A comprehensive digital scam detection and education platform. ScamGuard helps users identify and protect themselves from online scams through intelligent analysis, threat intelligence, and interactive education.
- Scam Checker - Analyze text, URLs, and images for potential scams
- OCR & Image Analysis - Extract and analyze text from screenshots
- Threat Intelligence - Integration with Google Safe Browsing, VirusTotal, PhishTank
- Risk Scoring - ML-powered risk assessment (0-100 scale)
- Educational Hub - Learn about different scam types and protection strategies
- Interactive Quiz - Test your knowledge with gamified learning
- End-to-End Encryption - Secure data transmission
- GDPR Compliant - Right to Erasure (Article 17) implementation
- User Authentication - Secure JWT-based auth
- Rate Limiting - Protection against abuse
- Data Retention Policy - Automatic cleanup of old scans
- Structured Logging - JSON logs for production
- Prometheus Metrics - System monitoring
- Sentry Integration - Error tracking and performance monitoring
- OpenTelemetry - Distributed tracing
- Health Checks - Platform status monitoring
- React 18 - UI framework
- TypeScript - Type safety
- Vite - Build tooling
- Tailwind CSS - Styling
- React Router - Routing
- Axios - HTTP client
- Express.js - Web framework
- TypeScript - Type safety
- MongoDB - Document database
- Redis - Caching & sessions
- BullMQ - Job queue
- Node-Cron - Scheduled tasks
- Python FastAPI - ML service
- PyTorch - Deep learning
- Tesseract - OCR engine
- scikit-learn - ML utilities
ScamGuard/
βββ src/ # Frontend (React)
β βββ components/ # React components
β βββ pages/ # Page components
β βββ main.tsx # Entry point
βββ backend/ # Backend API (Express/Node.js)
β βββ src/
β β βββ config/ # Configuration
β β βββ controllers/ # Request handlers
β β βββ models/ # Database schemas
β β βββ routes/ # API routes
β β βββ middleware/ # Express middleware
β β βββ workers/ # Job queue workers
β β βββ jobs/ # Scheduled tasks
β βββ tests/ # Unit & integration tests
β βββ README.md # Backend documentation
βββ ai-service/ # AI/ML Service (Python)
β βββ app/
β β βββ main.py # API server
β β βββ ml_model.py # ML model
β β βββ ocr.py # OCR processing
β β βββ models.py # Request/response models
β βββ tests/ # Tests
β βββ README.md # AI service documentation
βββ docs/ # Documentation
β βββ OBSERVABILITY.md # Monitoring & alerting
β βββ alerting-runbook.md # Operations guide
β βββ PROJECT_DOCUMENTATION_A_TO_Z.md # Comprehensive guide
βββ package.json # Frontend dependencies
βββ README.md # This file
- Node.js 18+
- Python 3.10+ (for AI service)
- MongoDB 6.0+
- Redis 7.0+
- npm or yarn
- Docker & Docker Compose (optional, recommended for local dev)
# Clone and navigate to project
git clone <repository>
cd ScamGuard
# Start all services with Docker Compose
docker-compose up -d
# Services will be available at:
# Frontend: http://localhost:5173
# Backend API: http://localhost:3000
# AI Service: http://localhost:8000# Install dependencies
npm install
# Create environment file
cp .env.example .env.local
# Start development server
npm run devFrontend runs on http://localhost:5173
cd backend
# Install dependencies
npm install
# Create environment file
cp .env.example .env.local
# Start development server
npm run devBackend API runs on http://localhost:3000
See backend/README.md for detailed setup.
cd ai-service
# Create Python virtual environment
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
# Install dependencies
pip install -r requirements-dev.txt
# Create environment file
cp .env.example .env.local
# Start service
python -m app.mainAI Service runs on http://localhost:8000
See ai-service/README.md for detailed setup.
# Frontend
npm run dev # Start development server
npm run build # Build for production
npm run preview # Preview production build
npm run lint # Run linter
npm test # Run tests
npm run test:coverage # Generate coverage report
# Backend
cd backend
npm run dev # Start development server
npm run build # Compile TypeScript
npm run start # Run compiled code
npm run lint # Run ESLint
npm run type-check # Check TypeScript
npm test # Run tests
# AI Service
cd ai-service
python -m app.main # Start service
python -m pytest # Run tests- Frontend: http://localhost:5173
- Backend API: http://localhost:3000/api
- AI Service: http://localhost:8000
Authentication:
POST /api/auth/register- Register userPOST /api/auth/login- Login userPOST /api/auth/refresh-token- Refresh JWT
Scans:
POST /api/scans- Submit scan (text/url/image)GET /api/scans- List user's scansGET /api/scans/:id- Get scan results
Analytics:
GET /api/analytics/summary- Platform statisticsGET /api/analytics/trends- 30-day trendsGET /api/analytics/user- User statistics
User:
GET /api/user/profile- Get user profileDELETE /api/user/data- Delete all data (GDPR)
See backend/README.md for complete API reference.
- users - User accounts and authentication
- scans - Submitted scans and results
- reports - Verified scam reports
- conversations - Multi-turn chat history
- quiz_results - Quiz attempt results
session:*- User session datarefreshToken:*- Refresh token storageanalytics:*- Cached analyticsscan:*- Scan processing queue
Each service has its own .env.example file:
- Frontend: .env.example
- Backend: backend/.env.example
- AI Service: ai-service/.env.example
Copy these to .env.local in each service directory and fill in values.
npm test # Run tests
npm run test:coverage # Generate coverage reportcd backend
npm test # Run tests
npm run test:watch # Watch mode
npm run test:coverage # Coverage reportcd ai-service
python -m pytest # Run tests
python -m pytest --cov # Coverage reportnpm run test:e2e # Run Playwright testsEach service has a Dockerfile:
# Build images
docker build -t scamguard-frontend .
docker build -t scamguard-backend backend/
docker build -t scamguard-ai-service ai-service/
# Run with Docker Compose
docker-compose upDevelopment:
NODE_ENV=development
LOG_LEVEL=debugProduction:
NODE_ENV=production
LOG_LEVEL=warn
DATA_RETENTION_DAYS=90- Secrets - Never commit
.envfiles - HTTPS - Enable in production
- Dependencies - Keep updated (
npm audit) - Rate Limiting - Enabled on sensitive endpoints
- CORS - Configured for frontend domain
- JWT Secrets - Use strong, unique secrets
- Right to Erasure -
DELETE /api/user/data - Data Retention - Configurable retention period
- Analytics Privacy - No personal data in aggregations
- Image Privacy - No raw image data stored
# Backend health
curl http://localhost:3000/health
# Frontend visual status
curl http://localhost:5173# Prometheus metrics (requires IP allowlist)
curl http://localhost:3000/metrics# Backend logs
tail -f backend/logs/combined.log
# AI service logs
# Check console outputSee docs/OBSERVABILITY.md for detailed monitoring setup.
Port already in use:
# Find process on port 3000
lsof -i :3000
kill -9 <PID>Database connection failed:
# Check MongoDB is running
mongoshRedis connection failed:
# Check Redis is running
redis-cli pingPython module not found:
# Activate virtual environment
source ai-service/venv/bin/activate
pip install -r requirements-dev.txtSee docs/alerting-runbook.md for more troubleshooting.
- Create a feature branch
- Make your changes
- Run tests and linter
- Submit a pull request
- Ensure CI/CD passes
- TypeScript for all JavaScript code
- Use Prettier for formatting
- Use ESLint for linting
- Write tests for new features
- Update documentation
Private
- π§ Email: support@scamguard.com
- π Documentation: docs/
- π Issues: GitHub Issues
- π Guides: PROJECT_DOCUMENTATION_A_TO_Z.md
Built by the ScamGuard team to help protect users from online scams.
Last Updated: 2026-04-20
Version: 1.0.0