CyberDefence Platform

A comprehensive cybersecurity assessment platform for vulnerability scanning, threat intelligence, defence analysis, and automated reporting.

Welcome! This guide covers everything you need to know to use the CyberDefence platform effectively — from running your first scan to setting up automated schedules and managing teams.

Registration & Login

Creating an Account

Navigate to the platform URL and click Sign Up
Enter your email, full name, organization, and password
Your account will be created with the analyst role by default
Log in with your email and password

Password Reset

If you forget your password, click Forgot Password on the login page. Enter your email address and a reset link will be generated. An admin can also force-reset your password from the Admin Panel.

Account Lockout: After 5 failed login attempts within 15 minutes, your account will be temporarily locked for security. Wait 15 minutes or contact an admin.

Dashboard

The Dashboard is your command center — showing a real-time overview of your security posture.

What You'll See

Security Score Ring — Overall score (0-100) based on latest scan results
Vulnerability Summary — Breakdown by severity: Critical, High, Medium, Low
Score Trend Chart — Historical security score over time
Recent Scan History — Last 10 scans with target, module, and timestamp
Threat Globe — Visual representation of threat sources

From the dashboard, you can quickly navigate to start a new scan or view detailed results.

Running a Scan

To scan a target for vulnerabilities and security issues:

Navigate to New Scan from the sidebar
Enter the target domain (e.g., example.com) or IP address (e.g., 192.168.1.1)
Select a Scan Mode (see below)
Click Start Scan
Watch real-time progress as each module completes

Tip: After a scan completes, you'll be redirected to the results page. You can also generate a PDF report directly from the results.

Scan Modes

Mode	Modules	Best For
Quick	Reconnaissance only	Fast overview — port discovery, DNS, asset mapping
Standard	Recon + Vulnerability Assessment	Balanced scan with vulnerability detection
Comprehensive	Recon + Vulnerability + Defence + SIEM + VirusTotal	Full security audit with all modules
Custom	Choose individual modules	Targeted testing of specific areas

Custom Mode Modules

Port Discovery — Scan for open ports and services
SSL/TLS — Certificate and encryption analysis
Asset Mapping — Discover subdomains and related assets
DNS — DNS record enumeration
OSINT — Open-source intelligence gathering
SQLi — SQL injection testing

Live Tracker

The Live Tracker provides real-time visibility into ongoing scans.

Progress bar — Overall scan completion percentage
KPIs — Live counters for threats neutralized, open ports found, and vulnerabilities detected
Module status — See which module is currently running
Auto-refresh — Updates every 2 seconds until the scan completes

You can navigate directly to the Live Tracker from a running scan, or enter a Job ID to track a specific scan.

Vulnerabilities

The Vulnerability Assessment module performs deep scanning using multiple engines:

Nuclei Scanning — Template-based vulnerability detection (CVEs, misconfigurations)
CMS Plugin Check — WordPress/CMS plugin vulnerability analysis (WPScan)
SSL/TLS Analysis — Certificate issues, weak ciphers, protocol vulnerabilities

Severity Levels

Level	Description	Action
Critical	Actively exploitable, immediate risk	Fix immediately
High	Significant security risk	Fix within 24-48 hours
Medium	Moderate risk, harder to exploit	Fix within 1 week
Low	Informational or minimal risk	Review and track

Defence Analysis

The Defence module evaluates your target's security posture by checking:

Security Headers — Content-Security-Policy, X-Frame-Options, HSTS, etc.
SSL/TLS Configuration — Protocol versions, cipher suites, certificate validity
Server Configuration — Server version disclosure, directory listing, etc.
Cookie Security — HttpOnly, Secure, SameSite flags

Results are presented with a score and specific recommendations for improvement.

VirusTotal

Checks your target's reputation across 70+ antivirus engines and security services.

Domain/URL reputation — Is the target flagged as malicious?
Detection ratio — How many engines flag the target
Historical analysis — Past detections and community votes

API Key Required: VirusTotal features require an API key. Admins can configure this in the Admin Panel under API Keys Configuration.

Shodan Intel

Shodan provides intelligence on internet-facing assets:

Open Ports & Services — What's exposed to the internet
Technology Stack — Detected software versions
Known Vulnerabilities — CVEs associated with detected services
Geolocation — Physical location of the target infrastructure

API Key Required: Shodan features require a Shodan API key configured in the Admin Panel.

AbuseIPDB

Checks IP addresses against AbuseIPDB's threat intelligence database:

Abuse Confidence Score — How likely the IP is malicious (0-100%)
Report History — Number of abuse reports filed
Categories — Types of abuse reported (brute force, spam, DDoS, etc.)
ISP & Country — Network provider information

SIEM

The SIEM (Security Information and Event Management) module provides:

Event Analysis — Security events and anomalies detected during scanning
Log Correlation — Cross-referencing findings across multiple scan modules
Threat Timeline — Chronological view of security events
Analytics Dashboard — Visual breakdown of event types and severity

PDF Reports

Generate professional security assessment reports for your stakeholders.

How to Generate

Navigate to PDF Generator from the sidebar
Enter the Organization Name (appears on report header)
Enter the Target (domain/IP that was scanned)
Enter the Author name
Click Generate Report

Report Contents

Executive summary with overall security score
Vulnerability findings by severity
Defence configuration analysis
Recommendations and remediation steps
Technical details for each finding

Quick Tip: After completing a scan, you can auto-generate a report by clicking "Generate Report" on the results page — it pre-fills the target for you.

Reports History

View all previously generated reports. Each entry shows:

Target domain/IP
Organization name
Author
Generation date
Download link (if PDF was generated)

Scheduled Scans

Automate recurring security scans on your targets.

Creating a Schedule

Navigate to Schedules from the sidebar
Click New Schedule
Enter the target domain or IP
Choose a scan mode (Quick, Standard, Comprehensive)
Select frequency: daily, weekly, or monthly
Save the schedule

Managing Schedules

Toggle — Enable/disable a schedule without deleting it
Delete — Permanently remove a schedule
View — See next run time and last run results

Webhooks

Get notified when scans complete or critical vulnerabilities are found.

Setting Up

Go to Settings from the sidebar
Under Webhooks, enter your webhook URL (e.g., a Slack incoming webhook)
Choose notification triggers:
- Notify on Complete — Get notified when any scan finishes
- Notify on Critical — Get alerted only for critical findings
Click Add Webhook
Use Test to verify it's working

Teams

Collaborate with your team by sharing scan results and managing access.

Creating a Team

Navigate to Teams from the sidebar
Click Create Team
Enter a team name

Managing Members

Invite — Add members by email with a role (admin, member, viewer)
Remove — Remove members from the team
Share Scans — Share scan results with team members

Team Roles

Role	Permissions
Admin	Manage team, invite/remove members, share scans
Member	View shared scans, run scans
Viewer	View shared scans only

Admin Panel

The Admin Panel provides full system control (requires admin role).

System Stats

At-a-glance metrics: total users, active users, total scans, failed logins (24h), successful logins (24h).

User Management

View all users — Search and filter by email or name
View details — See a user's scan history and login attempts
Change role — Promote/demote between admin, analyst, viewer
Disable/Enable — Temporarily disable an account without deleting it
Force Password Reset — Generate a new reset token for a user
Delete — Permanently remove a user and all their data

Scan Management

View all recent scans across all users
Delete individual scans

API Keys Configuration

Configure external service API keys from the admin panel:

Shodan API Key
AbuseIPDB API Key
VirusTotal API Key
WPScan API Key
NVD API Key

Safety: Admins cannot delete or disable their own account to prevent lockout.

Settings

The Settings page shows:

System Health — API status (online/offline)
Your Profile — Email, name, organization, role
Webhook Management — Add, test, and delete webhooks

Roles & Permissions

Feature	Admin	Analyst	Viewer
Run scans	✓	✓	✗
View scan results	✓	✓	✓
Generate reports	✓	✓	✗
Create schedules	✓	✓	✗
Manage webhooks	✓	✓	✗
Create/manage teams	✓	✓	✗
Admin Panel access	✓	✗	✗
Manage users	✓	✗	✗
Configure API keys	✓	✗	✗