InvokeHoneyBadger is the origin project for HoneyBadger Vanguard (HBV) β red-team tooling, recon frameworks, and community resources.
This repository contains the official landing page for invokehoneybadger.com, deployed via GitHub Pages.
HoneyBadger Vanguard (HBV) represents:
- Red-team tooling for security professionals
- Reconnaissance frameworks for ethical hacking and penetration testing
- Community resources for security researchers and practitioners
- Real-world tradecraft hardened by operational experience
invokehoneybadger.github.io/
βββ index.html # Main landing page (responsive, terminal-themed)
βββ styles.css # External stylesheet (modular, cacheable)
βββ js/ # JavaScript modules
β βββ matrix.js # Matrix rain animation
β βββ hexagon.js # Hexagon overlay effects
β βββ terminal.js # Terminal stream simulation
β βββ boot.js # Boot sequence with audio
β βββ counter.js # Visitor counter
βββ .github/
β βββ workflows/
β β βββ deploy.yml # GitHub Pages deployment
β β βββ security-scan.yml # Trivy, TruffleHog, HTML validation, Lighthouse
β β βββ codeql.yml # CodeQL security analysis
β β βββ optimize-assets.yml # Automatic CSS/JS minification
β βββ dependabot.yml # Automated dependency updates
βββ CNAME # Custom domain configuration
βββ README.md # This file
βββ LICENSE # MIT License
βββ SECURITY.md # Security policy and vulnerability reporting
βββ DEPLOYMENT.md # Server configuration and deployment guide
βββ CONTRIBUTING.md # Contribution guidelines
βββ _headers # HTTP headers config (Netlify/CDN)
βββ robots.txt # SEO crawler directives
βββ sitemap.xml # SEO sitemap
βββ manifest.json # PWA manifest
βββ .well-known/
β βββ security.txt # RFC 9116 security contact information
βββ invokehoneybadger_favicon.ico
βββ invokehoneybadger_favicon_32.png
-
Clone the repository:
git clone https://github.com/invokehoneybadger/invokehoneybadger.github.io.git cd invokehoneybadger.github.io -
Serve locally:
# Using Python 3 python3 -m http.server 8000 # Or using Node.js (npx http-server) npx http-server -p 8000
-
Open in browser:
http://localhost:8000
This site is automatically deployed via GitHub Pages:
- Production URL: https://invokehoneybadger.com
- GitHub Pages URL: https://invokehoneybadger.github.io
- Auto-deploy: Pushes to
mainbranch trigger automatic deployment
This repository implements industry-standard security practices:
- β Content Security Policy (CSP) - Prevents XSS and code injection
- β X-Frame-Options - Clickjacking protection
- β X-Content-Type-Options - MIME-sniffing protection
- β Referrer-Policy - Controls referrer information leakage
- β Permissions-Policy - Restricts browser feature access
- β RFC 9116 security.txt - Standardized vulnerability disclosure
- β HTTPS Enforcement - GitHub Pages provides automatic HTTPS
If you discover a security vulnerability, please report it responsibly:
- Email: security@invokehoneybadger.com
- Alternative: hi@invokehoneybadger.com
- Policy: See SECURITY.md for full details
- Response Time: Initial response within 48 hours
Please do NOT open public GitHub issues for security vulnerabilities.
The InvokeHoneyBadger ecosystem includes:
| Service | URL | Description |
|---|---|---|
| Main Site | invokehoneybadger.com | Primary landing page |
| API Gateway | api.invokehoneybadger.com | API services |
| Portal | portal.invokehoneybadger.com | Operations dashboard |
| Shop | shop.invokehoneybadger.com | Official HBV merchandise |
| GitHub | @invokehoneybadger | Open source projects |
| X/Twitter | @InvokHonyBadgr | Updates and announcements |
- HTML5 - Semantic, accessible markup (WCAG AA compliant)
- CSS3 - Modular external stylesheet with CSS variables
- Vanilla JavaScript - ES6+ modular architecture, zero dependencies
- Canvas API - Hardware-accelerated matrix rain and hexagon animations
- Web Audio API - Terminal boot sound effects
- GitHub Actions - CI/CD pipeline with automated testing and deployment
- CodeQL - Advanced security analysis
- Lighthouse CI - Performance and accessibility audits
Modular Design:
- Separate CSS file for better caching and maintainability
- JavaScript split into 5 focused modules for code organization
- Resource hints (preload, preconnect, dns-prefetch) for optimal performance
- Deferred loading for non-critical scripts
- β Chrome/Edge 90+
- β Firefox 88+
- β Safari 14+
- β Mobile browsers (iOS Safari, Chrome Mobile)
This project is licensed under the MIT License.
See LICENSE for full details.
Copyright (c) 2025 InvokeHoneyBadger β HoneyBadger Vanguard (HBV)
Contributions are welcome! To contribute:
- Fork this repository
- Create a branch for your feature (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- Follow existing code style and structure
- Test changes locally before submitting
- Update documentation if adding new features
- Ensure all security headers remain intact
- Do not commit sensitive data (credentials, keys, etc.)
- Email: hi@invokehoneybadger.com
- Security: security@invokehoneybadger.com
- X/Twitter: @InvokHonyBadgr
- GitHub: @invokehoneybadger
Status: β Active Development Last Updated: December 2025 Maintained By: InvokeHoneyBadger Team
β Privacy & Third-Party Removal
- Removed countapi.xyz visitor counter (privacy-first approach)
- Replaced with client-side status display
- No external tracking or API calls
β Enhanced SEO & Social Sharing
- Added JSON-LD structured data (Organization, WebSite, WebPage schemas)
- Enhanced Open Graph meta tags
- Twitter Card optimization
- Improved social media preview support
β Security Hardening
- Removed
'unsafe-inline'from script-src CSP directive - Moved all inline styles to external CSS
- Added Subresource Integrity (SRI) hashes for all external resources
- Updated security.txt with additional fields
β PWA Enhancements
- Updated manifest.json with better PWA configuration
- Theme color optimization
- Edge Side Panel support
- Ready for additional PWA icons (see ASSETS.md)
β Documentation
- Created comprehensive asset generation guide (ASSETS.md)
- Instructions for PWA icons (192x192, 512x512)
- Open Graph image specifications
- WebP conversion guidelines
β Code Organization
- Extracted CSS into external
styles.cssfile - Modularized JavaScript into 5 separate files
- Improved maintainability and browser caching
β Security & Quality
- Added CodeQL workflow for advanced security analysis
- Automated asset minification on deployment
- HTML5 compliant security headers configuration
- Comprehensive deployment documentation
β Performance
- Resource hints (DNS prefetch, preconnect, preload)
- Deferred loading for non-critical scripts
- Optimized script execution order
- Automated minification workflow
β Accessibility (WCAG AA)
- Skip-to-content link for keyboard navigation
- Enhanced ARIA labels and roles
- Focus indicators on all interactive elements
- Screen reader optimizations
β CI/CD Pipeline
- GitHub Actions deployment workflow
- Security scanning (Trivy, TruffleHog)
- HTML5 validation
- Lighthouse performance audits
- Automated dependency updates via Dependabot
"Inspired by live tradecraft. Hardened by real-world ops. Built in the shadows." β R.M.
Built with β and BRRRRT.