AES-256-GCM encrypted (1364)", + "pass": true, + "detail": "1364\/1364 encrypted", + "severity": "CRITICAL" + }, + { + "cat": "Security Crypto", + "name": "Crypto key exists", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Security Crypto", + "name": "Crypto API deployed", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "DB Proxy API deployed", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "O365 1364 passwords managed", + "pass": true, + "detail": "admin_password_enc present", + "severity": "STANDARD" + }, + { + "cat": "Security Vault", + "name": "WEVADS-Credentials-Master.html.gold", + "pass": true, + "detail": "21201B", + "severity": "CRITICAL" + }, + { + "cat": "Security Vault", + "name": "WEVADS-Credentials-Extended.gold", + "pass": true, + "detail": "3685B", + "severity": "CRITICAL" + }, + { + "cat": "Security Cleanup", + "name": "Zero PHP in \/tmp", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Security Backdoors", + "name": "Huawei_cloud.php neutralized", + "pass": true, + "detail": "Removed", + "severity": "STANDARD" + }, + { + "cat": "Security Backdoors", + "name": "ssscaleway.php neutralized", + "pass": true, + "detail": "Removed", + "severity": "STANDARD" + }, + { + "cat": "Security F2B", + "name": "fail2ban running", + "pass": true, + "detail": "Check systemctl", + "severity": "STANDARD" + }, + { + "cat": "Security SSH", + "name": "SSH hardened", + "pass": true, + "detail": "Port 49222 (49222 configured)", + "severity": "STANDARD" + }, + { + "cat": "Security Tracking", + "name": "ADX Open still works", + "pass": true, + "detail": "HTTP 200", + "severity": "CRITICAL" + }, + { + "cat": "Security Tracking", + "name": "ADX Click still works", + "pass": true, + "detail": "HTTP 204", + "severity": "CRITICAL" + }, + { + "cat": "Security Tracking", + "name": "S151 redirect intact", + "pass": false, + "detail": "BROKEN", + "severity": "CRITICAL" + }, + { + "cat": "Security Web", + "name": "No directory listing port 80", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Security API", + "name": "Sentinel accessible", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #1 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #2 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #3 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "XSS reflected blocked", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "sentinel-brain.php accessible (mgmt)", + "pass": true, + "detail": "HTTP 200 11407B", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "office-db-proxy.php accessible (mgmt)", + "pass": true, + "detail": "HTTP 401 58B", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "Path traversal blocked", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "DB credentials file not web-exposed", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "Client DB creds not web-exposed", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "fail2ban jails active (0)", + "pass": false, + "detail": "0 jails", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "Failed SSH today (0)", + "pass": true, + "detail": "0 attempts", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "SSH authorized keys (0)", + "pass": true, + "detail": "0 keys", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 3306 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 11211 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 27017 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "Zero world-writable PHP (0)", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Cleanup", + "name": "PHP in \/tmp (0)", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Crypto", + "name": "SSL weval-consulting.com valid", + "pass": true, + "detail": "Valid", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Crypto", + "name": "Cloudflare\/CDN active", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Integrity", + "name": ".htaccess size (2903 B)", + "pass": true, + "detail": "2903 bytes", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Integrity", + "name": "Shield active (5663 B)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security S88", + "name": "SSH port 22 closed", + "pass": false, + "detail": "OPEN - pending sshd reload", + "severity": "WARNING" + }, + { + "cat": "Security S88", + "name": "SSH port 49222", + "pass": true, + "detail": "Pending sshd reload", + "severity": "INFO" + }, + { + "cat": "WEVIA IA", + "name": "Ollama API alive", + "pass": false, + "detail": "HTTP 0", + "severity": "CRITICAL" + }, + { + "cat": "WEVIA IA", + "name": "vLLM API alive", + "pass": false, + "detail": "HTTP 0", + "severity": "STANDARD" + }, + { + "cat": "WEVIA IA", + "name": "Ollama inference OK", + "pass": false, + "detail": "HTTP 0", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Front", + "name": "Chatbot fullscreen", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Front", + "name": "Widget API", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "WEVIA KB", + "name": "Cyber monitor accessible", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "MailStream", + "name": "Page loads", + "pass": true, + "detail": "47KB", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "Login protected", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "No admin123 backdoor", + "pass": true, + "detail": "Clean", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "AI Proxy endpoint", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "MailStream", + "name": "Standalone (no template wrap)", + "pass": true, + "detail": "Standalone", + "severity": "STANDARD" + }, + { + "cat": "S88 Nginx", + "name": "Site serves correctly", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S88 API", + "name": "CX API responds", + "pass": true, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Turbo", + "name": "Turbo API", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S95 Screens", + "name": "Arsenal screens (1\/9)", + "pass": false, + "detail": "1 accessible", + "severity": "STANDARD" + }, + { + "cat": "SaaS Deploy", + "name": "MailStream prod", + "pass": true, + "detail": "HTTP 200 47KB", + "severity": "CRITICAL" + }, + { + "cat": "SaaS Deploy", + "name": "MailStream login protected", + "pass": true, + "detail": "Auth present", + "severity": "CRITICAL" + }, + { + "cat": "S88 API", + "name": "CX endpoint reachable", + "pass": true, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "S88 Site", + "name": "weval-consulting.com", + "pass": true, + "detail": "HTTP 200 13KB", + "severity": "CRITICAL" + }, + { + "cat": "S88 Site", + "name": "Nginx serving", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S88 Security", + "name": "upload.php removed", + "pass": false, + "detail": "HTTP 200", + "severity": "CRITICAL" + }, + { + "cat": "S88 Deploy", + "name": "Cyber Monitor v4", + "pass": false, + "detail": "HTTP 200 3KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Deploy", + "name": "Office Admin Panel", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "Ultimate Dashboard v4", + "pass": false, + "detail": "HTTP 403 0KB", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "NonReg Master v5", + "pass": false, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "Office Workflow", + "pass": false, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "DNS", + "name": "weval-consulting.com A record", + "pass": true, + "detail": "1 records", + "severity": "STANDARD" + }, + { + "cat": "DNS", + "name": "wevup.app A record", + "pass": true, + "detail": "2 records", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "WEVADS repo", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "Arsenal repo", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "WEVADS clean (0 dirty)", + "pass": true, + "detail": "0 uncommitted files", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "Arsenal clean (1 dirty)", + "pass": false, + "detail": "1 uncommitted files", + "severity": "STANDARD" + }, + { + "cat": "Incident Crypto", + "name": "O365 passwords encrypted (1364\/1364)", + "pass": true, + "detail": "1364 encrypted, 1364 total", + "severity": "STANDARD" + }, + { + "cat": "Incident Shield", + "name": "Khalil IP blocked (41.142.60.205)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Incident Shield", + "name": "Shield rate limiting active", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident Backdoors", + "name": "Huawei_cloud neutralized", + "pass": true, + "detail": "Removed", + "severity": "CRITICAL" + }, + { + "cat": "Incident Backdoors", + "name": "ssscaleway blocked", + "pass": false, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Incident Accounts", + "name": "Account 214 flagged Compromised", + "pass": true, + "detail": "Status: Compromised", + "severity": "STANDARD" + }, + { + "cat": "Incident Cleanup", + "name": "Console history purged", + "pass": true, + "detail": "0 bytes", + "severity": "STANDARD" + }, + { + "cat": "Incident S88", + "name": "Secure Office Panel", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Incident API", + "name": "Crypto API", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident API", + "name": "DB Proxy API", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident F2B", + "name": "fail2ban jails (0)", + "pass": false, + "detail": "0 jails active", + "severity": "STANDARD" + }, + { + "cat": "Incident Auth", + "name": "Admin password rotated", + "pass": true, + "detail": "Changed from default", + "severity": "CRITICAL" + } + ] +} \ No newline at end of file diff --git a/storage/nonreg_report_20260313_235610.json b/storage/nonreg_report_20260313_235610.json new file mode 100644 index 00000000..1f0dce4e --- /dev/null +++ b/storage/nonreg_report_20260313_235610.json @@ -0,0 +1,1239 @@ +{ + "date": "13\/03\/2026 23:56:10", + "elapsed": 21.1, + "total": 170, + "pass": 148, + "fail": 22, + "rate": 87.1, + "ppm": 129412, + "sigma": "<3\u03c3", + "constraints": [ + { + "name": "Ollama Models DOWN", + "impact": "IA provider local indisponible", + "priority": "HIGH" + }, + { + "name": "Click Redirect", + "impact": "BLOCKED: S151 Tracking", + "priority": "CRITICAL" + }, + { + "name": "Zero trust auth in pg_hba", + "impact": "BLOCKED: Security PG", + "priority": "CRITICAL" + }, + { + "name": "S151 redirect intact", + "impact": "BLOCKED: Security Tracking", + "priority": "CRITICAL" + }, + { + "name": "Ollama API alive", + "impact": "BLOCKED: WEVIA IA", + "priority": "CRITICAL" + }, + { + "name": "upload.php removed", + "impact": "BLOCKED: S88 Security", + "priority": "CRITICAL" + }, + { + "name": "ssscaleway blocked", + "impact": "BLOCKED: Incident Backdoors", + "priority": "CRITICAL" + } + ], + "tests": [ + { + "cat": "S89 Back", + "name": "Apache Port 5821 (WEVADS)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "Apache Port 5890 (Arsenal)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "PostgreSQL 5432", + "pass": true, + "detail": "Connected", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "PostgreSQL adx_clients", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "Sentinel API", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Schema", + "name": "Schema admin (672 tables)", + "pass": true, + "detail": "672 tables (min:100)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema production (13 tables)", + "pass": true, + "detail": "13 tables (min:5)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema affiliate (8 tables)", + "pass": true, + "detail": "8 tables (min:3)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema ethica (30 tables)", + "pass": true, + "detail": "30 tables (min:5)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema products (11 tables)", + "pass": true, + "detail": "11 tables (min:3)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema actions (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema lists (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema mta (4 tables)", + "pass": true, + "detail": "4 tables (min:1)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema saas (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema richscraper (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema system_admin (1 tables)", + "pass": true, + "detail": "1 tables (min:1)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "MTA Servers (5 rows)", + "pass": true, + "detail": "5 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "VMTAs (5 rows)", + "pass": true, + "detail": "5 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Office Accounts (1364 rows)", + "pass": true, + "detail": "1364 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Brain Configs (646 rows)", + "pass": true, + "detail": "646 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Offers (1211 rows)", + "pass": true, + "detail": "1211 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Links (1763 rows)", + "pass": true, + "detail": "1763 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Creatives (1285 rows)", + "pass": true, + "detail": "1285 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Ethica HCPs (49706 rows)", + "pass": true, + "detail": "49706 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Brain SACRED Winners (101)", + "pass": true, + "detail": "101 winners", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Data", + "name": "Contacts Pool (adx_clients)", + "pass": true, + "detail": "0 contacts", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Data", + "name": "Ethica Countries (3)", + "pass": true, + "detail": "3 countries", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Activity", + "name": "Cron Activity (0 recent)", + "pass": true, + "detail": "0 cron runs", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Activity", + "name": "Tracking Events 7d (1268)", + "pass": true, + "detail": "1268 events", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: arsenal-login.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: dashboard.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: menu.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: emailing-pipeline.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: offer-engine.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: scout-intelligence.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: data-manager.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: account-creator.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: ultimate-dashboard.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: office-workflow.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: office-management.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: multiInstall.js (12KB)", + "pass": true, + "detail": "12KB", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: main.js (37KB)", + "pass": true, + "detail": "37KB", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: installation.js (36KB)", + "pass": true, + "detail": "36KB", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Sentinel Brain (HTTP 200)", + "pass": true, + "detail": "Port 5890, 11407B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Ethica Stats (HTTP 200)", + "pass": true, + "detail": "Port 5821, 363B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Brain Main API (HTTP 404)", + "pass": true, + "detail": "Port 5821, 16B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Brain API (HTTP 404)", + "pass": true, + "detail": "Port 5821, 16B", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "arsenal-common.js", + "pass": true, + "detail": "25KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Back", + "name": "Nginx Port 5880", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S88 Back", + "name": "Ollama Port 11434", + "pass": false, + "detail": "May be off", + "severity": "INFO" + }, + { + "cat": "S88 Front", + "name": "Cyber Monitor (HTTP 200)", + "pass": true, + "detail": "2.6KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Front", + "name": "Site Principal (HTTP 200)", + "pass": true, + "detail": "13.1KB", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "Ollama Models (0)", + "pass": false, + "detail": "0 models loaded", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "WEVIA KB", + "pass": true, + "detail": "Check via cyber monitor", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "vLLM Health (HTTP 0)", + "pass": false, + "detail": "Optional service", + "severity": "INFO" + }, + { + "cat": "S151 Network", + "name": "HTTP Port 80", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S151 Network", + "name": "SSH Port 22", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Open (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Click (HTTP 204)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Unsub (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S151 Tracking", + "name": "Click Redirect", + "pass": false, + "detail": "No redirect", + "severity": "CRITICAL" + }, + { + "cat": "S202 Network", + "name": "SMTP Port 25", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S202 Network", + "name": "HTTP Port 80", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S202 Network", + "name": "SSH Port 22", + "pass": false, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 MTA", + "name": "Installed MTA Servers (5)", + "pass": true, + "detail": "5 servers", + "severity": "STANDARD" + }, + { + "cat": "S89 MTA", + "name": "VMTAs Configured (5)", + "pass": true, + "detail": "5 VMTAs", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "Vault Master", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "Vault Extended", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "htaccess Protection", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Ethica", + "name": "Consent Endpoint (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "DNS\/CF", + "name": "weval-consulting.com", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "DNS\/CF", + "name": "wevup.app DNS", + "pass": true, + "detail": "2 records", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: send", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: warmup", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: brain", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: conversions", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: guardian", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S88 (88.198.4.195:5880)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S151 (151.80.235.110:80)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S202 (204.168.152.13:25)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security PG", + "name": "Zero trust auth in pg_hba", + "pass": false, + "detail": "-1 trust lines", + "severity": "CRITICAL" + }, + { + "cat": "Security PG", + "name": "PG listen localhost only", + "pass": true, + "detail": "listen=127.0.0.1", + "severity": "CRITICAL" + }, + { + "cat": "Security Shield", + "name": "Shield file exists", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Shield", + "name": "Khalil IP blocked", + "pass": true, + "detail": "41.142.60.205 in blacklist", + "severity": "CRITICAL" + }, + { + "cat": "Security Auth", + "name": ".htaccess protection", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "O365 passwords column", + "pass": true, + "detail": "1364 passwords in DB", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "AES-256-GCM encrypted (1364)", + "pass": true, + "detail": "1364\/1364 encrypted", + "severity": "CRITICAL" + }, + { + "cat": "Security Crypto", + "name": "Crypto key exists", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Security Crypto", + "name": "Crypto API deployed", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "DB Proxy API deployed", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "O365 1364 passwords managed", + "pass": true, + "detail": "admin_password_enc present", + "severity": "STANDARD" + }, + { + "cat": "Security Vault", + "name": "WEVADS-Credentials-Master.html.gold", + "pass": true, + "detail": "21201B", + "severity": "CRITICAL" + }, + { + "cat": "Security Vault", + "name": "WEVADS-Credentials-Extended.gold", + "pass": true, + "detail": "3685B", + "severity": "CRITICAL" + }, + { + "cat": "Security Cleanup", + "name": "Zero PHP in \/tmp", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Security Backdoors", + "name": "Huawei_cloud.php neutralized", + "pass": true, + "detail": "Removed", + "severity": "STANDARD" + }, + { + "cat": "Security Backdoors", + "name": "ssscaleway.php neutralized", + "pass": true, + "detail": "Removed", + "severity": "STANDARD" + }, + { + "cat": "Security F2B", + "name": "fail2ban running", + "pass": true, + "detail": "Check systemctl", + "severity": "STANDARD" + }, + { + "cat": "Security SSH", + "name": "SSH hardened", + "pass": true, + "detail": "Port 49222 (49222 configured)", + "severity": "STANDARD" + }, + { + "cat": "Security Tracking", + "name": "ADX Open still works", + "pass": true, + "detail": "HTTP 200", + "severity": "CRITICAL" + }, + { + "cat": "Security Tracking", + "name": "ADX Click still works", + "pass": true, + "detail": "HTTP 204", + "severity": "CRITICAL" + }, + { + "cat": "Security Tracking", + "name": "S151 redirect intact", + "pass": false, + "detail": "BROKEN", + "severity": "CRITICAL" + }, + { + "cat": "Security Web", + "name": "No directory listing port 80", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Security API", + "name": "Sentinel accessible", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #1 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #2 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #3 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "XSS reflected blocked", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "sentinel-brain.php accessible (mgmt)", + "pass": true, + "detail": "HTTP 200 11407B", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "office-db-proxy.php accessible (mgmt)", + "pass": true, + "detail": "HTTP 401 58B", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "Path traversal blocked", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "DB credentials file not web-exposed", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "Client DB creds not web-exposed", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "fail2ban jails active (0)", + "pass": false, + "detail": "0 jails", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "Failed SSH today (0)", + "pass": true, + "detail": "0 attempts", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "SSH authorized keys (0)", + "pass": true, + "detail": "0 keys", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 3306 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 11211 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 27017 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "Zero world-writable PHP (0)", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Cleanup", + "name": "PHP in \/tmp (0)", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Crypto", + "name": "SSL weval-consulting.com valid", + "pass": true, + "detail": "Valid", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Crypto", + "name": "Cloudflare\/CDN active", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Integrity", + "name": ".htaccess size (2903 B)", + "pass": true, + "detail": "2903 bytes", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Integrity", + "name": "Shield active (5663 B)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security S88", + "name": "SSH port 22 closed", + "pass": false, + "detail": "OPEN - pending sshd reload", + "severity": "WARNING" + }, + { + "cat": "Security S88", + "name": "SSH port 49222", + "pass": true, + "detail": "Pending sshd reload", + "severity": "INFO" + }, + { + "cat": "WEVIA IA", + "name": "Ollama API alive", + "pass": false, + "detail": "HTTP 0", + "severity": "CRITICAL" + }, + { + "cat": "WEVIA IA", + "name": "vLLM API alive", + "pass": false, + "detail": "HTTP 0", + "severity": "STANDARD" + }, + { + "cat": "WEVIA IA", + "name": "Ollama inference OK", + "pass": false, + "detail": "HTTP 0", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Front", + "name": "Chatbot fullscreen", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Front", + "name": "Widget API", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "WEVIA KB", + "name": "Cyber monitor accessible", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "MailStream", + "name": "Page loads", + "pass": true, + "detail": "47KB", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "Login protected", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "No admin123 backdoor", + "pass": true, + "detail": "Clean", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "AI Proxy endpoint", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "MailStream", + "name": "Standalone (no template wrap)", + "pass": true, + "detail": "Standalone", + "severity": "STANDARD" + }, + { + "cat": "S88 Nginx", + "name": "Site serves correctly", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S88 API", + "name": "CX API responds", + "pass": true, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Turbo", + "name": "Turbo API", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S95 Screens", + "name": "Arsenal screens (1\/9)", + "pass": false, + "detail": "1 accessible", + "severity": "STANDARD" + }, + { + "cat": "SaaS Deploy", + "name": "MailStream prod", + "pass": true, + "detail": "HTTP 200 47KB", + "severity": "CRITICAL" + }, + { + "cat": "SaaS Deploy", + "name": "MailStream login protected", + "pass": true, + "detail": "Auth present", + "severity": "CRITICAL" + }, + { + "cat": "S88 API", + "name": "CX endpoint reachable", + "pass": true, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "S88 Site", + "name": "weval-consulting.com", + "pass": true, + "detail": "HTTP 200 13KB", + "severity": "CRITICAL" + }, + { + "cat": "S88 Site", + "name": "Nginx serving", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S88 Security", + "name": "upload.php removed", + "pass": false, + "detail": "HTTP 200", + "severity": "CRITICAL" + }, + { + "cat": "S88 Deploy", + "name": "Cyber Monitor v4", + "pass": false, + "detail": "HTTP 200 3KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Deploy", + "name": "Office Admin Panel", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "Ultimate Dashboard v4", + "pass": false, + "detail": "HTTP 403 0KB", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "NonReg Master v5", + "pass": false, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "Office Workflow", + "pass": false, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "DNS", + "name": "weval-consulting.com A record", + "pass": true, + "detail": "1 records", + "severity": "STANDARD" + }, + { + "cat": "DNS", + "name": "wevup.app A record", + "pass": true, + "detail": "2 records", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "WEVADS repo", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "Arsenal repo", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "WEVADS clean (1 dirty)", + "pass": false, + "detail": "1 uncommitted files", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "Arsenal clean (1 dirty)", + "pass": false, + "detail": "1 uncommitted files", + "severity": "STANDARD" + }, + { + "cat": "Incident Crypto", + "name": "O365 passwords encrypted (1364\/1364)", + "pass": true, + "detail": "1364 encrypted, 1364 total", + "severity": "STANDARD" + }, + { + "cat": "Incident Shield", + "name": "Khalil IP blocked (41.142.60.205)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Incident Shield", + "name": "Shield rate limiting active", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident Backdoors", + "name": "Huawei_cloud neutralized", + "pass": true, + "detail": "Removed", + "severity": "CRITICAL" + }, + { + "cat": "Incident Backdoors", + "name": "ssscaleway blocked", + "pass": false, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Incident Accounts", + "name": "Account 214 flagged Compromised", + "pass": true, + "detail": "Status: Compromised", + "severity": "STANDARD" + }, + { + "cat": "Incident Cleanup", + "name": "Console history purged", + "pass": true, + "detail": "0 bytes", + "severity": "STANDARD" + }, + { + "cat": "Incident S88", + "name": "Secure Office Panel", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Incident API", + "name": "Crypto API", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident API", + "name": "DB Proxy API", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident F2B", + "name": "fail2ban jails (0)", + "pass": false, + "detail": "0 jails active", + "severity": "STANDARD" + }, + { + "cat": "Incident Auth", + "name": "Admin password rotated", + "pass": true, + "detail": "Changed from default", + "severity": "CRITICAL" + } + ] +} \ No newline at end of file diff --git a/storage/nonreg_report_20260313_235637.json b/storage/nonreg_report_20260313_235637.json new file mode 100644 index 00000000..67b36ef5 --- /dev/null +++ b/storage/nonreg_report_20260313_235637.json @@ -0,0 +1,1239 @@ +{ + "date": "13\/03\/2026 23:56:37", + "elapsed": 21.47, + "total": 170, + "pass": 148, + "fail": 22, + "rate": 87.1, + "ppm": 129412, + "sigma": "<3\u03c3", + "constraints": [ + { + "name": "Ollama Models DOWN", + "impact": "IA provider local indisponible", + "priority": "HIGH" + }, + { + "name": "Click Redirect", + "impact": "BLOCKED: S151 Tracking", + "priority": "CRITICAL" + }, + { + "name": "Zero trust auth in pg_hba", + "impact": "BLOCKED: Security PG", + "priority": "CRITICAL" + }, + { + "name": "S151 redirect intact", + "impact": "BLOCKED: Security Tracking", + "priority": "CRITICAL" + }, + { + "name": "Ollama API alive", + "impact": "BLOCKED: WEVIA IA", + "priority": "CRITICAL" + }, + { + "name": "upload.php removed", + "impact": "BLOCKED: S88 Security", + "priority": "CRITICAL" + }, + { + "name": "ssscaleway blocked", + "impact": "BLOCKED: Incident Backdoors", + "priority": "CRITICAL" + } + ], + "tests": [ + { + "cat": "S89 Back", + "name": "Apache Port 5821 (WEVADS)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "Apache Port 5890 (Arsenal)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "PostgreSQL 5432", + "pass": true, + "detail": "Connected", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "PostgreSQL adx_clients", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "Sentinel API", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Schema", + "name": "Schema admin (672 tables)", + "pass": true, + "detail": "672 tables (min:100)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema production (13 tables)", + "pass": true, + "detail": "13 tables (min:5)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema affiliate (8 tables)", + "pass": true, + "detail": "8 tables (min:3)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema ethica (30 tables)", + "pass": true, + "detail": "30 tables (min:5)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema products (11 tables)", + "pass": true, + "detail": "11 tables (min:3)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema actions (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema lists (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema mta (4 tables)", + "pass": true, + "detail": "4 tables (min:1)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema saas (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema richscraper (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema system_admin (1 tables)", + "pass": true, + "detail": "1 tables (min:1)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "MTA Servers (5 rows)", + "pass": true, + "detail": "5 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "VMTAs (5 rows)", + "pass": true, + "detail": "5 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Office Accounts (1364 rows)", + "pass": true, + "detail": "1364 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Brain Configs (646 rows)", + "pass": true, + "detail": "646 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Offers (1211 rows)", + "pass": true, + "detail": "1211 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Links (1763 rows)", + "pass": true, + "detail": "1763 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Creatives (1285 rows)", + "pass": true, + "detail": "1285 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Ethica HCPs (49706 rows)", + "pass": true, + "detail": "49706 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Brain SACRED Winners (101)", + "pass": true, + "detail": "101 winners", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Data", + "name": "Contacts Pool (adx_clients)", + "pass": true, + "detail": "0 contacts", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Data", + "name": "Ethica Countries (3)", + "pass": true, + "detail": "3 countries", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Activity", + "name": "Cron Activity (0 recent)", + "pass": true, + "detail": "0 cron runs", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Activity", + "name": "Tracking Events 7d (1273)", + "pass": true, + "detail": "1273 events", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: arsenal-login.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: dashboard.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: menu.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: emailing-pipeline.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: offer-engine.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: scout-intelligence.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: data-manager.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: account-creator.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: ultimate-dashboard.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: office-workflow.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: office-management.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: multiInstall.js (12KB)", + "pass": true, + "detail": "12KB", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: main.js (37KB)", + "pass": true, + "detail": "37KB", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: installation.js (36KB)", + "pass": true, + "detail": "36KB", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Sentinel Brain (HTTP 200)", + "pass": true, + "detail": "Port 5890, 11407B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Ethica Stats (HTTP 200)", + "pass": true, + "detail": "Port 5821, 363B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Brain Main API (HTTP 404)", + "pass": true, + "detail": "Port 5821, 16B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Brain API (HTTP 404)", + "pass": true, + "detail": "Port 5821, 16B", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "arsenal-common.js", + "pass": true, + "detail": "25KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Back", + "name": "Nginx Port 5880", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S88 Back", + "name": "Ollama Port 11434", + "pass": false, + "detail": "May be off", + "severity": "INFO" + }, + { + "cat": "S88 Front", + "name": "Cyber Monitor (HTTP 200)", + "pass": true, + "detail": "2.6KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Front", + "name": "Site Principal (HTTP 200)", + "pass": true, + "detail": "13.1KB", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "Ollama Models (0)", + "pass": false, + "detail": "0 models loaded", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "WEVIA KB", + "pass": true, + "detail": "Check via cyber monitor", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "vLLM Health (HTTP 0)", + "pass": false, + "detail": "Optional service", + "severity": "INFO" + }, + { + "cat": "S151 Network", + "name": "HTTP Port 80", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S151 Network", + "name": "SSH Port 22", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Open (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Click (HTTP 204)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Unsub (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S151 Tracking", + "name": "Click Redirect", + "pass": false, + "detail": "No redirect", + "severity": "CRITICAL" + }, + { + "cat": "S202 Network", + "name": "SMTP Port 25", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S202 Network", + "name": "HTTP Port 80", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S202 Network", + "name": "SSH Port 22", + "pass": false, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 MTA", + "name": "Installed MTA Servers (5)", + "pass": true, + "detail": "5 servers", + "severity": "STANDARD" + }, + { + "cat": "S89 MTA", + "name": "VMTAs Configured (5)", + "pass": true, + "detail": "5 VMTAs", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "Vault Master", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "Vault Extended", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "htaccess Protection", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Ethica", + "name": "Consent Endpoint (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "DNS\/CF", + "name": "weval-consulting.com", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "DNS\/CF", + "name": "wevup.app DNS", + "pass": true, + "detail": "2 records", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: send", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: warmup", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: brain", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: conversions", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: guardian", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S88 (88.198.4.195:5880)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S151 (151.80.235.110:80)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S202 (204.168.152.13:25)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security PG", + "name": "Zero trust auth in pg_hba", + "pass": false, + "detail": "-1 trust lines", + "severity": "CRITICAL" + }, + { + "cat": "Security PG", + "name": "PG listen localhost only", + "pass": true, + "detail": "listen=127.0.0.1", + "severity": "CRITICAL" + }, + { + "cat": "Security Shield", + "name": "Shield file exists", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Shield", + "name": "Khalil IP blocked", + "pass": true, + "detail": "41.142.60.205 in blacklist", + "severity": "CRITICAL" + }, + { + "cat": "Security Auth", + "name": ".htaccess protection", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "O365 passwords column", + "pass": true, + "detail": "1364 passwords in DB", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "AES-256-GCM encrypted (1364)", + "pass": true, + "detail": "1364\/1364 encrypted", + "severity": "CRITICAL" + }, + { + "cat": "Security Crypto", + "name": "Crypto key exists", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Security Crypto", + "name": "Crypto API deployed", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "DB Proxy API deployed", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "O365 1364 passwords managed", + "pass": true, + "detail": "admin_password_enc present", + "severity": "STANDARD" + }, + { + "cat": "Security Vault", + "name": "WEVADS-Credentials-Master.html.gold", + "pass": true, + "detail": "21201B", + "severity": "CRITICAL" + }, + { + "cat": "Security Vault", + "name": "WEVADS-Credentials-Extended.gold", + "pass": true, + "detail": "3685B", + "severity": "CRITICAL" + }, + { + "cat": "Security Cleanup", + "name": "Zero PHP in \/tmp", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Security Backdoors", + "name": "Huawei_cloud.php neutralized", + "pass": true, + "detail": "Removed", + "severity": "STANDARD" + }, + { + "cat": "Security Backdoors", + "name": "ssscaleway.php neutralized", + "pass": true, + "detail": "Removed", + "severity": "STANDARD" + }, + { + "cat": "Security F2B", + "name": "fail2ban running", + "pass": true, + "detail": "Check systemctl", + "severity": "STANDARD" + }, + { + "cat": "Security SSH", + "name": "SSH hardened", + "pass": true, + "detail": "Port 49222 (49222 configured)", + "severity": "STANDARD" + }, + { + "cat": "Security Tracking", + "name": "ADX Open still works", + "pass": true, + "detail": "HTTP 200", + "severity": "CRITICAL" + }, + { + "cat": "Security Tracking", + "name": "ADX Click still works", + "pass": true, + "detail": "HTTP 204", + "severity": "CRITICAL" + }, + { + "cat": "Security Tracking", + "name": "S151 redirect intact", + "pass": false, + "detail": "BROKEN", + "severity": "CRITICAL" + }, + { + "cat": "Security Web", + "name": "No directory listing port 80", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Security API", + "name": "Sentinel accessible", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #1 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #2 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #3 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "XSS reflected blocked", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "sentinel-brain.php accessible (mgmt)", + "pass": true, + "detail": "HTTP 200 11407B", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "office-db-proxy.php accessible (mgmt)", + "pass": true, + "detail": "HTTP 401 58B", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "Path traversal blocked", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "DB credentials file not web-exposed", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "Client DB creds not web-exposed", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "fail2ban jails active (0)", + "pass": false, + "detail": "0 jails", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "Failed SSH today (0)", + "pass": true, + "detail": "0 attempts", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "SSH authorized keys (0)", + "pass": true, + "detail": "0 keys", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 3306 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 11211 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 27017 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "Zero world-writable PHP (0)", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Cleanup", + "name": "PHP in \/tmp (0)", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Crypto", + "name": "SSL weval-consulting.com valid", + "pass": true, + "detail": "Valid", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Crypto", + "name": "Cloudflare\/CDN active", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Integrity", + "name": ".htaccess size (2903 B)", + "pass": true, + "detail": "2903 bytes", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Integrity", + "name": "Shield active (5663 B)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security S88", + "name": "SSH port 22 closed", + "pass": false, + "detail": "OPEN - pending sshd reload", + "severity": "WARNING" + }, + { + "cat": "Security S88", + "name": "SSH port 49222", + "pass": true, + "detail": "Pending sshd reload", + "severity": "INFO" + }, + { + "cat": "WEVIA IA", + "name": "Ollama API alive", + "pass": false, + "detail": "HTTP 0", + "severity": "CRITICAL" + }, + { + "cat": "WEVIA IA", + "name": "vLLM API alive", + "pass": false, + "detail": "HTTP 0", + "severity": "STANDARD" + }, + { + "cat": "WEVIA IA", + "name": "Ollama inference OK", + "pass": false, + "detail": "HTTP 0", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Front", + "name": "Chatbot fullscreen", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Front", + "name": "Widget API", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "WEVIA KB", + "name": "Cyber monitor accessible", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "MailStream", + "name": "Page loads", + "pass": true, + "detail": "47KB", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "Login protected", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "No admin123 backdoor", + "pass": true, + "detail": "Clean", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "AI Proxy endpoint", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "MailStream", + "name": "Standalone (no template wrap)", + "pass": true, + "detail": "Standalone", + "severity": "STANDARD" + }, + { + "cat": "S88 Nginx", + "name": "Site serves correctly", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S88 API", + "name": "CX API responds", + "pass": true, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Turbo", + "name": "Turbo API", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S95 Screens", + "name": "Arsenal screens (1\/9)", + "pass": false, + "detail": "1 accessible", + "severity": "STANDARD" + }, + { + "cat": "SaaS Deploy", + "name": "MailStream prod", + "pass": true, + "detail": "HTTP 200 47KB", + "severity": "CRITICAL" + }, + { + "cat": "SaaS Deploy", + "name": "MailStream login protected", + "pass": true, + "detail": "Auth present", + "severity": "CRITICAL" + }, + { + "cat": "S88 API", + "name": "CX endpoint reachable", + "pass": true, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "S88 Site", + "name": "weval-consulting.com", + "pass": true, + "detail": "HTTP 200 13KB", + "severity": "CRITICAL" + }, + { + "cat": "S88 Site", + "name": "Nginx serving", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S88 Security", + "name": "upload.php removed", + "pass": false, + "detail": "HTTP 200", + "severity": "CRITICAL" + }, + { + "cat": "S88 Deploy", + "name": "Cyber Monitor v4", + "pass": false, + "detail": "HTTP 200 3KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Deploy", + "name": "Office Admin Panel", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "Ultimate Dashboard v4", + "pass": false, + "detail": "HTTP 403 0KB", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "NonReg Master v5", + "pass": false, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "Office Workflow", + "pass": false, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "DNS", + "name": "weval-consulting.com A record", + "pass": true, + "detail": "1 records", + "severity": "STANDARD" + }, + { + "cat": "DNS", + "name": "wevup.app A record", + "pass": true, + "detail": "2 records", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "WEVADS repo", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "Arsenal repo", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "WEVADS clean (2 dirty)", + "pass": false, + "detail": "2 uncommitted files", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "Arsenal clean (1 dirty)", + "pass": false, + "detail": "1 uncommitted files", + "severity": "STANDARD" + }, + { + "cat": "Incident Crypto", + "name": "O365 passwords encrypted (1364\/1364)", + "pass": true, + "detail": "1364 encrypted, 1364 total", + "severity": "STANDARD" + }, + { + "cat": "Incident Shield", + "name": "Khalil IP blocked (41.142.60.205)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Incident Shield", + "name": "Shield rate limiting active", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident Backdoors", + "name": "Huawei_cloud neutralized", + "pass": true, + "detail": "Removed", + "severity": "CRITICAL" + }, + { + "cat": "Incident Backdoors", + "name": "ssscaleway blocked", + "pass": false, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Incident Accounts", + "name": "Account 214 flagged Compromised", + "pass": true, + "detail": "Status: Compromised", + "severity": "STANDARD" + }, + { + "cat": "Incident Cleanup", + "name": "Console history purged", + "pass": true, + "detail": "0 bytes", + "severity": "STANDARD" + }, + { + "cat": "Incident S88", + "name": "Secure Office Panel", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Incident API", + "name": "Crypto API", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident API", + "name": "DB Proxy API", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident F2B", + "name": "fail2ban jails (0)", + "pass": false, + "detail": "0 jails active", + "severity": "STANDARD" + }, + { + "cat": "Incident Auth", + "name": "Admin password rotated", + "pass": true, + "detail": "Changed from default", + "severity": "CRITICAL" + } + ] +} \ No newline at end of file diff --git a/storage/nonreg_report_20260313_235724.json b/storage/nonreg_report_20260313_235724.json new file mode 100644 index 00000000..1f2ee324 --- /dev/null +++ b/storage/nonreg_report_20260313_235724.json @@ -0,0 +1,1239 @@ +{ + "date": "13\/03\/2026 23:57:24", + "elapsed": 21.46, + "total": 170, + "pass": 148, + "fail": 22, + "rate": 87.1, + "ppm": 129412, + "sigma": "<3\u03c3", + "constraints": [ + { + "name": "Ollama Models DOWN", + "impact": "IA provider local indisponible", + "priority": "HIGH" + }, + { + "name": "Click Redirect", + "impact": "BLOCKED: S151 Tracking", + "priority": "CRITICAL" + }, + { + "name": "Zero trust auth in pg_hba", + "impact": "BLOCKED: Security PG", + "priority": "CRITICAL" + }, + { + "name": "S151 redirect intact", + "impact": "BLOCKED: Security Tracking", + "priority": "CRITICAL" + }, + { + "name": "Ollama API alive", + "impact": "BLOCKED: WEVIA IA", + "priority": "CRITICAL" + }, + { + "name": "upload.php removed", + "impact": "BLOCKED: S88 Security", + "priority": "CRITICAL" + }, + { + "name": "ssscaleway blocked", + "impact": "BLOCKED: Incident Backdoors", + "priority": "CRITICAL" + } + ], + "tests": [ + { + "cat": "S89 Back", + "name": "Apache Port 5821 (WEVADS)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "Apache Port 5890 (Arsenal)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "PostgreSQL 5432", + "pass": true, + "detail": "Connected", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "PostgreSQL adx_clients", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "Sentinel API", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Schema", + "name": "Schema admin (672 tables)", + "pass": true, + "detail": "672 tables (min:100)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema production (13 tables)", + "pass": true, + "detail": "13 tables (min:5)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema affiliate (8 tables)", + "pass": true, + "detail": "8 tables (min:3)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema ethica (30 tables)", + "pass": true, + "detail": "30 tables (min:5)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema products (11 tables)", + "pass": true, + "detail": "11 tables (min:3)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema actions (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema lists (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema mta (4 tables)", + "pass": true, + "detail": "4 tables (min:1)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema saas (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema richscraper (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema system_admin (1 tables)", + "pass": true, + "detail": "1 tables (min:1)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "MTA Servers (5 rows)", + "pass": true, + "detail": "5 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "VMTAs (5 rows)", + "pass": true, + "detail": "5 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Office Accounts (1364 rows)", + "pass": true, + "detail": "1364 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Brain Configs (646 rows)", + "pass": true, + "detail": "646 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Offers (1211 rows)", + "pass": true, + "detail": "1211 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Links (1763 rows)", + "pass": true, + "detail": "1763 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Creatives (1285 rows)", + "pass": true, + "detail": "1285 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Ethica HCPs (49706 rows)", + "pass": true, + "detail": "49706 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Brain SACRED Winners (101)", + "pass": true, + "detail": "101 winners", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Data", + "name": "Contacts Pool (adx_clients)", + "pass": true, + "detail": "0 contacts", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Data", + "name": "Ethica Countries (3)", + "pass": true, + "detail": "3 countries", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Activity", + "name": "Cron Activity (0 recent)", + "pass": true, + "detail": "0 cron runs", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Activity", + "name": "Tracking Events 7d (1278)", + "pass": true, + "detail": "1278 events", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: arsenal-login.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: dashboard.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: menu.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: emailing-pipeline.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: offer-engine.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: scout-intelligence.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: data-manager.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: account-creator.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: ultimate-dashboard.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: office-workflow.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: office-management.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: multiInstall.js (12KB)", + "pass": true, + "detail": "12KB", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: main.js (37KB)", + "pass": true, + "detail": "37KB", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: installation.js (36KB)", + "pass": true, + "detail": "36KB", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Sentinel Brain (HTTP 200)", + "pass": true, + "detail": "Port 5890, 11407B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Ethica Stats (HTTP 200)", + "pass": true, + "detail": "Port 5821, 363B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Brain Main API (HTTP 404)", + "pass": true, + "detail": "Port 5821, 16B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Brain API (HTTP 404)", + "pass": true, + "detail": "Port 5821, 16B", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "arsenal-common.js", + "pass": true, + "detail": "25KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Back", + "name": "Nginx Port 5880", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S88 Back", + "name": "Ollama Port 11434", + "pass": false, + "detail": "May be off", + "severity": "INFO" + }, + { + "cat": "S88 Front", + "name": "Cyber Monitor (HTTP 200)", + "pass": true, + "detail": "2.6KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Front", + "name": "Site Principal (HTTP 200)", + "pass": true, + "detail": "13.1KB", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "Ollama Models (0)", + "pass": false, + "detail": "0 models loaded", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "WEVIA KB", + "pass": true, + "detail": "Check via cyber monitor", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "vLLM Health (HTTP 0)", + "pass": false, + "detail": "Optional service", + "severity": "INFO" + }, + { + "cat": "S151 Network", + "name": "HTTP Port 80", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S151 Network", + "name": "SSH Port 22", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Open (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Click (HTTP 204)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Unsub (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S151 Tracking", + "name": "Click Redirect", + "pass": false, + "detail": "No redirect", + "severity": "CRITICAL" + }, + { + "cat": "S202 Network", + "name": "SMTP Port 25", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S202 Network", + "name": "HTTP Port 80", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S202 Network", + "name": "SSH Port 22", + "pass": false, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 MTA", + "name": "Installed MTA Servers (5)", + "pass": true, + "detail": "5 servers", + "severity": "STANDARD" + }, + { + "cat": "S89 MTA", + "name": "VMTAs Configured (5)", + "pass": true, + "detail": "5 VMTAs", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "Vault Master", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "Vault Extended", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "htaccess Protection", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Ethica", + "name": "Consent Endpoint (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "DNS\/CF", + "name": "weval-consulting.com", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "DNS\/CF", + "name": "wevup.app DNS", + "pass": true, + "detail": "2 records", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: send", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: warmup", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: brain", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: conversions", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: guardian", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S88 (88.198.4.195:5880)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S151 (151.80.235.110:80)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S202 (204.168.152.13:25)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security PG", + "name": "Zero trust auth in pg_hba", + "pass": false, + "detail": "-1 trust lines", + "severity": "CRITICAL" + }, + { + "cat": "Security PG", + "name": "PG listen localhost only", + "pass": true, + "detail": "listen=127.0.0.1", + "severity": "CRITICAL" + }, + { + "cat": "Security Shield", + "name": "Shield file exists", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Shield", + "name": "Khalil IP blocked", + "pass": true, + "detail": "41.142.60.205 in blacklist", + "severity": "CRITICAL" + }, + { + "cat": "Security Auth", + "name": ".htaccess protection", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "O365 passwords column", + "pass": true, + "detail": "1364 passwords in DB", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "AES-256-GCM encrypted (1364)", + "pass": true, + "detail": "1364\/1364 encrypted", + "severity": "CRITICAL" + }, + { + "cat": "Security Crypto", + "name": "Crypto key exists", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Security Crypto", + "name": "Crypto API deployed", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "DB Proxy API deployed", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "O365 1364 passwords managed", + "pass": true, + "detail": "admin_password_enc present", + "severity": "STANDARD" + }, + { + "cat": "Security Vault", + "name": "WEVADS-Credentials-Master.html.gold", + "pass": true, + "detail": "21201B", + "severity": "CRITICAL" + }, + { + "cat": "Security Vault", + "name": "WEVADS-Credentials-Extended.gold", + "pass": true, + "detail": "3685B", + "severity": "CRITICAL" + }, + { + "cat": "Security Cleanup", + "name": "Zero PHP in \/tmp", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Security Backdoors", + "name": "Huawei_cloud.php neutralized", + "pass": true, + "detail": "Removed", + "severity": "STANDARD" + }, + { + "cat": "Security Backdoors", + "name": "ssscaleway.php neutralized", + "pass": true, + "detail": "Removed", + "severity": "STANDARD" + }, + { + "cat": "Security F2B", + "name": "fail2ban running", + "pass": true, + "detail": "Check systemctl", + "severity": "STANDARD" + }, + { + "cat": "Security SSH", + "name": "SSH hardened", + "pass": true, + "detail": "Port 49222 (49222 configured)", + "severity": "STANDARD" + }, + { + "cat": "Security Tracking", + "name": "ADX Open still works", + "pass": true, + "detail": "HTTP 200", + "severity": "CRITICAL" + }, + { + "cat": "Security Tracking", + "name": "ADX Click still works", + "pass": true, + "detail": "HTTP 204", + "severity": "CRITICAL" + }, + { + "cat": "Security Tracking", + "name": "S151 redirect intact", + "pass": false, + "detail": "BROKEN", + "severity": "CRITICAL" + }, + { + "cat": "Security Web", + "name": "No directory listing port 80", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Security API", + "name": "Sentinel accessible", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #1 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #2 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #3 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "XSS reflected blocked", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "sentinel-brain.php accessible (mgmt)", + "pass": true, + "detail": "HTTP 200 11407B", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "office-db-proxy.php accessible (mgmt)", + "pass": true, + "detail": "HTTP 401 58B", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "Path traversal blocked", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "DB credentials file not web-exposed", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "Client DB creds not web-exposed", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "fail2ban jails active (0)", + "pass": false, + "detail": "0 jails", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "Failed SSH today (0)", + "pass": true, + "detail": "0 attempts", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "SSH authorized keys (0)", + "pass": true, + "detail": "0 keys", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 3306 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 11211 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 27017 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "Zero world-writable PHP (0)", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Cleanup", + "name": "PHP in \/tmp (0)", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Crypto", + "name": "SSL weval-consulting.com valid", + "pass": true, + "detail": "Valid", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Crypto", + "name": "Cloudflare\/CDN active", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Integrity", + "name": ".htaccess size (2903 B)", + "pass": true, + "detail": "2903 bytes", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Integrity", + "name": "Shield active (5663 B)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security S88", + "name": "SSH port 22 closed", + "pass": false, + "detail": "OPEN - pending sshd reload", + "severity": "WARNING" + }, + { + "cat": "Security S88", + "name": "SSH port 49222", + "pass": true, + "detail": "Pending sshd reload", + "severity": "INFO" + }, + { + "cat": "WEVIA IA", + "name": "Ollama API alive", + "pass": false, + "detail": "HTTP 0", + "severity": "CRITICAL" + }, + { + "cat": "WEVIA IA", + "name": "vLLM API alive", + "pass": false, + "detail": "HTTP 0", + "severity": "STANDARD" + }, + { + "cat": "WEVIA IA", + "name": "Ollama inference OK", + "pass": false, + "detail": "HTTP 0", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Front", + "name": "Chatbot fullscreen", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Front", + "name": "Widget API", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "WEVIA KB", + "name": "Cyber monitor accessible", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "MailStream", + "name": "Page loads", + "pass": true, + "detail": "47KB", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "Login protected", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "No admin123 backdoor", + "pass": true, + "detail": "Clean", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "AI Proxy endpoint", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "MailStream", + "name": "Standalone (no template wrap)", + "pass": true, + "detail": "Standalone", + "severity": "STANDARD" + }, + { + "cat": "S88 Nginx", + "name": "Site serves correctly", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S88 API", + "name": "CX API responds", + "pass": true, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Turbo", + "name": "Turbo API", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S95 Screens", + "name": "Arsenal screens (1\/9)", + "pass": false, + "detail": "1 accessible", + "severity": "STANDARD" + }, + { + "cat": "SaaS Deploy", + "name": "MailStream prod", + "pass": true, + "detail": "HTTP 200 47KB", + "severity": "CRITICAL" + }, + { + "cat": "SaaS Deploy", + "name": "MailStream login protected", + "pass": true, + "detail": "Auth present", + "severity": "CRITICAL" + }, + { + "cat": "S88 API", + "name": "CX endpoint reachable", + "pass": true, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "S88 Site", + "name": "weval-consulting.com", + "pass": true, + "detail": "HTTP 200 13KB", + "severity": "CRITICAL" + }, + { + "cat": "S88 Site", + "name": "Nginx serving", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S88 Security", + "name": "upload.php removed", + "pass": false, + "detail": "HTTP 200", + "severity": "CRITICAL" + }, + { + "cat": "S88 Deploy", + "name": "Cyber Monitor v4", + "pass": false, + "detail": "HTTP 200 3KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Deploy", + "name": "Office Admin Panel", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "Ultimate Dashboard v4", + "pass": false, + "detail": "HTTP 403 0KB", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "NonReg Master v5", + "pass": false, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "Office Workflow", + "pass": false, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "DNS", + "name": "weval-consulting.com A record", + "pass": true, + "detail": "1 records", + "severity": "STANDARD" + }, + { + "cat": "DNS", + "name": "wevup.app A record", + "pass": true, + "detail": "2 records", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "WEVADS repo", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "Arsenal repo", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "WEVADS clean (3 dirty)", + "pass": false, + "detail": "3 uncommitted files", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "Arsenal clean (1 dirty)", + "pass": false, + "detail": "1 uncommitted files", + "severity": "STANDARD" + }, + { + "cat": "Incident Crypto", + "name": "O365 passwords encrypted (1364\/1364)", + "pass": true, + "detail": "1364 encrypted, 1364 total", + "severity": "STANDARD" + }, + { + "cat": "Incident Shield", + "name": "Khalil IP blocked (41.142.60.205)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Incident Shield", + "name": "Shield rate limiting active", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident Backdoors", + "name": "Huawei_cloud neutralized", + "pass": true, + "detail": "Removed", + "severity": "CRITICAL" + }, + { + "cat": "Incident Backdoors", + "name": "ssscaleway blocked", + "pass": false, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Incident Accounts", + "name": "Account 214 flagged Compromised", + "pass": true, + "detail": "Status: Compromised", + "severity": "STANDARD" + }, + { + "cat": "Incident Cleanup", + "name": "Console history purged", + "pass": true, + "detail": "0 bytes", + "severity": "STANDARD" + }, + { + "cat": "Incident S88", + "name": "Secure Office Panel", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Incident API", + "name": "Crypto API", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident API", + "name": "DB Proxy API", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident F2B", + "name": "fail2ban jails (0)", + "pass": false, + "detail": "0 jails active", + "severity": "STANDARD" + }, + { + "cat": "Incident Auth", + "name": "Admin password rotated", + "pass": true, + "detail": "Changed from default", + "severity": "CRITICAL" + } + ] +} \ No newline at end of file diff --git a/storage/nonreg_report_20260314_000019.json b/storage/nonreg_report_20260314_000019.json new file mode 100644 index 00000000..60f1dccc --- /dev/null +++ b/storage/nonreg_report_20260314_000019.json @@ -0,0 +1,1239 @@ +{ + "date": "14\/03\/2026 00:00:19", + "elapsed": 21.47, + "total": 170, + "pass": 148, + "fail": 22, + "rate": 87.1, + "ppm": 129412, + "sigma": "<3\u03c3", + "constraints": [ + { + "name": "Ollama Models DOWN", + "impact": "IA provider local indisponible", + "priority": "HIGH" + }, + { + "name": "Click Redirect", + "impact": "BLOCKED: S151 Tracking", + "priority": "CRITICAL" + }, + { + "name": "Zero trust auth in pg_hba", + "impact": "BLOCKED: Security PG", + "priority": "CRITICAL" + }, + { + "name": "S151 redirect intact", + "impact": "BLOCKED: Security Tracking", + "priority": "CRITICAL" + }, + { + "name": "Ollama API alive", + "impact": "BLOCKED: WEVIA IA", + "priority": "CRITICAL" + }, + { + "name": "upload.php removed", + "impact": "BLOCKED: S88 Security", + "priority": "CRITICAL" + }, + { + "name": "ssscaleway blocked", + "impact": "BLOCKED: Incident Backdoors", + "priority": "CRITICAL" + } + ], + "tests": [ + { + "cat": "S89 Back", + "name": "Apache Port 5821 (WEVADS)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "Apache Port 5890 (Arsenal)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "PostgreSQL 5432", + "pass": true, + "detail": "Connected", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "PostgreSQL adx_clients", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 Back", + "name": "Sentinel API", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Schema", + "name": "Schema admin (672 tables)", + "pass": true, + "detail": "672 tables (min:100)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema production (13 tables)", + "pass": true, + "detail": "13 tables (min:5)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema affiliate (8 tables)", + "pass": true, + "detail": "8 tables (min:3)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema ethica (30 tables)", + "pass": true, + "detail": "30 tables (min:5)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema products (11 tables)", + "pass": true, + "detail": "11 tables (min:3)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema actions (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema lists (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema mta (4 tables)", + "pass": true, + "detail": "4 tables (min:1)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema saas (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema richscraper (5 tables)", + "pass": true, + "detail": "5 tables (min:2)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Schema", + "name": "Schema system_admin (1 tables)", + "pass": true, + "detail": "1 tables (min:1)", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "MTA Servers (5 rows)", + "pass": true, + "detail": "5 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "VMTAs (5 rows)", + "pass": true, + "detail": "5 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Office Accounts (1364 rows)", + "pass": true, + "detail": "1364 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Brain Configs (646 rows)", + "pass": true, + "detail": "646 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Offers (1211 rows)", + "pass": true, + "detail": "1211 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Links (1763 rows)", + "pass": true, + "detail": "1763 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Creatives (1285 rows)", + "pass": true, + "detail": "1285 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Ethica HCPs (49706 rows)", + "pass": true, + "detail": "49706 rows", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Data", + "name": "Brain SACRED Winners (101)", + "pass": true, + "detail": "101 winners", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Data", + "name": "Contacts Pool (adx_clients)", + "pass": true, + "detail": "0 contacts", + "severity": "CRITICAL" + }, + { + "cat": "S89 DB Data", + "name": "Ethica Countries (3)", + "pass": true, + "detail": "3 countries", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Activity", + "name": "Cron Activity (0 recent)", + "pass": true, + "detail": "0 cron runs", + "severity": "STANDARD" + }, + { + "cat": "S89 DB Activity", + "name": "Tracking Events 7d (1283)", + "pass": true, + "detail": "1283 events", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: arsenal-login.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: dashboard.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: menu.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: emailing-pipeline.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: offer-engine.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: scout-intelligence.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: data-manager.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: account-creator.html", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: ultimate-dashboard.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: office-workflow.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "Page: office-management.php", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: multiInstall.js (12KB)", + "pass": true, + "detail": "12KB", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: main.js (37KB)", + "pass": true, + "detail": "37KB", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "JS: installation.js (36KB)", + "pass": true, + "detail": "36KB", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Sentinel Brain (HTTP 200)", + "pass": true, + "detail": "Port 5890, 11407B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Ethica Stats (HTTP 200)", + "pass": true, + "detail": "Port 5821, 363B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Brain Main API (HTTP 404)", + "pass": true, + "detail": "Port 5821, 16B", + "severity": "STANDARD" + }, + { + "cat": "S89 API", + "name": "Brain API (HTTP 404)", + "pass": true, + "detail": "Port 5821, 16B", + "severity": "STANDARD" + }, + { + "cat": "S89 Front", + "name": "arsenal-common.js", + "pass": true, + "detail": "25KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Back", + "name": "Nginx Port 5880", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S88 Back", + "name": "Ollama Port 11434", + "pass": false, + "detail": "May be off", + "severity": "INFO" + }, + { + "cat": "S88 Front", + "name": "Cyber Monitor (HTTP 200)", + "pass": true, + "detail": "2.6KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Front", + "name": "Site Principal (HTTP 200)", + "pass": true, + "detail": "13.1KB", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "Ollama Models (0)", + "pass": false, + "detail": "0 models loaded", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "WEVIA KB", + "pass": true, + "detail": "Check via cyber monitor", + "severity": "STANDARD" + }, + { + "cat": "S88 IA", + "name": "vLLM Health (HTTP 0)", + "pass": false, + "detail": "Optional service", + "severity": "INFO" + }, + { + "cat": "S151 Network", + "name": "HTTP Port 80", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "S151 Network", + "name": "SSH Port 22", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Open (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Click (HTTP 204)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Tracking", + "name": "ADX Unsub (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S151 Tracking", + "name": "Click Redirect", + "pass": false, + "detail": "No redirect", + "severity": "CRITICAL" + }, + { + "cat": "S202 Network", + "name": "SMTP Port 25", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S202 Network", + "name": "HTTP Port 80", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S202 Network", + "name": "SSH Port 22", + "pass": false, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 MTA", + "name": "Installed MTA Servers (5)", + "pass": true, + "detail": "5 servers", + "severity": "STANDARD" + }, + { + "cat": "S89 MTA", + "name": "VMTAs Configured (5)", + "pass": true, + "detail": "5 VMTAs", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "Vault Master", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "Vault Extended", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S89 Security", + "name": "htaccess Protection", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Ethica", + "name": "Consent Endpoint (HTTP 200)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "DNS\/CF", + "name": "weval-consulting.com", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "DNS\/CF", + "name": "wevup.app DNS", + "pass": true, + "detail": "2 records", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: send", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: warmup", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: brain", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: conversions", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "S89 Crons", + "name": "Cron: guardian", + "pass": true, + "detail": "Not found (may be in crontab)", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S88 (88.198.4.195:5880)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S151 (151.80.235.110:80)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Network", + "name": "S89\u2192S202 (204.168.152.13:25)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security PG", + "name": "Zero trust auth in pg_hba", + "pass": false, + "detail": "-1 trust lines", + "severity": "CRITICAL" + }, + { + "cat": "Security PG", + "name": "PG listen localhost only", + "pass": true, + "detail": "listen=127.0.0.1", + "severity": "CRITICAL" + }, + { + "cat": "Security Shield", + "name": "Shield file exists", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Shield", + "name": "Khalil IP blocked", + "pass": true, + "detail": "41.142.60.205 in blacklist", + "severity": "CRITICAL" + }, + { + "cat": "Security Auth", + "name": ".htaccess protection", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "O365 passwords column", + "pass": true, + "detail": "1364 passwords in DB", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "AES-256-GCM encrypted (1364)", + "pass": true, + "detail": "1364\/1364 encrypted", + "severity": "CRITICAL" + }, + { + "cat": "Security Crypto", + "name": "Crypto key exists", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Security Crypto", + "name": "Crypto API deployed", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "DB Proxy API deployed", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security Crypto", + "name": "O365 1364 passwords managed", + "pass": true, + "detail": "admin_password_enc present", + "severity": "STANDARD" + }, + { + "cat": "Security Vault", + "name": "WEVADS-Credentials-Master.html.gold", + "pass": true, + "detail": "21201B", + "severity": "CRITICAL" + }, + { + "cat": "Security Vault", + "name": "WEVADS-Credentials-Extended.gold", + "pass": true, + "detail": "3685B", + "severity": "CRITICAL" + }, + { + "cat": "Security Cleanup", + "name": "Zero PHP in \/tmp", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Security Backdoors", + "name": "Huawei_cloud.php neutralized", + "pass": true, + "detail": "Removed", + "severity": "STANDARD" + }, + { + "cat": "Security Backdoors", + "name": "ssscaleway.php neutralized", + "pass": true, + "detail": "Removed", + "severity": "STANDARD" + }, + { + "cat": "Security F2B", + "name": "fail2ban running", + "pass": true, + "detail": "Check systemctl", + "severity": "STANDARD" + }, + { + "cat": "Security SSH", + "name": "SSH hardened", + "pass": true, + "detail": "Port 49222 (49222 configured)", + "severity": "STANDARD" + }, + { + "cat": "Security Tracking", + "name": "ADX Open still works", + "pass": true, + "detail": "HTTP 200", + "severity": "CRITICAL" + }, + { + "cat": "Security Tracking", + "name": "ADX Click still works", + "pass": true, + "detail": "HTTP 204", + "severity": "CRITICAL" + }, + { + "cat": "Security Tracking", + "name": "S151 redirect intact", + "pass": false, + "detail": "BROKEN", + "severity": "CRITICAL" + }, + { + "cat": "Security Web", + "name": "No directory listing port 80", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Security API", + "name": "Sentinel accessible", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #1 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #2 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "SQLi payload #3 blocked", + "pass": true, + "detail": "HTTP 400", + "severity": "INFO" + }, + { + "cat": "Deep Sec Injection", + "name": "XSS reflected blocked", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "sentinel-brain.php accessible (mgmt)", + "pass": true, + "detail": "HTTP 200 11407B", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "office-db-proxy.php accessible (mgmt)", + "pass": true, + "detail": "HTTP 401 58B", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Access", + "name": "Path traversal blocked", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "DB credentials file not web-exposed", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "Client DB creds not web-exposed", + "pass": true, + "detail": "HTTP 404", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "fail2ban jails active (0)", + "pass": false, + "detail": "0 jails", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "Failed SSH today (0)", + "pass": true, + "detail": "0 attempts", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Intrusion", + "name": "SSH authorized keys (0)", + "pass": true, + "detail": "0 keys", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 3306 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 11211 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Ports", + "name": "Port 27017 closed (external)", + "pass": true, + "detail": "Closed", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Files", + "name": "Zero world-writable PHP (0)", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Cleanup", + "name": "PHP in \/tmp (0)", + "pass": true, + "detail": "0 files", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Crypto", + "name": "SSL weval-consulting.com valid", + "pass": true, + "detail": "Valid", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Crypto", + "name": "Cloudflare\/CDN active", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Integrity", + "name": ".htaccess size (2903 B)", + "pass": true, + "detail": "2903 bytes", + "severity": "STANDARD" + }, + { + "cat": "Deep Sec Integrity", + "name": "Shield active (5663 B)", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Security S88", + "name": "SSH port 22 closed", + "pass": false, + "detail": "OPEN - pending sshd reload", + "severity": "WARNING" + }, + { + "cat": "Security S88", + "name": "SSH port 49222", + "pass": true, + "detail": "Pending sshd reload", + "severity": "INFO" + }, + { + "cat": "WEVIA IA", + "name": "Ollama API alive", + "pass": false, + "detail": "HTTP 0", + "severity": "CRITICAL" + }, + { + "cat": "WEVIA IA", + "name": "vLLM API alive", + "pass": false, + "detail": "HTTP 0", + "severity": "STANDARD" + }, + { + "cat": "WEVIA IA", + "name": "Ollama inference OK", + "pass": false, + "detail": "HTTP 0", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Front", + "name": "Chatbot fullscreen", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Front", + "name": "Widget API", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "WEVIA KB", + "name": "Cyber monitor accessible", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "MailStream", + "name": "Page loads", + "pass": true, + "detail": "47KB", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "Login protected", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "No admin123 backdoor", + "pass": true, + "detail": "Clean", + "severity": "CRITICAL" + }, + { + "cat": "MailStream", + "name": "AI Proxy endpoint", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "MailStream", + "name": "Standalone (no template wrap)", + "pass": true, + "detail": "Standalone", + "severity": "STANDARD" + }, + { + "cat": "S88 Nginx", + "name": "Site serves correctly", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S88 API", + "name": "CX API responds", + "pass": true, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "WEVIA Turbo", + "name": "Turbo API", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S95 Screens", + "name": "Arsenal screens (1\/9)", + "pass": false, + "detail": "1 accessible", + "severity": "STANDARD" + }, + { + "cat": "SaaS Deploy", + "name": "MailStream prod", + "pass": true, + "detail": "HTTP 200 47KB", + "severity": "CRITICAL" + }, + { + "cat": "SaaS Deploy", + "name": "MailStream login protected", + "pass": true, + "detail": "Auth present", + "severity": "CRITICAL" + }, + { + "cat": "S88 API", + "name": "CX endpoint reachable", + "pass": true, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "S88 Site", + "name": "weval-consulting.com", + "pass": true, + "detail": "HTTP 200 13KB", + "severity": "CRITICAL" + }, + { + "cat": "S88 Site", + "name": "Nginx serving", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "S88 Security", + "name": "upload.php removed", + "pass": false, + "detail": "HTTP 200", + "severity": "CRITICAL" + }, + { + "cat": "S88 Deploy", + "name": "Cyber Monitor v4", + "pass": false, + "detail": "HTTP 200 3KB", + "severity": "STANDARD" + }, + { + "cat": "S88 Deploy", + "name": "Office Admin Panel", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "Ultimate Dashboard v4", + "pass": false, + "detail": "HTTP 403 0KB", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "NonReg Master v5", + "pass": false, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "S95 Deploy", + "name": "Office Workflow", + "pass": false, + "detail": "HTTP 403", + "severity": "STANDARD" + }, + { + "cat": "DNS", + "name": "weval-consulting.com A record", + "pass": true, + "detail": "1 records", + "severity": "STANDARD" + }, + { + "cat": "DNS", + "name": "wevup.app A record", + "pass": true, + "detail": "2 records", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "WEVADS repo", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "Arsenal repo", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "WEVADS clean (4 dirty)", + "pass": false, + "detail": "4 uncommitted files", + "severity": "STANDARD" + }, + { + "cat": "Git", + "name": "Arsenal clean (1 dirty)", + "pass": false, + "detail": "1 uncommitted files", + "severity": "STANDARD" + }, + { + "cat": "Incident Crypto", + "name": "O365 passwords encrypted (1364\/1364)", + "pass": true, + "detail": "1364 encrypted, 1364 total", + "severity": "STANDARD" + }, + { + "cat": "Incident Shield", + "name": "Khalil IP blocked (41.142.60.205)", + "pass": true, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Incident Shield", + "name": "Shield rate limiting active", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident Backdoors", + "name": "Huawei_cloud neutralized", + "pass": true, + "detail": "Removed", + "severity": "CRITICAL" + }, + { + "cat": "Incident Backdoors", + "name": "ssscaleway blocked", + "pass": false, + "detail": "", + "severity": "CRITICAL" + }, + { + "cat": "Incident Accounts", + "name": "Account 214 flagged Compromised", + "pass": true, + "detail": "Status: Compromised", + "severity": "STANDARD" + }, + { + "cat": "Incident Cleanup", + "name": "Console history purged", + "pass": true, + "detail": "0 bytes", + "severity": "STANDARD" + }, + { + "cat": "Incident S88", + "name": "Secure Office Panel", + "pass": true, + "detail": "HTTP 200", + "severity": "STANDARD" + }, + { + "cat": "Incident API", + "name": "Crypto API", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident API", + "name": "DB Proxy API", + "pass": true, + "detail": "", + "severity": "STANDARD" + }, + { + "cat": "Incident F2B", + "name": "fail2ban jails (0)", + "pass": false, + "detail": "0 jails active", + "severity": "STANDARD" + }, + { + "cat": "Incident Auth", + "name": "Admin password rotated", + "pass": true, + "detail": "Changed from default", + "severity": "CRITICAL" + } + ] +} \ No newline at end of file