This idea led us to create CorpGuard & AuthLab, an interactive cybersecurity simulation platform designed to help users understand common web security vulnerabilities and their solutions through hands-on experience.

Developed by M. Alyan Tariq, Shahmeer Haider, and Sanial Bhatti, this project bridges the gap between secure software development and offensive security learning.

Project Idea

Learning cybersecurity through theory can be difficult, especially when trying to understand how real attacks happen. Our goal was to build a platform where users could switch between two modes:

Vulnerable Mode – to see how security flaws can be exploited.

Secure Mode – to understand how proper security measures prevent those attacks.

This side-by-side comparison makes it easier to learn both the attacker’s mindset and the developer’s responsibility.

What CorpGuard Demonstrates

CorpGuard is a web-based employee portal simulation that showcases major web security vulnerabilities, including:

• SQL Injection (SQLi): Demonstrates how insecure input handling can allow unauthorized login access.
• * Broken Access Control (IDOR): Shows how modifying URL parameters can lead to privilege escalation.
• * Cross-Site Scripting (XSS): Highlights the dangers of malicious script injection.
• * Cross-Site Request Forgery (CSRF): Simulates unauthorized actions performed without user consent.

For each vulnerability, users can instantly switch to secure mode and observe how proper protections block the attack.

AuthLab: Advanced Security Features

To expand the learning experience, we developed AuthLab, an advanced module focused on authentication and modern security concepts.

Its key features include:

• Real-Time Password Hashing: Demonstrates how passwords are securely converted into cryptographic hashes using the Web Crypto API.
• * Digital Signatures (ECDSA): Shows how message tampering can be detected through signature verification.
• * 2FA Simulation: Compares vulnerable OTP validation with secure two-factor authentication.
• * AI-Based Anomaly Detection: Simulates intelligent login monitoring using geo-location and behavior analysis.

Technologies Used

We built the entire project using lightweight and efficient technologies, including:

• Vanilla JavaScript (ES6+)
• * Web Crypto API
• * Custom CSS3
• * Font Awesome Icons
• * Google Fonts
• * Simulated backend responses using Promises and setTimeout

Our goal was to keep the system simple, transparent, and easy to understand.

Challenges and Learning

One of the biggest challenges was simulating realistic cybersecurity attacks without a full backend environment. Implementing browser-based cryptography and designing an intuitive user experience also pushed us to think critically.

Through this project, we learned that cybersecurity is not just about preventing attacks – it is about understanding vulnerabilities, thinking like an attacker, and building systems that are secure by design.

Final Thoughts

CorpGuard & AuthLab is more than just a university project. It is a practical educational tool designed to make cybersecurity learning interactive and engaging.

By allowing users to explore vulnerabilities and immediately see their solutions, the platform transforms complex security concepts into real-world understanding.

We are proud of what we built and hope to expand this project further with features like cloud security simulations, API security testing, and advanced threat detection.

Developed by:

M. Alyan Tariq

Shahmeer Haider

Sanial Bhatti

Project:

CorpGuard & AuthLab – An Interactive Cybersecurity Simulation & Educational Ecosystem

At the core of the system is a Central Server, which represents the Islamabad campus. The server manages authentication, routes messages, tracks online campuses through heartbeats, and supports admin-controlled broadcast announcements. Every other campus — Lahore, Karachi, Peshawar, CFD, and Multan — connects to the server using a dedicated Campus Client program.

We adopted a hybrid protocol design:

• TCP handles reliable tasks such as authentication and inter-campus messaging.
• UDP handles lightweight tasks such as periodic heartbeats and system-wide broadcasts.

This mirrors real-world networking: TCP ensures message reliability, while UDP supports fast, connectionless updates.

Concurrency was one of the most important parts of the project. The server uses std::thread to create a dedicated thread for every connected campus, enabling simultaneous messaging without blocking. Additional threads handle heartbeat monitoring and broadcast operations. On the client side, separate threads are responsible for receiving TCP messages, sending UDP heartbeats every 10 seconds, and listening for broadcast announcements. We protected shared structures like the connected campus list using mutexes to avoid race conditions.

A key challenge we faced was message routing when a campus was offline. Initially, messages were not being delivered because the recipient campus was not yet authenticated. We solved this by maintaining a map of online campuses, updated through UDP heartbeats, and displaying proper messages to users when a campus was offline. We also had issues with thread synchronization and message buffering, which we fixed by implementing structured message formats and careful locking.

Alongside the application, we built a complete WAN model in Cisco Packet Tracer, using a hub-and-spoke topology with Islamabad as the central router. Each campus had its own LAN, IP addressing scheme, and a router connected back to the hub. We used RIPv2 routing for dynamic connectivity and implemented VLANs in selected campuses for departmental segmentation. The network successfully supported full end-to-end reachability, demonstrated through ping tests and packet tracing.

This project gave us hands-on experience with multi-threaded applications, transport protocols, and network design. It helped us understand how real distributed systems function — combining both application logic and underlying network infrastructure.

Full details, code, and diagrams are available in our GitHub repository :https://github.com/sanialbhatti/NU-CN-Messaging-System