system download url :
NPS System
Network Penetration System – Enterprise-Grade Solution
Python 3.9+
Production Ready
Enterprise Grade
Overview
NPS (Network Penetration System) is an enterprise-grade network penetration solution designed to provide stable, secure, and efficient network connectivity between servers and clients. Built with Python, it offers comprehensive features for network tunneling, security, monitoring, and management.
127+
Python Files
55+
API Endpoints
30+
Metrics
10+
Protocols
20+
Security Features
45+
Core Modules
System Architecture
┌─────────────────────────────────────────────────────────────┐
│ API Gateway + Load Balancer + Deep Defense │
│ (4-Layer Security Protection) │
└────────────────────┬────────────────────────────────────────┘
│
┌────────────────┼────────────────┐
│ │ │
┌───▼───┐ ┌───▼───┐ ┌───▼───┐
│Node 1 │ │Node 2 │ │Node 3 │
│Master │ │Worker │ │Worker │
│ │ │ │ │ │
│Service│ │Service│ │Service│
│Registry│ │Registry│ │Registry│
│Failover│ │Failover│ │Failover│
└───┬───┘ └───┬───┘ └───┬───┘
│ │ │
└──────────────┼──────────────┘
│
┌──────────────┼──────────────┐
│ │ │
┌───▼───┐ ┌────▼────┐ ┌────▼────┐
│PostgreSQL│ │ Redis │ │Prometheus│
│ │ │(Queue) │ │ │
│ │ │(Cache) │ │ │
└─────────┘ └─────────┘ └──────────┘
Technology Stack
Backend
- Python 3.9+
- FastAPI (Web Framework)
- SQLAlchemy + PostgreSQL
- Redis (Cache & Queue)
- WebSocket
Frontend
- HTML/CSS/JavaScript
- PyQt6 (Desktop Client)
Infrastructure
- Docker & Docker Compose
- Kubernetes
- Prometheus & Grafana
- GitHub Actions (CI/CD)
Core Features
1. Network Tunneling
Supported Protocols
TCP
Full-duplex TCP tunneling with bidirectional data transfer
UDP
UDP packet forwarding with dedicated proxy server
HTTP/HTTPS
HTTP reverse proxy with SSL/TLS support
WebSocket
Real-time bidirectional communication
SOCKS5
SOCKS5 proxy protocol support
FTP/SSH
File Transfer and Secure Shell tunneling
2. Client Management
- Client registration with automatic ID/token generation
- JWT-based authentication
- Multi-server connection support
- Intelligent server selection
- Real-time status tracking
- Client statistics and analytics
3. Domain & SSL Management
- Custom domain binding
- Automatic SSL certificate provisioning (Let’s Encrypt)
- Certificate renewal before expiration
- HTTPS automatic configuration
- Certificate information and monitoring
4. Connection Management
- Persistent WebSocket connections
- Automatic reconnection with exponential backoff
- Heartbeat mechanism for connection health
- Connection pooling for performance
- Connection statistics and monitoring
Security Features
1. Multi-Layer Security Defense
Network Layer
- IP whitelist/blacklist
- CIDR notation support
- Firewall rules
Application Layer
- API rate limiting
- Request throttling
- Input validation
Data Layer
- Data encryption
- Data validation
- Malicious content detection
Access Layer
- JWT authentication
- RBAC authorization
- API key management
2. Advanced Security Features
- DDoS protection with anomaly detection
- Firewall management with rule-based configuration
- Security auditing (10+ check items)
- Compliance auditing (GDPR, SOC2, ISO27001)
- Automatic key rotation
- Audit logging (6 event types)
- Encrypted backups (Fernet/AES-128)
- Circuit breaker for fault tolerance
3. Compliance Support
GDPR
Data protection, access control, data retention, deletion capabilities
SOC 2
Access control, monitoring, change management
ISO 27001
Information security policy, risk management, incident management
Performance & Optimization
1. Connection Pool Optimization
- Database connection pool (20 connections, 40 overflow)
- HTTP connection pool (100 max connections)
- Connection health checks (pool_pre_ping)
- Connection recycling (1 hour)
- DNS caching (5 minutes)
2. Query Optimization
- Query time measurement
- Slow query detection (1-second threshold)
- Query plan analysis (EXPLAIN ANALYZE)
- Index suggestions
- Bulk operation optimization
3. Cache Strategy
LRU
Least Recently Used eviction
LFU
Least Frequently Used eviction
FIFO
First In First Out eviction
TTL
Time-based expiration
4. Async Processing
- Async task scheduler with priority queue
- Delayed task execution
- Periodic task scheduling
- Automatic retry with exponential backoff
- Batch processing for bulk operations
Performance Benchmarks
| Metric | Value |
|---|---|
| Concurrent Connections | 10,000+ |
| QPS (Queries Per Second) | 1,000+ |
| Response Time (P95) | < 100ms |
| Response Time (P99) | < 200ms |
| Throughput | 1GB/s+ |
| Availability | 99.9%+ |
| Failover Time | < 30 seconds |
Monitoring & Observability
1. Prometheus Metrics (30+)
Connection Metrics
- nps_connections_total
- nps_connections_active
Tunnel Metrics
- nps_tunnels_total
- nps_tunnels_active
Traffic Metrics
- nps_traffic_bytes_total
System Metrics
- nps_system_cpu_percent
- nps_system_memory_bytes
- nps_system_disk_bytes
Security Metrics
- nps_rate_limit_hits_total
- nps_security_anomalies_total
Performance Metrics
- nps_http_request_duration_seconds
- nps_response_time_p95
2. Distributed Tracing
- OpenTelemetry-style tracing
- Cross-service trace support
- Span management
- Trace data export
- Performance analysis
3. Smart Alerting
- Condition-based alerting
- Duration-based detection
- Alert deduplication
- Multiple severity levels
- Alert statistics and history
4. Grafana Dashboards
Pre-configured dashboard with 10 panels:
- Active Connections
- HTTP Request Rate
- Traffic Bytes
- System CPU Usage
- System Memory Usage
- Error Rate
- Active Tunnels
- Rate Limit Hits
- Circuit Breaker State
- Security Anomalies
High Availability
1. Cluster Deployment
- Multi-node support with automatic discovery
- Heartbeat mechanism (30-second interval)
- Node status monitoring
- Load balancing (based on load and connections)
- Master-worker node architecture
- Redis-based session synchronization
2. Health Checking
- Multi-dimensional health checks
- Automatic recovery mechanism
- Health status monitoring
- Predefined check functions (database, Redis, API)
- Health report generation
3. Failover Mechanism
Failover Strategies
Active-Passive
Primary-backup mode with automatic failover
Active-Active
Dual-active mode for load distribution
Round-Robin
Round-robin selection
Least Connections
Select node with least connections
4. Circuit Breaker
- Three states: Closed, Open, Half-Open
- Automatic failure recovery
- Configurable failure threshold
- Success threshold for half-open state
Enterprise Features
1. Message Queue
- Redis-based asynchronous task queue
- Task status management
- Automatic retry mechanism
- Multiple worker threads
- Task handler registration
2. Multi-Tenant Support
- Tenant management (create, update, delete)
- Resource isolation per tenant
- Tenant context management
- Tenant statistics
- Domain binding support
3. API Gateway
- Unified API entry point
- Route management
- Middleware support
- Request forwarding
- Service discovery integration
4. Quota Management
- Traffic quota (per client/tunnel)
- Connection quota
- Time quota
- Quota monitoring and enforcement
5. Backup & Recovery
- Automated backup creation
- Encrypted backups
- Database backup (PostgreSQL)
- Configuration backup
- Certificate backup
- Backup restoration
6. Microservices Architecture
- Service registration and discovery
- Service health checking
- Service heartbeat mechanism
- Load balancing (round-robin, random, least connections)
- Service call encapsulation
API Reference
Authentication
POST
/api/api/auth/token
Create API token for authentication
Client Management
POST
/api/clients
Create a new client
GET
/api/clients
List all clients
GET
/api/clients/{client_id}
Get client details
PUT
/api/clients/{client_id}
Update client
DELETE
/api/clients/{client_id}
Delete client
Tunnel Management
POST
/api/clients/{client_id}/tunnels
Create a new tunnel
GET
/api/clients/{client_id}/tunnels
List tunnels for a client
POST
/api/tunnels/{tunnel_id}/start
Start a tunnel
POST
/api/tunnels/{tunnel_id}/stop
Stop a tunnel
Domain Management
POST
/api/clients/{client_id}/domains
Create a domain binding
POST
/api/domains/{domain_id}/ssl/request
Request SSL certificate
Statistics & Monitoring
GET
/api/stats/traffic
Get traffic statistics
GET
/api/monitor/health
Get system health status
GET
/metrics
Prometheus metrics endpoint
Cluster Management
GET
/api/cluster/nodes
Get cluster node information
POST
/api/cluster/nodes
Add cluster node
WebSocket Endpoints
ws://server:8080/ws/client
Client WebSocket connection
ws://server:8080/ws/admin
Admin WebSocket for management panel
Total: 55+ API endpoints
Deployment
1. Docker Deployment
Quick Start
cd docker
docker-compose up -dCustom Image
docker build -t nps-server:latest -f docker/Dockerfile .2. Kubernetes Deployment
kubectl apply -f k8s/deployment.yaml
kubectl apply -f k8s/configmap.yaml3. One-Click Startup Scripts
Start Server
./scripts/start_server.sh --daemonStart Client
./scripts/start_client.sh --daemon
./scripts/start_client_gui.shStart All Services
./scripts/start_all.sh --daemonCheck Status
./scripts/status.sh4. Environment Variables
| Variable | Description | Default |
|---|---|---|
HOST |
Server host | 0.0.0.0 |
PORT |
Server port | 8080 |
SECRET_KEY |
JWT secret key | Required |
DATABASE_URL |
PostgreSQL connection URL | Required |
REDIS_URL |
Redis connection URL | redis://localhost:6379/0 |
CLUSTER_ENABLED |
Enable cluster mode | false |
Quick Reference
Start Server
./scripts/start_server.shStart Client
./scripts/start_client_gui.shCheck Status
./scripts/status.shView Logs
tail -f logs/server.logAPI Docs
http://localhost:8080/docsMetrics
http://localhost:8080/metrics