Welcome to the Hermes Fullstack GitHub Organization! This space is dedicated to our fourth-year (tek 4) cybersecurity Capstone project at EPITECH Brussels. Our mission is to create an educational cybersecurity platform that introduces junior pentesters and students to real-world web security practices—aligned with the OWASP ASVS Level 1 framework.

Hermes Fullstack is a comprehensive cybersecurity training and vulnerability demonstration platform, developed by a team of four EPITECH Brussels students. Our key objectives:

1. Provide Hands-On Experience
   Practice identifying and exploiting common web vulnerabilities in a safe, controlled environment.

2. Demonstrate OWASP ASVS Level 1 Flaws
   Show typical pitfalls in areas like authentication, session management, and access control.

3. Offer Practical Tools
   Includes a Python-based web scanner and a user-friendly Ionic/React dashboard to manage scans, view reports, and learn about core security concepts.

For detailed setup, usage instructions, and component breakdown, visit the Hermes Fullstack repository.

Important: Parts of this project are intentionally vulnerable. Do not deploy to production or any public-facing servers.

• Web Scanner

  • Python-based
  • Asynchronous capabilities
  • Targets OWASP ASVS Level 1 vulnerabilities

• Weak Website

  • Frontend: React (TypeScript), demonstrating insecure authentication, session management flaws, etc.
  • Backend: NestJS + TypeORM, intentionally riddled with vulnerabilities.

• GUI

  • Ionic/React dashboard
  • Configure and launch scans, monitor results, and explore educational resources

• Containerization

  • Docker and Docker Compose for unified, portable deployment

This organization exists exclusively for the Hermes Fullstack project. It’s a dedicated space where:

• Team members coordinate development and track issues.
• Community members can observe and contribute to an educational cybersecurity project.
• EPITECH Brussels faculty can evaluate our Capstone progress and maintain academic oversight.

We’re four EPITECH Brussels students collaborating on this Capstone for our Cybersecurity Certification:

• Valentin Maurel
• Joseph Susanyan
• Swann Lagoute
• Antoine Girard

We welcome contributions and feedback from anyone passionate about cybersecurity or web development. Here’s how to get involved:

1. Read the Main README
   Learn about the project setup, architecture, and how each component works.
2. Open Issues
   Suggest improvements, propose new features, or point out bugs and vulnerabilities.
3. Submit Pull Requests
   Fork the repository, make your changes, and create a PR. Please follow any guidelines outlined in the project’s CONTRIBUTING.md (if available).

Hermes Fullstack is a learning community. We expect all contributors to behave respectfully and uphold a friendly, collaborative environment. See our Code of Conduct (or GitHub’s Community Guidelines) for details.

All repositories in this organization are released under the MIT License. Check individual repositories for any supplementary license or security disclaimers.

Educational and Training Use Only
This project contains intentionally vulnerable code and must not be deployed in production. The maintainers and EPITECH Brussels are not liable for any misuse or damage arising from its use in public environments.

• Faculty Advisor: [Name/Email if applicable]
• Team Leads: See “The Team” section above for individual contact details.
• General Inquiries: Please open a GitHub issue or reach out to any team member.

Thank you for visiting the Hermes Fullstack Organization. We hope this platform enriches your cybersecurity knowledge and provides a practical experience in web application security.

Happy hacking (responsibly)!