diff --git a/istanbul.yml b/istanbul.yml
new file mode 100644
index 0000000..5605afd
--- /dev/null
+++ b/istanbul.yml
@@ -0,0 +1,7 @@
+# istanbul.yml
+check-coverage: true
+instrumentation:
+  root: ./src
+  extensions: ['.js']
+  default-excludes: true
+  excludes: ['**/node_modules/**', '**/test/**']
diff --git a/package.json b/package.json
index 5f1e8a5..06ae399 100644
--- a/package.json
+++ b/package.json
@@ -9,7 +9,10 @@
     "prepush": "npm run test",
     "start": "node .",
     "test": "mocha",
-    "test:watch": "mocha --watch"
+    "test:watch": "mocha --watch",
+    "test": "mocha",
+    "coverage": "istanbul cover ./node_modules/mocha/bin/_mocha -- ./test/*.js",
+    "report": "istanbul report"
   },
   "repository": {
     "type": "git",
diff --git a/src/test.js b/src/test.js
new file mode 100644
index 0000000..820620f
--- /dev/null
+++ b/src/test.js
@@ -0,0 +1,11 @@
+# have vulnerability code
+
+const secretKey = "mysecretkey";
+
+function encryptData(data) {
+  // This function encrypts the input data using a hardcoded secret key
+  const cipher = crypto.createCipher('aes192', secretKey);
+  let encryptedData = cipher.update(data, 'utf8', 'hex');
+  encryptedData += cipher.final('hex');
+  return encryptedData;
+}
diff --git a/test.txt b/test.txt
new file mode 100644
index 0000000..725c777
--- /dev/null
+++ b/test.txt
@@ -0,0 +1,8 @@
+const correctPassword = "mysecretpassword223@"; // define the correct password
+const enteredPassword = prompt("Enter the password:"); // prompt the user for a password
+
+if (enteredPassword === correctPassword) {
+  console.log("Access granted!"); // if the passwords match, print "Access granted!"
+} else {
+  console.log("Access denied!"); // if the passwords don't match, print "Access denied!"
+}
diff --git a/test1.js b/test1.js
new file mode 100644
index 0000000..820620f
--- /dev/null
+++ b/test1.js
@@ -0,0 +1,11 @@
+# have vulnerability code
+
+const secretKey = "mysecretkey";
+
+function encryptData(data) {
+  // This function encrypts the input data using a hardcoded secret key
+  const cipher = crypto.createCipher('aes192', secretKey);
+  let encryptedData = cipher.update(data, 'utf8', 'hex');
+  encryptedData += cipher.final('hex');
+  return encryptedData;
+}
diff --git a/vulnerability.txt b/vulnerability.txt
new file mode 100644
index 0000000..07923d8
--- /dev/null
+++ b/vulnerability.txt
@@ -0,0 +1,9 @@
+const secretKey = "mysecretkey";
+
+function encryptData(data) {
+  // This function encrypts the input data using a hardcoded secret key
+  const cipher = crypto.createCipher('aes192', secretKey);
+  let encryptedData = cipher.update(data, 'utf8', 'hex');
+  encryptedData += cipher.final('hex');
+  return encryptedData;
+}