A Community-Powered Cyber Threat Monitoring System
Sentra is a cybersecurity platform designed to crowdsource cyber threat reporting while safeguarding user privacy. The system combines breach detection, user alerts, threat submissions, automated validation using services like VirusTotal, and optional escalation to government agencies such as CERT.
This community-driven model aims to strengthen cyber resilience through transparency, quick threat visibility, and responsible disclosure.
- Secure Authentication: Sign up & login with JWT-based session management
- Email Verification: Optional email verification for enhanced security
- Profile Management: Comprehensive user profile with breach history
- Privacy-First: User identity protection throughout the reporting process
- Automated Scanning: Email breach detection via HaveIBeenPwned (HIBP) API
- Real-time Monitoring: Scans performed on signup and email changes
- Historical Tracking: Complete breach history logging and user alerts
- Instant Notifications: Immediate alerts when breaches are detected
- Easy Submission: Report cyber threats with title, description, screenshots, and links
- Status Tracking: Monitor submission status
- Evidence Support: Upload screenshots and provide detailed descriptions
- Community Impact: Contribute to collective cybersecurity knowledge
- VirusTotal Integration: Automatic URL/IP validation using VirusTotal API
- Smart Classification: Auto-classify threats based on scan results
- Manual Override: Admin panel for manual review and status updates
- Transparent Process: Clear justification for all validation decisions
- In-App Alerts: Real-time notifications for breach detection and report updates
- Status Updates: Automatic updates on threat report progress
- Government Reporting: Seamless escalation to CERT agencies
- Multiple Formats: Export verified threats as PDF
- Institutional Ready: Designed for both public and institutional use
- Compliance Support: Meets government reporting requirements
┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐
│ Frontend │ │ Backend │ │ Database │
│ (React) │ │ (Ballerina) │ │ (PostgreSQL/ │
│ │◄──►│ │◄──►│ MySQL) │
│ • Auth Pages │ │ • HTTP Services │ │ • Users │
│ • Profile │ │ • REST APIs │ │ • Reports │
│ • Threat Form │ │ • Email Service │ │ • Notifications │
│ • Admin Panel │ │ • Validation │ │ • BreachLogs │
│ • Notifications │ │ • CERT Export │ │ • Admins │
└─────────────────┘ └─────────────────┘ └─────────────────┘
│
▼
┌─────────────────┐
│ External APIs │
│ • VirusTotal │
│ • HIBP │
│ • CERT Services │
└─────────────────┘
- Frontend: React
- Backend: Ballerina
- Database: MySQL
- Authentication: JWT
- External APIs: VirusTotal, HaveIBeenPwned
- Notifications: In-app alerts
Before you begin, ensure you have the following installed:
- Node.js (v16 or higher)
- Ballerina (latest version)
- MySQL
- Git
You'll need to obtain API keys for:
git clone https://github.com/200OK-Sentra/Sentra_Backend.git
git clone https://github.com/200OK-Sentra/sentra-frontend.gitcd backendCreate a Config.toml file:
[database]
host = "localhost"
port = 5432
name = "sentra_db"
username = "your_db_user"
password = "your_db_password"
[apis]
hibp_api_key = "your_hibp_api_key"
virustotal_api_key = "your_virustotal_api_key"
[email]
smtp_host = "smtp.gmail.com"
smtp_port = 587
smtp_username = "your_email@gmail.com"
smtp_password = "your_app_password"
[jwt]
secret = "your_jwt_secret_key"Install dependencies and run:
bal build
bal runcd frontend
npm install
npm run devRun the SQL script provided in the database folder to create the database and tables:
mysql -u <username> -p < database/schema.sqlReplace with your MySQL username. You will be prompted for your password. This will create the sentra_db database and all required tables automatically.
POST /test/register
Content-Type: application/json
{
"email": "user@example.com",
"password": "securePassword123",
"name": "John Doe"
}POST /test/login
Content-Type: application/json
{
"email": "user@example.com",
"password": "securePassword123"
}GET /test/auth
Authorization: Bearer {JWT_TOKEN}POST /reports/submit?userId={USER_ID}
Authorization: Bearer {JWT_TOKEN}
Content-Type: application/json
{
"title": "Malware Infection Report",
"threat_type": "Malware",
"priority_level": "Medium",
"links": [
"http://malicious-site.com/download",
"http://infected-example.com/installer"
],
"source_discovered": "Detected by endpoint antivirus during routine scan.",
"detailed_description": "The malware attempts to steal user credentials and encrypt sensitive files. It spreads through downloaded installers from untrusted websites.",
"evidence": "iVBORw0KGgoAAAANSUhEUgAAAoAAAAHgCAYAAAD..."
}GET /reports/user
Authorization: Bearer {JWT_TOKEN}GET /reportsPUT /report/{id}/validate
Authorization: Bearer {ADMIN_JWT_TOKEN}
Content-Type: application/json
{
"status": "Validated",
"remarks": "Confirmed malicious via VirusTotal scan",
"validatedBy": "admin_001"
}| Role | Access Level | Description |
|---|---|---|
| User | Submit threats, view own history | Community members who report threats |
| Admin | Validate reports, manage users | Platform moderators who review submissions |
| CERT Viewer | Read-only validated threats | Government agencies accessing verified threats |
- User Registration → Email automatically checked for breaches via HIBP
- Breach Detection → User notified if email found in any data breaches
- Threat Submission → User reports suspicious activity with evidence
- Automated Validation → System scans URLs/IPs using VirusTotal
- Admin Review → Manual verification for edge cases
- CERT Notification → Validated threats exported to government agencies
- Community Feedback → Users notified when their reports help stop threats
Import the provided Postman collection for comprehensive API testing:
- Authentication Flow: Test signup, login, and JWT validation
- Breach Detection: Verify HIBP integration
- Threat Submission: Test report creation and validation
- Admin Operations: Validate admin panel functionality
- CERT Export: Test government agency integration
- Password Security: Bcrypt hashing with salt rounds
- JWT Management: Secure token generation and validation
- API Rate Limiting: Protection against abuse
- Input Validation: Sanitization of all user inputs
- Privacy Protection: User anonymization in CERT exports
- Secure Communications: HTTPS everywhere, encrypted data transmission
We welcome contributions! Here's how to get started:
- Fork the repository
- Create a feature branch:
git checkout -b feature/amazing-feature - Make your changes and add tests
- Commit your changes:
git commit -m 'Add amazing feature' - Push to the branch:
git push origin feature/amazing-feature - Open a Pull Request
- Follow existing code style and conventions
- Add tests for new features
- Update documentation for API changes
- Ensure all security checks pass
- Test with sample data before submitting
- AI-Powered Validation: Machine learning models for threat classification
- Real-time Dashboard: Live threat monitoring for CERT agencies
- Gamification: User rewards system for valid threat submissions
- Browser Extension: One-click threat reporting from any website
- Mobile App: iOS/Android apps for on-the-go reporting
- Advanced Analytics: Threat trend analysis and prediction
- API Integrations: Support for more security vendors and tools
- HaveIBeenPwned: For providing breach detection services
- VirusTotal: For automated threat validation
- Ballerina Community: For the excellent backend framework
- React Team: For the robust frontend framework
- Security Researchers: Who inspire community-driven cybersecurity
Empowering communities to fight cyber threats together