VaultGuard Pro — Devpost Submission

Inspiration

Traditional security scanners are often "blind" to logic. They can find a missing header or a known CVE, but they rarely understand how multiple issues chain into a real breach.
I wanted an autonomous "Thinking Auditor" that doesn’t just list bugs—it uses deductive reasoning to answer the "Why" and "How" behind vulnerabilities (e.g. "Can this missing CSP header escalate that XSS into token theft?").
That vision led to VaultGuard Pro: a Neural SOC powered by Gemini 3 and a 32K thinking budget for forensic-style reasoning in the browser.

VaultGuard Pro is an autonomous Neural Security Operations Center (SOC). It runs a "Neural Mission" on any target URL:

Technology DNA (Ground Truth) — Deterministic, Wappalyzer-style fingerprinting from DOM and headers (React, Vite, Vue, Tailwind, WordPress, etc.) so the report only shows technologies that are actually present.
Multi-level scanning — FAST (headers, SSL, DNS), STANDARD (+ tech stack, CVE cross-reference via Search Grounding), DEEP (full DOM, 32K thinking, business logic and exploit chaining).
Recursive reasoning — Uses Gemini 3 Pro with a 32K thinking budget (DEEP mode) to simulate multi-step attack paths and chain vulnerabilities, not just list them.
Forensic-style report — Findings with severity, CWE, remediation, proof-of-concept, and NIST/MITRE CVE links; verification badges (200 / 403 / 404) and a PDF export aligned with the UI.
Live intelligence — Search Grounding for up-to-date CVE lookups so results are based on current data, not static databases.
Extra features — Expert Mode (custom headers/cookies for authenticated targets), Vault Academy (EN/MM security knowledge base), and bilingual UI (English / Myanmar).

The system is built around the Gemini 3 family and a clear split between speed and depth:

Gemini 3 Flash — Used for FAST and STANDARD missions: fast Technology DNA mapping, header/SSL/DNS analysis, and structured vulnerability output.
Gemini 3 Pro — Used for DEEP missions: 32K thinking budget for extended reasoning, full DOM analysis (up to 50K chars), and business-logic / exploit-chaining simulation.
Search Grounding — Integrated so the AI can pull live CVE and security intelligence instead of relying only on static data.
Frontend — React 19, TypeScript 5.8, Vite 6, and Framer Motion for a mission-style, animated dashboard and telemetry.
Architecture — Client-side only (no backend); scan runs in the browser with optional CORS extension for full DOM/headers when needed.
Tooling — Google AI Studio and Cursor AI for development and prompt engineering.

Prompt orchestration for 32K thinking — Guiding the model to do deep forensic deduction without drifting off-topic or hallucinating required careful prompt design and clear mission instructions (FAST / STANDARD / DEEP).
Ground Truth vs AI output — Keeping Technology DNA accurate meant adding deterministic fingerprinting first, then constraining the AI to only report technologies from that list (and to add runtime/language when a frontend framework is detected).
Browser limits — CORS and CSP on the deployed app initially blocked cross-origin fetch to arbitrary targets; I relaxed connect-src and frame-src in vercel.json so users can scan any site from the hosted app, and documented the CORS extension workflow (ON → reload → scan).

Recursive vulnerability chaining — In DEEP mode, the AI reasons through multi-step attack paths (e.g. "missing CSP header + XSS pattern → token theft") instead of returning a flat list of issues.
Production-ready Neural SOC — v1.6.3 with a responsive, animated UI, PDF reports, finding verification (200/403/404), CVE evidence links, and bilingual support (EN/MM).
Ground Truth Tech DNA — Deterministic fingerprinting plus AI merge so the report is accurate and consistent with what’s actually on the page (e.g. no “Next.js” when the site is Vite + React).
Transparent 32K usage — Terminal/telemetry shows when DEEP mode is using the 32K thinking budget so users and judges can see that extended reasoning is enabled.

Extended internal reasoning changes how security tooling can work: Gemini 3’s thinking budget lets the model “think through” steps before answering, similar to a human analyst.
Combining deterministic rules with AI (Ground Truth fingerprint + AI report) reduces hallucinations and keeps Technology DNA and findings trustworthy.
Search Grounding makes CVE and threat intelligence part of the same flow, so reports stay relevant without maintaining a separate CVE database.

Extension tuning — Refine how the app works with the CORS extension so that when users enable it, data quality and accuracy improve consistently (e.g. DOM, headers, probes).
Backend server — Add a dedicated backend server to run scans and analysis server-side, so results are more accurate and reliable than browser-only mode, and to support heavier or scheduled scans.
Multi-agent collaboration — Multiple Gemini agents "debating" severity and chaining for higher-confidence findings.
Safe exploitation simulation — Sandboxed execution of proof-of-concept payloads to validate findings without affecting real systems.
Cloud and infra integration — Extending the Neural Mission to scan and reason about AWS/Azure/GCP configurations and deployment posture.

Live app: vaultguard-pro.vercel.app
Version: 1.6.3 · Production Ready
License: GPL-3.0

I designed and implemented the entire project: architecture and data flow; integration with Gemini 3 Pro (32K thinking budget for DEEP scans) and Gemini 3 Flash (FAST/STANDARD); Search Grounding for live CVE lookups; deterministic Tech DNA fingerprinting and AI merge; React 19 + TypeScript + Vite frontend and mission-style UI; PDF export and finding verification; Expert Mode (headers/cookies) and Vault Academy (EN/MM); deployment on Vercel and CSP/CORS handling for the hosted scanner. All development, prompt engineering, and testing were done by me.

Sat Paing Oo
Always learning, forever curious | Building with logic, living with heart | Tech enthusiast

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.