JadxLab - Advanced OS Hardening & Network Control Panel

JadxLab is a comprehensive web-based control panel for OS hardening, network security, and Tor integration designed for Debian/Ubuntu systems. It provides administrators with powerful tools to monitor and secure their Linux environments.

🔒 Features

• Firewall Management: Configure and monitor firewall settings
• Tor Network Integration: Control Tor services, bridges, and routing
• Security Hardening: Run security scans and apply hardening configurations
• System Monitoring: Track system resources, open ports, and services
• PGP Authentication: Secure login using PGP key-based authentication

📋 Requirements

• Debian or Ubuntu-based Linux distribution
• Python 3.8+
• PostgreSQL database
• GnuPG installed on the system (for PGP authentication)

⚙️ Installation

Quick Installation (Recommended)

The easiest way to install JadxLab is using our automated installation script:

sudo chmod +x install.sh
sudo ./install.sh

This script will:

• Install all required system dependencies
• Set up the PostgreSQL database with a secure random password
• Configure the environment
• Create an admin user
• Set up JadxLab as a systemd service
• Configure firewall rules

After installation, JadxLab will be accessible at http://your-server-ip:5000 with default credentials:

• Username: admin
• Password: admin

⚠️ IMPORTANT: Change the default password immediately after your first login!

Manual Installation (Advanced)

If you prefer to install manually, follow these steps:

1. Clone the Repository

git clone https://github.com/yourusername/jadxlab.git
cd jadxlab

2. Set Up the Environment

# Create a virtual environment
python -m venv venv
source venv/bin/activate

# Install required Python packages
pip install -r requirements.txt

# Install system dependencies (sudo required)
sudo apt update
sudo apt install -y gnupg postgresql postgresql-contrib

3. Configure the Database

# Create a PostgreSQL database
sudo -u postgres psql -c "CREATE USER jadxlab WITH PASSWORD 'secure_password';"
sudo -u postgres psql -c "CREATE DATABASE jadxlab OWNER jadxlab;"

4. Configure Environment Variables

Create a .env file in the project root with the following content:

DATABASE_URL=postgresql://jadxlab:secure_password@localhost/jadxlab
SESSION_SECRET=your_random_secret_key_here

5. Initialize the Database

# Initialize database tables
flask db init
flask db migrate -m "Initial migration"
flask db upgrade

6. Run the Application

# Development mode
flask run --host=0.0.0.0 --port=5000

# Production mode with Gunicorn
gunicorn --bind 0.0.0.0:5000 --workers=4 main:app

🔐 PGP Key Authentication Setup

JadxLab supports PGP key-based authentication for enhanced security:

Generate a PGP Key Pair (if you don't have one)

# Generate a key pair
gpg --full-generate-key

# Export your public key
gpg --armor --export your@email.com > mykey.asc

Register Your Public Key

1. Log in to JadxLab with your username/password
2. Navigate to "PGP Security" in the sidebar
3. Paste your public key in the provided text area
4. Click "Save Public Key"

Authenticate Using Your PGP Key

1. Navigate to the Login page
2. Click "Use PGP Authentication"
3. Copy the challenge string
4. Sign it using your private key: echo "challenge-string" | gpg --clearsign
5. Paste the signed result in the form
6. Enter your username and submit

🔧 Advanced Configuration

Firewall Settings

JadxLab can work with both UFW and iptables. To enable UFW:

sudo apt install ufw
sudo ufw enable

Tor Integration

To fully utilize the Tor features:

sudo apt install tor
sudo systemctl enable tor

Security Scanning Tools

For security scanning functionality:

sudo apt install lynis rkhunter chkrootkit

🧩 Project Structure

• app.py: Flask application initialization
• auth.py: Authentication routes and logic
• models.py: Database models
• routes.py: Main application routes
• pgp_auth.py: PGP authentication implementation
• scripts/: Backend scripts for system operations
  • firewall.py: Firewall management functions
  • tor.py: Tor network functions
  • security.py: Security scanning functions
  • system.py: System monitoring functions
• static/: Static assets (CSS, JS, images)
• templates/: HTML templates
• keys/: Directory for storing PGP keys

📝 Default Credentials

⚠️ IMPORTANT: Change these credentials immediately after first login!

• Username: admin
• Password: admin

🔧 Troubleshooting

Permission Issues

Ensure the application has proper permissions to execute system commands:

# Add the user to the sudo group
sudo usermod -aG sudo your_user

# Configure sudo to allow specific commands without a password
echo "your_user ALL=(ALL) NOPASSWD: /usr/sbin/iptables, /usr/sbin/ufw, /usr/bin/systemctl" | sudo tee /etc/sudoers.d/jadxlab

Database Connection Issues

If you encounter database connection problems, verify:

1. PostgreSQL is running: sudo systemctl status postgresql
2. Your database exists: sudo -u postgres psql -c "\l"
3. Your database URL is correct in the .env file

🔄 Updates and Maintenance

To update JadxLab:

git pull
pip install -r requirements.txt
flask db upgrade

🛡️ Security Considerations

1. Change default credentials immediately after installation
2. Install and configure a proper SSL/TLS certificate for production
3. Consider running behind a reverse proxy (Nginx, Apache)
4. Limit access to the server's IP address using firewall rules
5. Consider using the PGP authentication for added security

📜 License

This project is licensed under the MIT License - see the LICENSE file for details.

🤝 Contributions

Contributions are welcome! Please feel free to submit a Pull Request.