{"id":29523906,"url":"https://github.com/spk-22/secure-retail","last_synced_at":"2026-05-03T21:34:43.271Z","repository":{"id":304695774,"uuid":"1019644582","full_name":"spk-22/Secure-Retail","owner":"spk-22","description":"Welcome to the Secure Retail interactive demonstration! This application is designed to showcase a comprehensive suite of cybersecurity measures specifically tailored for modern retail environments, encompassing both online e-commerce platforms and physical point-of-sale (POS) systems.","archived":false,"fork":false,"pushed_at":"2025-07-14T16:54:28.000Z","size":21,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-07-14T21:25:43.120Z","etag":null,"topics":["application-layer-security","cybersecurity-in-retail","firmware-threat-detection","linux","sparkathon-hackathon","streamlit","walmart"],"latest_commit_sha":null,"homepage":"https://youtu.be/ggI-fXVUqUw","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/spk-22.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-07-14T16:40:24.000Z","updated_at":"2025-07-14T16:54:33.000Z","dependencies_parsed_at":"2025-07-14T21:29:42.486Z","dependency_job_id":"563dbc52-0d42-49e1-89fe-ed4b4113dbd8","html_url":"https://github.com/spk-22/Secure-Retail","commit_stats":null,"previous_names":["spk-22/secure-retail"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/spk-22/Secure-Retail","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spk-22%2FSecure-Retail","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spk-22%2FSecure-Retail/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spk-22%2FSecure-Retail/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spk-22%2FSecure-Retail/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/spk-22","download_url":"https://codeload.github.com/spk-22/Secure-Retail/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spk-22%2FSecure-Retail/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":265529193,"owners_count":23782851,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["application-layer-security","cybersecurity-in-retail","firmware-threat-detection","linux","sparkathon-hackathon","streamlit","walmart"],"created_at":"2025-07-16T18:08:53.619Z","updated_at":"2026-05-03T21:34:43.219Z","avatar_url":"https://github.com/spk-22.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🛡️ Secure Retail – Walmart Hackathon Project\n\nA dual-protection cybersecurity suite for retail—featuring user trust scoring, firmware integrity scans, zero-trust controls, and more. Built using Python and Streamlit.\n\n\n## Overview\n\nSecureWalmart Suite is a dual-module security system designed to protect both hardware-level infrastructure and application-level activities in a retail environment.\n\nIt consists of:\n\n- **Firmware Sentinel** – A bootable Linux-based scanning tool that simulates detection of firmware threats like LoJax and MoonBounce.\n- **Retail Trust Shield** – A Streamlit-based dashboard for monitoring admin activity, payment integrity, and customer-side behavioral anomalies.\n\n---\n\n## Part 1: Firmware Sentinel (Bootable Linux Environment)\n\n### Purpose\n\n\nThis tool initiates a detection workflow to identify advanced threats like LoJax and MoonBounce, which reside in the SPI flash memory and persist below the operating system.\n\nIt is designed to interface with low-level tools such as `CHIPSEC` or `flashrom` when run in a privileged Linux environment (e.g., bootable Ubuntu USB). The tool simulates UEFI module analysis, integrity verification, and log generation.\n\nIt provides a viable framework for future extension into real-time hardware-integrated detection.\n\n---\n\n### Setup Instructions\n\n#### Step 1: Requirements\n\n- Ubuntu ISO (22.04 LTS or later): https://ubuntu.com/download/desktop  \n- USB drive (minimum 8 GB)  \n- Bootable USB creator (Rufus or BalenaEtcher)  \n- Internet access during session (optional)  \n\n---\n\n#### Step 2: Create a Bootable USB\n\n1. Use Rufus or BalenaEtcher to flash the Ubuntu ISO to your USB.\n2. Boot the target system from USB.\n3. Choose **\"Try Ubuntu\"** when prompted.\n\n---\n\n#### Step 3: Install Environment Tools\n\nOnce booted into Ubuntu, open the terminal and run:\n\n```bash\nsudo apt update\nsudo apt install python3 python3-pip\npip3 install streamlit\n```\n\n---\n\n#### Step 4: Clone the Project and Run the Firmware Tool\n\n```bash\ngit clone https://github.com/yourusername/securewalmart-suite.git\ncd securewalmart-suite\npython3 firmware_sentinel.py\n```\n\nThis tool will:\n\n- Simulate scanning of UEFI modules  \n- Flag unknown GUIDs and modified firmware sections  \n- Generate logs under the `logs/` directory  \n\nThese logs can be imported into the dashboard for further analysis.\n\n---\n\n## Part 2: Retail Trust Shield (Admin \u0026 Customer-Facing Simulation)\n\n### Purpose\n\nRetail Trust Shield is a frontend dashboard for simulating modern application-layer protections such as:\n\n- Admin anomaly detection  \n- Honeypot login monitoring  \n- Secure payment tracking via hashing  \n- Customer behavior monitoring via biometrics  \n- Dynamic MFA triggers  \n\n---\n\n### Setup Instructions\n\n#### Step 1: Install Streamlit\n\nIf Streamlit is not already installed, run:\n\n```bash\npip3 install streamlit\n```\n\n---\n\n#### Step 2: Run the Application\n\nFrom the root project directory:\n\n```bash\ncd securewalmart-suite\nstreamlit run main_app.py\n```\n\n---\n\n## Dashboard Features\n\n### Page 1: Firmware Log Viewer\n\n- Upload logs from the Firmware Sentinel tool  \n- Parse and display suspicious GUIDs  \n- Simulate forensic analysis of SPI flash data  \n\n---\n\n### Page 2: Retail Trust Shield\n\n- Admin login anomaly detection using simulated LLM analysis  \n- Honeypot ports for threat diversion  \n- Payment integrity checks via hash comparison  \n- Behavioral biometric tracking (typing, movement simulation)  \n- Smart MFA triggering and session revalidation  \n\n---\n\n## Tech Stack\n\n- Python 3.x  \n- Tkinter (firmware GUI)  \n- Streamlit (dashboard UI)  \n- JSON/text log simulation  \n- Simulated GPT/LLM anomaly engine  \n- Behavioral biometrics (mocked patterns)\n\n---\n\n## Future Enhancements\n\n- Real CHIPSEC + SPI flash integrations  \n- TPM-backed boot validation  \n- True LLM-based log parsing  \n- Unified timeline visualization across both tools  \n\n---\n\n## Conclusion\n\nSecureCart models a multi-layered defense system that:\n\n- Scans deep firmware components from a secure environment  \n- Protects frontend admin and customer interfaces from misuse and fraud  \n\nTogether, the suite delivers protection from power-on to checkout.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspk-22%2Fsecure-retail","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fspk-22%2Fsecure-retail","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspk-22%2Fsecure-retail/lists"}