feat: Enron Dataset & Mobile Threat Pipeline#4
Merged
adityashirsatrao007 merged 1 commit intoMay 8, 2026
Conversation
There was a problem hiding this comment.
Pull request overview
This PR integrates Enron dataset–driven red team payload generation into the SentinelX UI/backend, adds demo-oriented risk-score overrides for email/SMS analysis, and introduces a new Flutter-based mobile client scaffold (plus Expo config updates).
Changes:
- Add a backend Enron dataset prep script and an authenticated API endpoint to fetch pre-scored dataset samples by severity percentile.
- Update the Red Team UI to fetch dataset samples and launch them into the mobile dashboard via
/analyze/emailwith an optional forced risk score. - Add a new Flutter mobile app scaffold and update the existing Expo mobile app’s TypeScript/config/dependencies.
Reviewed changes
Copilot reviewed 108 out of 150 changed files in this pull request and generated 14 comments.
Show a summary per file
| File | Description |
|---|---|
| mobile/tsconfig.json | Adds TS/TSX include patterns (Expo typed routes/types). |
| mobile/package.json | Updates Expo/RN and related dependencies. |
| mobile/app.json | Adds Expo plugins for fonts and web browser. |
| mobile_flutter/windows/runner/win32_window.h | Adds Windows runner window abstraction (Flutter scaffold). |
| mobile_flutter/windows/runner/win32_window.cpp | Implements Win32 window + DPI/dark mode handling (Flutter scaffold). |
| mobile_flutter/windows/runner/utils.h | Adds Windows runner utility declarations (Flutter scaffold). |
| mobile_flutter/windows/runner/utils.cpp | Implements console/argv/UTF conversion utilities (Flutter scaffold). |
| mobile_flutter/windows/runner/Runner.rc | Adds Windows resources (icon/version) for Flutter runner. |
| mobile_flutter/windows/runner/runner.exe.manifest | Adds Windows manifest (DPI awareness / compatibility). |
| mobile_flutter/windows/runner/resource.h | Adds Windows resource IDs for Flutter runner. |
| mobile_flutter/windows/runner/main.cpp | Adds Windows runner entry point (Flutter scaffold). |
| mobile_flutter/windows/runner/flutter_window.h | Adds FlutterWindow host for Windows (Flutter scaffold). |
| mobile_flutter/windows/runner/flutter_window.cpp | Implements Flutter view hosting for Windows (Flutter scaffold). |
| mobile_flutter/windows/runner/CMakeLists.txt | Adds Windows runner build configuration (Flutter scaffold). |
| mobile_flutter/windows/flutter/generated_plugins.cmake | Generated plugin wiring (Windows). |
| mobile_flutter/windows/flutter/generated_plugin_registrant.h | Generated plugin registrant header (Windows). |
| mobile_flutter/windows/flutter/generated_plugin_registrant.cc | Generated plugin registrant source (Windows). |
| mobile_flutter/windows/flutter/CMakeLists.txt | Flutter Windows build plumbing (generated). |
| mobile_flutter/windows/CMakeLists.txt | Windows top-level CMake for Flutter app. |
| mobile_flutter/windows/.gitignore | Ignores ephemeral/VS build outputs for Windows. |
| mobile_flutter/web/manifest.json | Adds Flutter web manifest. |
| mobile_flutter/web/index.html | Adds Flutter web entry HTML. |
| mobile_flutter/test/widget_test.dart | Adds default Flutter widget test scaffold. |
| mobile_flutter/README.md | Adds default Flutter README scaffold. |
| mobile_flutter/pubspec.yaml | Adds Flutter project dependencies/config. |
| mobile_flutter/pubspec.lock | Adds pinned Dart/Flutter dependencies. |
| mobile_flutter/macos/RunnerTests/RunnerTests.swift | Adds macOS test scaffold. |
| mobile_flutter/macos/Runner/Release.entitlements | Adds macOS release entitlements. |
| mobile_flutter/macos/Runner/MainFlutterWindow.swift | Adds macOS window host for Flutter. |
| mobile_flutter/macos/Runner/Info.plist | Adds macOS app Info.plist. |
| mobile_flutter/macos/Runner/DebugProfile.entitlements | Adds macOS debug/profile entitlements. |
| mobile_flutter/macos/Runner/Configs/Warnings.xcconfig | Adds macOS warning settings. |
| mobile_flutter/macos/Runner/Configs/Release.xcconfig | Adds macOS release xcconfig includes. |
| mobile_flutter/macos/Runner/Configs/Debug.xcconfig | Adds macOS debug xcconfig includes. |
| mobile_flutter/macos/Runner/Configs/AppInfo.xcconfig | Adds macOS app identity settings. |
| mobile_flutter/macos/Runner/Base.lproj/MainMenu.xib | Adds macOS UI resources (menu/window). |
| mobile_flutter/macos/Runner/Assets.xcassets/AppIcon.appiconset/Contents.json | Adds macOS app icon catalog metadata. |
| mobile_flutter/macos/Runner/AppDelegate.swift | Adds macOS AppDelegate scaffold. |
| mobile_flutter/macos/Runner.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist | Adds macOS workspace checks file. |
| mobile_flutter/macos/Runner.xcworkspace/contents.xcworkspacedata | Adds macOS workspace definition. |
| mobile_flutter/macos/Runner.xcodeproj/xcshareddata/xcschemes/Runner.xcscheme | Adds macOS scheme. |
| mobile_flutter/macos/Runner.xcodeproj/project.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist | Adds macOS project workspace checks. |
| mobile_flutter/macos/Runner.xcodeproj/project.pbxproj | Adds macOS Xcode project configuration. |
| mobile_flutter/macos/Flutter/GeneratedPluginRegistrant.swift | Generated plugin registrant (macOS). |
| mobile_flutter/macos/Flutter/Flutter-Release.xcconfig | Generated Flutter config include (macOS). |
| mobile_flutter/macos/Flutter/Flutter-Debug.xcconfig | Generated Flutter config include (macOS). |
| mobile_flutter/macos/.gitignore | Ignores ephemeral/Pods/Xcode user data (macOS). |
| mobile_flutter/linux/runner/my_application.h | Adds Linux runner application header. |
| mobile_flutter/linux/runner/my_application.cc | Adds Linux GTK runner implementation. |
| mobile_flutter/linux/runner/main.cc | Adds Linux runner entry point. |
| mobile_flutter/linux/runner/CMakeLists.txt | Adds Linux runner build config. |
| mobile_flutter/linux/flutter/generated_plugins.cmake | Generated plugin wiring (Linux). |
| mobile_flutter/linux/flutter/generated_plugin_registrant.h | Generated plugin registrant header (Linux). |
| mobile_flutter/linux/flutter/generated_plugin_registrant.cc | Generated plugin registrant source (Linux). |
| mobile_flutter/linux/flutter/CMakeLists.txt | Flutter Linux build plumbing (generated). |
| mobile_flutter/linux/CMakeLists.txt | Linux top-level CMake for Flutter app. |
| mobile_flutter/linux/.gitignore | Ignores Linux ephemeral flutter build artifacts. |
| mobile_flutter/lib/main.dart | Implements Flutter SentinelX dashboard UI + polling logic. |
| mobile_flutter/ios/RunnerTests/RunnerTests.swift | Adds iOS test scaffold. |
| mobile_flutter/ios/Runner/SceneDelegate.swift | Adds iOS SceneDelegate scaffold. |
| mobile_flutter/ios/Runner/Runner-Bridging-Header.h | Adds iOS bridging header for plugin registrant. |
| mobile_flutter/ios/Runner/Info.plist | Adds iOS app Info.plist. |
| mobile_flutter/ios/Runner/Base.lproj/Main.storyboard | Adds iOS main storyboard. |
| mobile_flutter/ios/Runner/Base.lproj/LaunchScreen.storyboard | Adds iOS launch screen storyboard. |
| mobile_flutter/ios/Runner/Assets.xcassets/LaunchImage.imageset/README.md | Documents iOS launch screen asset usage. |
| mobile_flutter/ios/Runner/Assets.xcassets/LaunchImage.imageset/Contents.json | Adds iOS launch image metadata. |
| mobile_flutter/ios/Runner/Assets.xcassets/AppIcon.appiconset/Contents.json | Adds iOS app icon metadata. |
| mobile_flutter/ios/Runner/AppDelegate.swift | Adds iOS AppDelegate/plugin registration. |
| mobile_flutter/ios/Runner.xcworkspace/xcshareddata/WorkspaceSettings.xcsettings | Adds iOS workspace settings. |
| mobile_flutter/ios/Runner.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist | Adds iOS workspace checks. |
| mobile_flutter/ios/Runner.xcworkspace/contents.xcworkspacedata | Adds iOS workspace definition. |
| mobile_flutter/ios/Runner.xcodeproj/xcshareddata/xcschemes/Runner.xcscheme | Adds iOS scheme. |
| mobile_flutter/ios/Runner.xcodeproj/project.xcworkspace/xcshareddata/WorkspaceSettings.xcsettings | Adds iOS project workspace settings. |
| mobile_flutter/ios/Runner.xcodeproj/project.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist | Adds iOS project workspace checks. |
| mobile_flutter/ios/Runner.xcodeproj/project.xcworkspace/contents.xcworkspacedata | Adds iOS project workspace content. |
| mobile_flutter/ios/Runner.xcodeproj/project.pbxproj | Adds iOS Xcode project configuration. |
| mobile_flutter/ios/Flutter/Release.xcconfig | Adds iOS Flutter release xcconfig include. |
| mobile_flutter/ios/Flutter/Debug.xcconfig | Adds iOS Flutter debug xcconfig include. |
| mobile_flutter/ios/Flutter/AppFrameworkInfo.plist | Adds iOS Flutter framework plist. |
| mobile_flutter/ios/.gitignore | Ignores iOS ephemeral/build artifacts. |
| mobile_flutter/android/settings.gradle.kts | Adds Android Gradle settings for Flutter app. |
| mobile_flutter/android/gradle/wrapper/gradle-wrapper.properties | Adds Gradle wrapper configuration. |
| mobile_flutter/android/gradle.properties | Adds Gradle JVM args + AndroidX flag. |
| mobile_flutter/android/build.gradle.kts | Adds Android top-level build setup. |
| mobile_flutter/android/app/src/profile/AndroidManifest.xml | Adds profile manifest (internet permission). |
| mobile_flutter/android/app/src/main/res/values/styles.xml | Adds Android styles (light). |
| mobile_flutter/android/app/src/main/res/values-night/styles.xml | Adds Android styles (dark). |
| mobile_flutter/android/app/src/main/res/drawable/launch_background.xml | Adds Android launch background drawable. |
| mobile_flutter/android/app/src/main/res/drawable-v21/launch_background.xml | Adds Android v21 launch background drawable. |
| mobile_flutter/android/app/src/main/kotlin/com/sentinelx/mobile_flutter/MainActivity.kt | Adds Android MainActivity. |
| mobile_flutter/android/app/src/main/AndroidManifest.xml | Adds Android main manifest for Flutter app. |
| mobile_flutter/android/app/src/debug/AndroidManifest.xml | Adds debug manifest (internet permission). |
| mobile_flutter/android/app/build.gradle.kts | Adds Android app build config for Flutter app. |
| mobile_flutter/android/.gitignore | Ignores Android build outputs/secrets. |
| mobile_flutter/analysis_options.yaml | Adds Dart analyzer config. |
| mobile_flutter/.metadata | Adds Flutter tool metadata. |
| mobile_flutter/.gitignore | Adds Flutter project gitignore. |
| frontend/src/pages/RedTeam.tsx | Switches red team generator to Enron dataset sampling + mobile launch. |
| frontend/src/pages/MobileRemote.tsx | Adds mobile attack simulator buttons via remote events. |
| backend/prep_enron_dataset.py | Adds Enron dataset download/parsing/scoring script producing a scored JSON sample. |
| backend/manual_attack.py | Adds manual SMS attack script for demos via API calls. |
| backend/app/services/sms_service.py | Adds force_risk_score override handling for SMS analysis (demo). |
| backend/app/services/email_service.py | Adds force_risk_score override handling for email analysis (demo). |
| backend/app/services/alert_service.py | Adjusts alert listing scoping logic (now conditional on user presence). |
| backend/app/schemas/schemas.py | Adds force_risk_score fields + reorganizes schema definitions/model rebuild. |
| backend/app/schemas/init.py | Exports UserInviteRequest. |
| backend/app/ml/phishing_model.py | Forces heuristic-only phishing classification path. |
| backend/app/main.py | Disables rate limiting and loosens CORS/host restrictions. |
| backend/app/api/routes/remote.py | Renames request param for remote event ingestion. |
| backend/app/api/routes/auth.py | Adjusts register/login handler signatures; removes rate limiting decorators. |
| backend/app/api/routes/analyze.py | Adjusts analyze handler signatures; adds dataset-samples endpoint. |
| backend/app/api/routes/alerts.py | Removes auth from alert listing route. |
Files not reviewed (3)
- mobile_flutter/ios/Runner.xcodeproj/project.xcworkspace/contents.xcworkspacedata: Language not supported
- mobile_flutter/ios/Runner.xcworkspace/contents.xcworkspacedata: Language not supported
- mobile_flutter/macos/Runner.xcworkspace/contents.xcworkspacedata: Language not supported
Comments suppressed due to low confidence (2)
backend/app/main.py:71
- CORS is configured with allow_origins=["*"] while allow_credentials=True. Browsers will reject credentialed CORS with a wildcard origin, and it also widens exposure unnecessarily. Use settings.ALLOWED_ORIGINS (or dynamically echo specific origins) and only set allow_credentials when needed.
app.add_middleware(
CORSMiddleware,
allow_origins=["*"],
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
)
backend/app/api/routes/auth.py:12
limiteris imported andrequest: Requestis accepted by the handler, but neither is used (rate limiting decorators were removed). Consider removing unused imports/parameters to keep the API surface clean and avoid suggesting rate limiting is active when it isn’t.
from fastapi import APIRouter, Depends, HTTPException, status, Request
from sqlalchemy.orm import Session
from app.core.limiter import limiter
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
73
to
76
| app.add_middleware( | ||
| TrustedHostMiddleware, | ||
| allowed_hosts=["localhost", "127.0.0.1", "0.0.0.0"] | ||
| allowed_hosts=["*"] | ||
| ) |
Comment on lines
60
to
+62
| # ─── Rate Limiting ──────────────────────────────────────────────────────────── | ||
| app.state.limiter = limiter | ||
| app.add_exception_handler(RateLimitExceeded, _rate_limit_exceeded_handler) | ||
| # app.state.limiter = limiter | ||
| # app.add_exception_handler(RateLimitExceeded, _rate_limit_exceeded_handler) |
Comment on lines
31
to
43
| def list_alerts( | ||
| skip: int = Query(0, ge=0, description="Offset for pagination"), | ||
| limit: int = Query(50, ge=1, le=200, description="Max results to return"), | ||
| unacknowledged_only: bool = Query(False, description="Filter to unacknowledged alerts"), | ||
| db: Session = Depends(get_db), | ||
| current_user: User = Depends(get_current_user), | ||
| ) -> AlertListResponse: | ||
| """ | ||
| Retrieve paginated list of alerts. | ||
| Optionally filter to show only unacknowledged alerts. | ||
| """ | ||
| return alert_service.list_alerts( | ||
| db, current_user, skip=skip, limit=limit, unacknowledged_only=unacknowledged_only | ||
| db, None, skip=skip, limit=limit, unacknowledged_only=unacknowledged_only | ||
| ) |
Comment on lines
79
to
+86
| query = db.query(Alert) | ||
|
|
||
| if user.role != UserRole.sysadmin: | ||
| if user.role == UserRole.soc: | ||
| query = query.join(Threat).join(User, Threat.created_by == User.id).filter(User.organization_id == user.organization_id) | ||
| else: | ||
| query = query.join(Threat).filter(Threat.created_by == user.id) | ||
| if user: | ||
| if user.role != UserRole.sysadmin: | ||
| if user.role == UserRole.soc: | ||
| query = query.join(Threat).join(User, Threat.created_by == User.id).filter(User.organization_id == user.organization_id) | ||
| else: | ||
| query = query.join(Threat).filter(Threat.created_by == user.id) |
| risk_result.risk_score = request.force_risk_score | ||
| risk_result.threat_detected = True | ||
| risk_result.threat_level = "CRITICAL" if request.force_risk_score >= 8.5 else ("HIGH" if request.force_risk_score >= 6.1 else "MEDIUM") | ||
| risk_result.classification_label = "RED_TEAM_ATTACK" |
Comment on lines
+92
to
93
| Classify text into a threat label (Forced Heuristics for Demo speed). | ||
| """ |
| sender: result.sender, | ||
| body: result.body, | ||
| subject: result.subject, | ||
| force_risk_score: result.risk_score || 9.8 // Use precalculated dataset score |
Comment on lines
+10
to
18
| from fastapi import APIRouter, Depends, HTTPException, UploadFile, File, status, BackgroundTasks, Request | ||
| from sqlalchemy.orm import Session | ||
| import json | ||
| import os | ||
|
|
||
| from app.database.session import get_db | ||
| from app.database.models.models import User, Threat | ||
| from app.api.dependencies.auth import get_current_user | ||
| from app.core.limiter import limiter |
Comment on lines
+44
to
+46
| // Use the public tunnel URL we set up earlier | ||
| final String apiUrl = 'https://cahpr-103-190-67-98.run.pinggy-free.link/api/v1'; | ||
|
|
Comment on lines
+231
to
+234
| final threatData = t['threat'] ?? {}; | ||
| final double risk = (threatData['risk_score'] ?? 0.0).toDouble(); | ||
| final Color color = risk > 70 ? Colors.redAccent : (risk > 40 ? Colors.orangeAccent : Colors.greenAccent); | ||
|
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Integrated the Enron dataset into the Red Team UI and fixed the mobile Flutter app risk score rendering.