Map your digital attack surface. Quantify identity risk. Simulate real-world compromise.
Features β’ Screenshots β’ Architecture β’ Getting Started β’ API Reference β’ Tech Stack
DEXIS is a cybersecurity SaaS platform that treats your digital identity as an interconnected attack surface. Instead of looking at services in isolation, DEXIS maps the dependency chains between your accounts β Google, GitHub, AWS, banking, Slack, and more β to reveal how a single compromised credential can cascade into full identity takeover.
Try it instantly β the demo mode loads with 8 pre-configured services, real threat data, and full attack simulation. No signup required.
Interactive dependency graph powered by React Flow. Visualize how your Google Account connects to GitHub, which connects to AWS, which holds your infrastructure. Every node shows risk level, exposed data points, and compromise status.
Quantified risk scoring (0β100) calculated from service dependencies, exposure categories, and attack chain analysis. The engine evaluates:
- Identity exposure β primary identity provider risk (+25)
- Financial linkage β banking services tied to primary identity (+15)
- Cloud sprawl β number of cloud services connected (+5 each, max 15)
- Communication channels β SSO-linked messaging platforms (+8)
- Attack chains β dangerous combinations like GitHub + AWS (+3)
Simulate real-world compromise scenarios starting from your primary identity. DEXIS generates multi-hop attack paths with step-by-step breakdowns:
Google Account β GitHub (SSO bypass) β Scan repos for secrets β AWS Console (stolen IAM keys) β S3 data exfiltration
Each simulation calculates:
- Total compromised services and blast radius
- Estimated time to full compromise (< 4 hours typical)
- Financial exposure ($50Kβ$250K for banking-linked identities)
- Data records at risk (~12,400 for a typical 8-service footprint)
Automated scanning across all connected services. Detects:
- Reused passwords across services
- Exposed IAM access keys in public repositories
- Weak 2FA configurations (email-only)
- Stale OAuth tokens with broad scopes
- Public profile data exposure
- Workspace tokens in localStorage
Real-time threat feed with severity-tagged alerts:
- CRITICAL β Credential stuffing attacks, IAM key exposure, financial account takeover vectors
- HIGH β OAuth token hijacking, spear phishing via LinkedIn, supply chain attack vectors
- MEDIUM β Session token theft, external page sharing, public profile exposure
Prioritized, actionable remediation steps:
- Enable 2FA on all services (currently 2/8)
- Revoke 9 unused OAuth tokens (90+ days stale)
- Rotate AWS access keys (180+ days without rotation)
- Remove .env files from 3 public GitHub repos
- Upgrade banking 2FA from email to hardware token
Manage your account, view scan history, track risk score trends, and configure your organization details.
| Dashboard | Attack Surface |
|---|---|
|
|
| Simulation | Security Scan |
|---|---|
|
|
| Login | Landing Page |
|---|---|
 |
 |
Note: Add your own screenshots to
docs/screenshots/after running the application.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Frontend (React) β
β β
β Landing βββ Login βββ Dashboard βββ Attack Surface β
β β β β
β Simulation ββββ Scan ββββ Profile β
β β
β Components: Sidebar, Header, RiskScoreCard, β
β AttackGraphCard, SimulationCard β
β β
β Services: api.js (Axios + JWT interceptor) β
ββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββ
β Vite Proxy (/api β :5001)
ββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββββββ
β Backend (Express 5) β
β β
β Routes: β
β /api/auth ββββββββ Google OAuth + Demo login β
β /api/user ββββββββ Unified data endpoint β
β /api/risk-score ββ Risk calculation β
β /api/simulate ββββ Attack simulation β
β /api/scan ββββββββ Vulnerability scanning β
β β
β Services: β
β riskEngine.js ββββ Quantified risk scoring β
β attackSimulator.js ββ Multi-hop attack path generation β
β β
β Middleware: JWT auth (7-day tokens) β
ββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββββββ
β MongoDB (Mongoose 9) β
β β
β Collections: β
β users ββββ name, email, riskScore, org, role β
β accounts ββ serviceName, riskLevel, dependencyType, β
β exposedData[], connectedSince β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- Node.js 18+ (or Bun)
- MongoDB β local instance or MongoDB Atlas connection string
- Google OAuth Client ID (optional, for Google login)
git clone https://github.com/your-username/dexis.git
cd dexiscd Backend
npm installCreate a .env file:
PORT=5001
MONGO_URI=mongodb://localhost:27017/dexis
JWT_SECRET=your-secret-key-here
GOOGLE_CLIENT_ID=your-google-client-id-hereStart the backend:
npm run devcd Frontend/dexis
npm install
npm run devThe frontend runs on http://localhost:5173 with API requests proxied to http://localhost:5001.
Open http://localhost:5173 β Click Try Demo β Explore the full dashboard with pre-loaded threat data.
| Method | Endpoint | Auth | Description |
|---|---|---|---|
POST |
/api/auth/google |
β | Authenticate with Google OAuth credential |
POST |
/api/auth/demo |
β | Create/login demo account with sample data |
GET |
/api/user |
JWT | Get user profile, accounts, threats, recommendations, exposure |
PUT |
/api/user/profile |
JWT | Update user name, organization, role |
GET |
/api/risk-score |
JWT | Calculate risk score with breakdown |
POST |
/api/simulate-attack |
JWT | Run attack simulation, get paths and blast radius |
POST |
/api/scan |
JWT | Run security scan, get findings and service status |
GET |
/health |
β | Health check |
All protected endpoints require a Bearer token in the Authorization header:
Authorization: Bearer <jwt_token>
Tokens are valid for 7 days.
| Technology | Version | Purpose |
|---|---|---|
| React | 19.2 | UI framework |
| Vite | 7.3 | Build tool and dev server |
| React Router | 7.13 | Client-side routing |
| Tailwind CSS | 4.2 | Utility-first styling |
| Framer Motion | 12.34 | Animations and transitions |
| React Flow | 12.10 | Interactive graph visualization |
| Axios | 1.13 | HTTP client with interceptors |
| Technology | Version | Purpose |
|---|---|---|
| Express | 5.2 | HTTP server framework |
| Mongoose | 9.2 | MongoDB ODM |
| jsonwebtoken | 9.0 | JWT authentication |
| google-auth-library | 10.5 | Google OAuth verification |
| cors | 2.8 | Cross-origin resource sharing |
| dotenv | 17.3 | Environment variable management |
dexis/
βββ Backend/
β βββ middleware/
β β βββ auth.js # JWT generation & verification
β βββ models/
β β βββ User.js # User schema
β β βββ Account.js # Connected service schema
β βββ routes/
β β βββ auth.js # Google OAuth + demo login
β β βββ user.js # User data + profile updates
β β βββ risk.js # Risk score calculation
β β βββ simulation.js # Attack simulation
β β βββ scan.js # Vulnerability scanning
β βββ services/
β β βββ riskEngine.js # Risk scoring algorithm
β β βββ attackSimulator.js # Attack path generation
β βββ server.js # Express app entry point
β βββ package.json
β
βββ Frontend/dexis/
β βββ src/
β β βββ components/
β β β βββ AttackGraphCard.jsx # React Flow graph
β β β βββ DashboardLayout.jsx # Layout with sidebar
β β β βββ Header.jsx # Page header
β β β βββ RiskScoreCard.jsx # Circular risk gauge
β β β βββ Sidebar.jsx # Navigation sidebar
β β β βββ SimulationCard.jsx # Simulation results
β β βββ pages/
β β β βββ Landing.jsx # Public landing page
β β β βββ Login.jsx # Authentication page
β β β βββ Dashboard.jsx # Main dashboard
β β β βββ AttackSurface.jsx # Service dependency map
β β β βββ Simulation.jsx # Attack simulation
β β β βββ Scan.jsx # Security scanner
β β β βββ Profile.jsx # User profile
β β β βββ Settings.jsx # Account settings
β β βββ services/
β β β βββ api.js # Axios instance + API methods
β β βββ App.jsx # Router configuration
β β βββ main.jsx # React entry point
β β βββ index.css # Global styles + theme
β βββ vite.config.js # Vite + proxy config
β βββ package.json
β
βββ README.md
The demo account comes pre-loaded with:
| Service | Risk Level | Dependency Type | Exposed Data Points |
|---|---|---|---|
| π Google Account | HIGH | Primary | 7 (email, name, photo, recovery phone, apps, calendar, contacts) |
| π GitHub | HIGH | Cloud | 6 (source code, API keys, SSH keys, org access, CI/CD secrets, emails) |
| πΌ LinkedIn | MEDIUM | Professional | 6 (employment, network, email, phone, location, skills) |
| π¦ Dropbox | MEDIUM | Cloud | 5 (documents, tax returns, shared folders, metadata, links) |
| π¦ Banking Service | CRITICAL | Financial | 6 (account numbers, transactions, routing, cards, beneficiaries, statements) |
| π¬ Slack | HIGH | Communication | 6 (messages, files, history, DMs, tokens, directory) |
| βοΈ AWS Console | CRITICAL | Cloud | 6 (infrastructure, S3, IAM, billing, databases, Lambda) |
| π Notion | LOW | Cloud | 5 (docs, meeting notes, roadmaps, wiki, API tokens) |
Demo risk score: 78/100 (CRITICAL)
This project is for educational and demonstration purposes.
Built with β and a healthy paranoia about digital security.