https://github.com/haxurn/vuln-champ
VulnChamp is a performance-driven platform that ranks and rewards team members based on the vulnerabilities they discover. It features leaderboards, detailed vulnerability statistics, progress tracking, and gamification elements to encourage healthy competition and recognize outstanding contributions in cybersecurity.
https://github.com/haxurn/vuln-champ
analytics badge dashboard nextjs pris ranking shadcn-ui tailwindcss typescript user-dashboard user-engagement
Last synced: about 1 month ago
JSON representation
VulnChamp is a performance-driven platform that ranks and rewards team members based on the vulnerabilities they discover. It features leaderboards, detailed vulnerability statistics, progress tracking, and gamification elements to encourage healthy competition and recognize outstanding contributions in cybersecurity.
- Host: GitHub
- URL: https://github.com/haxurn/vuln-champ
- Owner: haxurn
- License: mit
- Created: 2024-12-19T09:18:44.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2025-01-03T22:44:49.000Z (over 1 year ago)
- Last Synced: 2025-12-13T21:25:29.292Z (6 months ago)
- Topics: analytics, badge, dashboard, nextjs, pris, ranking, shadcn-ui, tailwindcss, typescript, user-dashboard, user-engagement
- Language: TypeScript
- Homepage:
- Size: 1.03 MB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# VulnChamp
### Overview
The VulnChamp highlights the best workers of the weekend based on the vulnerabilities they find. It promotes healthy competition and recognizes outstanding performance within the team.
### Features
### 1. Leaderboard Section
#### Steps:
1. Collect data on vulnerabilities found by each team member.
2. Rank team members based on the number of vulnerabilities found.
3. Display the leaderboard with the following details:
- Worker name
- Number of vulnerabilities found.
- Severity breakdown (low, medium, high).
- Short description of the vulnerability.
- Date of the vulnerability discovery.
4. Award badges for "Top Hunter," "Runner-up," and "Honorable Mention."
### 2. Vulnerability Statistics
#### Steps:
1. Categorize vulnerabilities by type (e.g., SQL injection, XSS, etc.).
2. Aggregate severity data for all findings.
3. Create graphical representations:
- Bar chart for vulnerability types.
- Pie charts for severity distribution.
4. Add filtering options for specific time periods (e.g., last week, last month, etc.) and categories (e.g., SQL injection, XSS, etc.).
### 3. Weekly Highlights
#### Steps:
1. Identify the notable vulnerabilities found by each team member during the week.
2. Dedicated section for these highlights.
3. Include the following details:
- Worker name.
- Vulnerability type.
- Severity and impact.
- Techniques used to identify or exploit it.
- Short description of the vulnerability.
- Date of the vulnerability discovery.
### 4. Progress Tracker
#### Steps:
1. Track individual performance over time.
2. Line graph to represent weekly or monthly progress.
3. Include cumulative points earned based on vulnerability severity.
4. Allow workers to view and analyze their own performance history.
### 5. Team Contributions
#### Steps:
1. Aggregate statistics for the entire team.
2. Display total vulnerabilities found.
3. Calculate averagge severity score for the team.
4. Highlight the team's overall improvement or trends.
### 6. Gamification
#### Steps:
1. A points system based on severity:
- Low: 1 point
- Medium: 3 points
- High: 5 points
2. Create badges and achievements for milestones.
3. Add weekly streak rewards for consistent performance.
### 7. Dynamic Themes
#### Steps:
1. A light and dark mode.
2. Dynamic color schemes based on the team's performance.
3. Customizable themes for each team member.
### 8. Real-time Updates
#### Steps:
1. Notify team members of new vulnerabilities.
2. Real-time updates on the leaderboard.
## System Architecture
### 1. Frontend
#### Steps:
1. Next.js for the `frontend`.
2. Style components using `Tailwind CSS`, `Shadcn UI`, and `Radix UI`.
3. `Chart.js` and `D3.js` for creating interactive visualizations.
4. Components:
- Leaderboard
- Statistics
- Personal dashboard.
### 2. Backend
#### Steps:
1. `Node.js` with `TypeScript` for the `backend`.
2. `RESTful` APIs for:
- Fetching leaderboard data.
- Storing vulnerability findings.
- Serving statistics and progress data.
3. WebSockets for real-time updates.
### 3. Database
#### Steps:
1. `PostgreSQL` for the database.
2. Database schema using `Prisma ORM`
### 4. Authentication
#### Steps:
1. JWT authentication for secure authentication.
2. Role-based access control.
- Admin: Full control over the dashboard.
- User: Limited to their data and rankings.
3. secure token storage and refresh mechanisms.
## License
This project is licensed under the MIT License - see the [LICENSE](./LICENSE) file for details.