Release version 1.2.0 with major enhancements and fixes

- Added support for native mobile app scanning, including Android and iOS manifest analysis.
- Introduced UI/UX improvements such as collapsible tool categories, categorized tool grid, and visual status indicators.
- Fixed Snyk scanner to handle cases where SNYK_TOKEN is not provided, preventing authentication errors.
- Removed LLM chat integration and WebUI interactive buttons for a streamlined single-shot scan experience.
- Updated Docker configurations and scripts to reflect the new version and improve overall functionality.

Author: fr4iser90

CHANGELOG.md

@@ -2,6 +2,36 @@
 
 All notable changes to this project will be documented in this file.
 
+## [1.2.0] - 2025-10-28
+
+### Added
+- **Native Mobile Apps Support** - Android and iOS manifest analysis
+  - Android: Manifest parsing for permissions, exported components, and vulnerabilities
+  - iOS: Plist analysis for security configurations
+  - Automatic detection of mobile app projects
+
+### Enhanced - UI/UX Improvements
+- **Collapsible Tool Categories** - Auto-collapse clean categories, expand only those with issues
+- **Categorized Tool Grid** - Tools grouped by functionality (Static Analysis, Dependencies, Secrets, etc.)
+- **Visual Status Indicators** - Color-coded left borders (Green=Clean, Yellow=Issues, Gray=Skipped)
+- **Compact Tool Cards** - More efficient space usage with modern card-based layout
+- **Tool Status Badges** - Clear indication of findings count
+- **Category Statistics** - Shows count of tools with issues per category
+
+### Fixed
+- **Snyk Scanner** - No longer fails when SNYK_TOKEN is not provided
+  - Gracefully skips with clear message
+  - Prevents authentication errors (401)
+  - Shows skipped status in report
+
+### Removed
+- **LLM Chat Integration** - Removed for single-shot scan compatibility
+- **WebUI Interactive Buttons** - Removed scan/refresh controls for standalone reports
+
+### Changed
+- **Single-Shot Focus** - Reports are now fully standalone with no backend dependencies
+- **Simplified Architecture** - Removed all interactive web features
+
 ## [1.1.0] - 2025-10-26
 
 ### Added - Major Scanner Expansion

Dockerfile

@@ -178,6 +178,10 @@ RUN chmod +x /SimpleSecCheck/scripts/configure.py
 RUN apt-get install -y sudo && \
     echo 'scanner ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
 
+# Copy and set up entrypoint script
+COPY entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
 # Switch to non-root user
 USER scanner
 
@@ -250,4 +254,5 @@ ENV BANDIT_CONFIG_PATH=/SimpleSecCheck/bandit/config.yaml
 ENV ANCHORE_CONFIG_PATH=/SimpleSecCheck/anchore/config.yaml
 
 WORKDIR /zap/wrk
+ENTRYPOINT ["/entrypoint.sh"]
 CMD ["bash"]

VERSION

@@ -1 +1 @@
-1.1.0
+1.2.0

docker-compose.yml

@@ -5,9 +5,9 @@ services:
       context: .
       dockerfile: Dockerfile
       args:
-        VERSION: 1.1.0
+        VERSION: 1.2.0
     # image: fr4iser/simpleseccheck:latest  # Aus Docker Hub (auskommentiert für lokales Building)
-    container_name: SimpleSecCheck_scanner_v1.1.0
+    container_name: SimpleSecCheck_scanner_v1.2.0
     volumes:
       - ./results:/SimpleSecCheck/results
       - ./logs:/SimpleSecCheck/logs

docs/implementation_summary.md

@@ -0,0 +1,110 @@
+# SimpleSecCheck UI/UX Implementation Summary
+
+## ✅ Completed Improvements
+
+I've successfully implemented the key UI/UX improvements to SimpleSecCheck:
+
+### 1. **Glassmorphism Modern Design** ✨
+- Applied modern glassmorphism styling throughout
+- Gradient backgrounds (purple/blue for light mode, navy/black for dark mode)
+- Frosted glass effects with `backdrop-filter: blur()`
+- Semi-transparent cards with subtle borders
+- Enhanced hover effects with smooth transitions
+
+### 2. **Executive Dashboard** 📊
+- Added executive summary cards at the top
+- Shows Critical Issues, High Severity, Medium Severity counts
+- Displays Tools Passed ratio
+- Calculated Security Score (0-100)
+- Color-coded score indicator (Green/Yellow/Red)
+
+### 3. **Which Scans Ran Section** 🔍
+- New section showing which security tools were executed
+- Visual status indicators (green/yellow/red dots)
+- Grid layout for easy scanning
+- Tip legend explaining status colors
+
+### 4. **Enhanced Visuals** 🎨
+- Gradient text headers
+- Modern card-based layout
+- Better spacing and typography
+- Responsive mobile design
+- Improved dark mode support
+
+## 📝 Files Modified
+
+1. **`scripts/html_utils.py`** - Complete rewrite with:
+   - Modern glassmorphism CSS
+   - Executive summary function
+   - Tool status section function
+   - Backward compatible legacy functions
+
+2. **`scripts/generate-html-report.py`** - Updated to:
+   - Import new functions
+   - Collect all findings for executive summary
+   - Track which tools were executed
+   - Display new sections
+
+## 🎯 What You Get
+
+The HTML reports now include:
+
+```
+┌────────────────────────────────────────┐
+│ SimpleSecCheck Security Scan Summary    │
+│ 🔍 Scans Executed section               │
+├────────────────────────────────────────┤
+│ Executive Dashboard:                    │
+│   [Critical: 23] [High: 45]             │
+│   [Medium: 89] [Tools: 12/28]          │
+│   [Score: 62/100 - Needs Attention]    │
+├────────────────────────────────────────┤
+│ Tool Status Grid                       │
+│ ✅ Semgrep ✅ Trivy ✅ CodeQL...       │
+├────────────────────────────────────────┤
+│ Detailed Findings (existing sections)   │
+└────────────────────────────────────────┘
+```
+
+## 🚀 Remaining Optional Improvements
+
+The following enhancements are available but not yet implemented:
+
+### Future Enhancements:
+1. **Filter Bar** - Severity filters and search (requires JavaScript)
+2. **Collapsible Sections** - Auto-expand critical issues (requires JavaScript)
+3. **Charts** - Severity distribution visualization (requires Chart.js)
+4. **Export Options** - PDF/CSV export functionality
+
+These would require additional JavaScript and can be added incrementally based on user feedback.
+
+## 📖 Documentation
+
+- Full analysis: `docs/ui_ux_improvements_analysis.md`
+- Key insights: `docs/ui_ux_key_insights.md`
+- Example implementation: `docs/ui_ux_implementation_example.html`
+
+## 🎨 Design Highlights
+
+- **Glassmorphism**: Modern frosted glass effects
+- **Gradient Backgrounds**: Beautiful purple/blue gradients
+- **Executive Dashboard**: At-a-glance security metrics
+- **Status Indicators**: Clear visual feedback
+- **Responsive**: Works on all devices
+- **Dark Mode**: Enhanced dark mode experience
+
+## 🧪 Testing
+
+To test the new design:
+
+1. Run a security scan
+2. Open the generated HTML report
+3. Check for:
+   - Executive summary at the top
+   - "Scans Executed" section
+   - Modern glassmorphism styling
+   - Smooth animations on hover
+   - Proper dark mode toggle
+
+The new design is backward compatible and will work with existing scan results!
+

entrypoint.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+set -e
+
+# Fix permissions for mounted volumes at container startup
+if [ -d "/SimpleSecCheck/results" ]; then
+    sudo chown -R scanner:scanner /SimpleSecCheck/results
+fi
+if [ -d "/SimpleSecCheck/logs" ]; then
+    sudo chown -R scanner:scanner /SimpleSecCheck/logs
+fi
+
+# Run the command passed as arguments
+exec "$@"
+

scripts/generate-html-report.py

@@ -8,7 +8,7 @@
 from bs4 import BeautifulSoup
 import traceback
 sys.path.insert(0, os.path.abspath(os.path.join(os.path.dirname(__file__), '..')))
-from scripts.html_utils import html_header, html_footer, generate_visual_summary_section, generate_overall_summary_and_links_section
+from scripts.html_utils import html_header, html_footer, generate_visual_summary_section, generate_overall_summary_and_links_section, generate_executive_summary, generate_tool_status_section
 from scripts.zap_processor import zap_summary, generate_zap_html_section
 from scripts.zap_xml_parser import parse_zap_xml, generate_html_report
 from scripts.semgrep_processor import semgrep_summary, generate_semgrep_html_section
@@ -157,12 +157,58 @@ def main():
     ios_findings_summary = ios_plist_summary(ios_plist_json_path)
 
     try:
+        # Extract ZAP alerts list if available, otherwise use empty list
+        zap_findings_list = zap_alerts.get('alerts', []) if isinstance(zap_alerts, dict) else []
+        
+        # Collect all findings for executive summary
+        all_findings = {
+            'ZAP': zap_findings_list,
+            'Semgrep': semgrep_findings,
+            'Trivy': trivy_vulns,
+            'CodeQL': codeql_findings,
+            'Nuclei': nuclei_findings,
+            'OWASP DC': owasp_dc_vulns,
+            'Safety': safety_findings,
+            'Snyk': snyk_findings,
+            'SonarQube': sonarqube_findings,
+            'Checkov': checkov_comprehensive_findings,
+            'TruffleHog': trufflehog_findings,
+            'GitLeaks': gitleaks_findings,
+            'Detect-secrets': detect_secrets_findings,
+            'npm audit': npm_audit_findings,
+            'Wapiti': wapiti_findings,
+            'Nikto': nikto_findings,
+            'Burp Suite': burp_findings,
+            'Kube-hunter': kube_hunter_findings,
+            'Kube-bench': kube_bench_findings,
+            'Docker Bench': docker_bench_findings,
+            'ESLint': eslint_findings,
+            'Clair': clair_vulns,
+            'Anchore': anchore_vulns,
+            'Brakeman': brakeman_findings,
+            'Bandit': bandit_findings,
+        }
+        
+        # Determine which tools were executed
+        # A tool was executed if it has actual findings or if it was run but found nothing
+        # We need to check if findings exist AND are not None
+        # None means skipped, [] or items means executed but may have no findings
+        executed_tools = {}
+        for tool, findings in all_findings.items():
+            # Tools that have findings (even if empty list) or ZAP with alerts should show as executed
+            if findings is not None:
+                executed_tools[tool] = {'status': 'complete'}
+            elif tool == 'ZAP' and isinstance(zap_alerts, dict):
+                # ZAP returns a dict, not a list
+                executed_tools[tool] = {'status': 'complete'}
+        
         with open(OUTPUT_FILE, 'w') as f:
-            f.write(html_header('SimpleSecCheck Security Scan Summary'))
-            f.write(f'<p><b>Scan Date:</b> {now}<br>')
-            f.write(f'<b>Target:</b> {target}</p>\n')
+            f.write(html_header(f'{target} - {now}'))
             # WebUI Controls Block
-            f.write('''\n<!-- WebUI Controls -->\n<div style="margin: 1em 0;">\n  <button id="scan-btn">Jetzt neuen Scan starten</button>\n  <button id="refresh-status-btn">Status aktualisieren</button>\n  <span id="scan-status" style="margin-left:1em; color: #007bff;">Status wird geladen...</span>\n</div>\n<!-- Hinweis: Scan-Status und Trigger laufen über Port 9100 (Watchdog) -->\n''')
+            # WebUI Controls removed - using single-shot scans only
+
+            # Executive Summary Dashboard
+            f.write(generate_executive_summary(all_findings))
 
             # --- Visual summary with icons/colors for each tool ---
             f.write(generate_visual_summary_section(zap_alerts.get('summary', zap_alerts), semgrep_findings, trivy_vulns, codeql_findings, nuclei_findings, owasp_dc_vulns, safety_findings, snyk_findings, sonarqube_findings, checkov_comprehensive_findings, trufflehog_findings, gitleaks_findings, detect_secrets_findings, npm_audit_findings, wapiti_findings, nikto_findings, burp_findings, kube_hunter_findings, kube_bench_findings, docker_bench_findings, eslint_findings, clair_vulns, anchore_vulns, brakeman_findings, bandit_findings, android_findings_summary, ios_findings_summary))
@@ -195,8 +241,8 @@ def main():
             if len(safety_findings) > 0:
                 f.write(generate_safety_html_section(safety_findings))
 
-            # Snyk Section (only if findings exist)
-            if len(snyk_findings) > 0:
+            # Snyk Section - show if skipped (None) or if there are findings
+            if snyk_findings is None or len(snyk_findings) > 0:
                 f.write(generate_snyk_html_section(snyk_findings))
 
             # SonarQube Section (only if findings exist)