Added functionality

added securitytools functions
2026-03-01 14:00:20 -05:00 · 2025-06-17 05:51:24 -04:00
parent 14f95e3192
commit 80276d4b74
16 changed files with 1541 additions and 10 deletions
--- a/backend/pycache/app.cpython-313.pyc
+++ b/backend/pycache/app.cpython-313.pyc
--- a/backend/lists/security-tools.md
+++ b/backend/lists/security-tools.md
@@ -0,0 +1,452 @@
 Anti-Virus (AV):
 360rp.exe
 360sd.exe
 360tray.exe
 a2guard.exe
 a2service.exe
 a2start.exe
 agent.exe
 amp.exe
 ashServ.exe
 aswidsagent.exe
 avastsvc.exe
 avastui.exe
 avcenter.exe
 avengine.exe
 avgsrmaa.exe
 avgsvc.exe
 avguard.exe
 avgui.exe
 AVKService.exe
 AVKTray.exe
 AVKWCtl.exe
 avp.exe
 bdservicehost.exe
 beats.exe
 BgMain.exe
 BkavService.exe
 BkavUI.exe
 BullGuard.exe
 CbDefense.exe
 cb.exe
 ccsvchst.exe
 cis.exe
 clamscan.exe
 clamtray.exe
 cmdagent.exe
 coreServiceShell.exe
 cpda.exe
 CSFalconContainer.exe
 CSFalconService.exe
 CylanceSvc.exe
 CylanceUI.exe
 DeepInstinctService.exe
 DeepInstinctTray.exe
 drweb32.exe
 egui.exe
 ekrn.exe
 elastic-agent.exe
 FortiEDRCollector.exe
 FortiEDRDaemon.exe
 freshclam.exe
 fsav32.exe
 fshoster32.exe
 fsorsp.exe
 HeimdalAgent.exe
 HeimdalThorAgent.exe
 iptray.exe
 kavsvc.exe
 masvc.exe
 mbam.exe
 mbamservice.exe
 mbamtray.exe
 mcshield.exe
 mfemms.exe
 mfetp.exe
 MsMpEng.exe
 nanoav.exe
 nanoavtray.exe
 NisSrv.exe
 nortonsecurity.exe
 ns.exe
 NTRTScan.exe
 openav.exe
 pavsrvx86.exe
 psanhost.exe
 Rav.exe
 RavMonD.exe
 repux.exe
 sched.exe
 seccenter.exe
 SentinelAgent.exe
 SentinelStaticEngine.exe
 sfc.exe
 sophoscleanservice.exe
 SophosFS.exe
 sophosfs.exe
 sophossps.exe
 SophosUI.exe
 sophosui.exe
 spideragent.exe
 spidernt.exe
 TmCCSF.exe
 tpas.exe
 tpasvc.exe
 trac.exe
 V3Main.exe
 V3Svc.exe
 vba32ldr.exe
 vba32utl.exe
 vsmon.exe
 vsserv.exe
 wrsa.exe
 xagt.exe
 zatray.exe
 MsMpEng.exe  
 MpCmdRun.exe  
 NisSrv.exe  
 AvastUI.exe  
 AvastSvc.exe  
 aswEngSrv.exe  
 aswidsagent.exe  
 avgui.exe  
 avgsrvx.exe  
 avgwdsvcx.exe  
 avp.exe  
 avpsus.exe  
 bdagent.exe  
 vsserv.exe  
 updatesrv.exe  
 ns.exe  
 nortonsecurity.exe  
 ccsvchst.exe  
 nis.exe  
 mcshield.exe  
 masvc.exe  
 mfemms.exe  
 egui.exe  
 ekrn.exe  
 SophosUI.exe  
 SophosScan.exe  
 SavService.exe  
 UfSeAgnt.exe  
 TmListen.exe  
 NTRtScan.exe  
 avcenter.exe  
 avgnt.exe  
 avguard.exe  
 PSANHost.exe  
 PSUAService.exe  
 mbam.exe  
 mbamservice.exe  
 cfp.exe  
 cmdagent.exe
 MsMpEng.exe
 MpCmdRun.exe
 MpUXSrv.exe
 NisSrv.exe
 SecurityHealthService.exe
 SecurityHealthSystray.exe
 AvastUI.exe
 AvastSvc.exe
 aswEngSrv.exe
 aswidsagent.exe
 avgui.exe
 avgsrvx.exe
 avgwdsvcx.exe
 avp.exe
 avpsus.exe
 kavtray.exe
 klnagent.exe
 bdagent.exe
 bdservicehost.exe
 bdlaunch.exe
 vsserv.exe
 updatesrv.exe
 ns.exe
 nortonsecurity.exe
 ccsvchst.exe
 nis.exe
 symerr.exe
 symlcsvc.exe
 mcshield.exe
 mcagent.exe
 masvc.exe
 mfemms.exe
 mcupdate.exe
 mfevtps.exe
 egui.exe
 eguiProxy.exe
 ekrn.exe
 SophosUI.exe
 SophosScan.exe
 SavService.exe
 ALMon.exe
 sophossps.exe
 UfSeAgnt.exe
 TmListen.exe
 NTRtScan.exe
 PccNTMon.exe
 avcenter.exe
 avgnt.exe
 avguard.exe
 sched.exe
 avscan.exe
 PSANHost.exe
 PSUAService.exe
 PandaSecurityTb.exe
 mbam.exe
 mbamtray.exe
 mbamservice.exe
 MBAMService.exe
 cfp.exe
 cmdagent.exe
 cis.exe
 cavwp.exe
 fshoster32.exe
 fsav32.exe
 fsgk32.exe
 WRSA.exe
 zlclient.exe
 vsmon.exe
 CSFalconService.exe
 CSFalconContainer.exe
 SentinelAgent.exe
 CbDefense.exe
 klnagent.exe
 klnagchk.exe
 klnagntf.exe
 klnagwds.exe
 klcsldcl.exe
 klcsngtgui.exe
 klcspxy.exe
 klshwmsg.exe
 kldumper.exe
 klmover.exe
 klwd.exe
 ksnproxy.exe
 klrirbtagt.exe
 avpdtagt.dll
 EndPoint Detection Response (EDR):
 Check Point
 CrowdStrike Falcon 
 IBM/HCL Notes Agent 
 McAfee Agent 
 Microsoft Defender
 Virtual Private Networks (VPN):
 Adguardvpn.exe
 airvpn.exe
 amnezia.exe
 Astrillvpn.exe
 AtlasVPN.exe
 AtlasVPNSetup.exe
 AvastSecureLine.exe
 azirevpn.exe
 bdvpnapp.exe
 beetvpn.exe
 Betternet.exe
 betternet.exe
 BetternetForWindows.exe
 bitdefendervpn.exe
 cactusvpn.exe
 celovpn.exe
 clearvpn.exe
 cryptostrom.exe
 CyberGhost.exe
 cyberghost.exe
 cyberghostvpn.exe
 cyberghostvpnsetup.exe
 dewvpn.exe
 encryptme.exe
 ExpressVPN.exe
 expressvpn.exe
 expressvpn-ui.exe
 f5fpc.exe
 f5fpclientW.exe
 fastestvpn.exe
 fastestvpn.exe
 FortiClient.exe
 freedome.exe
 fsecurefreedomevpn.exe
 goosevpn.exe
 hideme.exe
 hideme.exe
 hide.me-setup.exe
 hide.me VPN.exe
 hidemyass.exe
 hma-vpn.exe
 HMA-VPN-Setup.exe
 HotspotShield.exe
 hotspotshield.exe
 HSS-Installer.exe
 hsswd.exe
 ipsec.exe
 ipvanish.exe
 ipvanish.exe
 iTopVPN.exe
 ivacy.exe
 ivacy.exe
 IvacySetup.exe
 IvacyVPN.exe
 ivpn.exe
 kscvpn.exe
 letsvpn.exe
 limevpn.exe
 maskvpn.exe
 mullvad.exe
 musclevpn.exe
 nordlayer.exe
 NordVPN.exe
 nordvpn.exe
 NordVPNSetup.exe
 nortonsecurevpn.exe
 nortonsecurity.exe
 openconnect.exe
 OPenvpn.exe
 ovpn.exe
 paladinvpn.exe
 PanGPA.exe
 PanGPS.exe
 perfectprivacy.exe
 phantomvpn.exe
 phantomvpn.exe
 pia-client.exe
 pia-client.exe
 pia-installer.exe
 pritunl.exe
 privadovpn.exe
 privateinternetaccess.exe
 ProtonVPN.exe
 protonvpn.exe
 protonvpn.exe
 ProtonVPN_setup.exe
 proxygate.exe
 PulseSecure.exe
 PureVPN.exe
 purevpn.exe
 PureVPN_Windows_Setup.exe
 safeconnect.exe
 safervpn.exe
 shieldvpn.exe
 shinevpn.exe
 strongswan.exe
 StrongVPN.exe
 strongvpn.exe
 strongvpn.exe
 StrongVPN-Windows.exe
 Surfshark.exe
 surfshark.exe
 surfshark.exe
 SurfsharkSetup.exe
 swg.exe
 tailscaled.exe
 torguard.exe
 TracSrvWrapper.exe
 TunnelBear.exe
 tunnelbear.exe
 TunnelBear-Installer.exe
 turbovpn.exe
 urban-vpn.exe
 veepn.exe
 virtualshieldvpn.exe
 vpnac.exe
 vpnarea.exe
 vpnclient.exe
 vpnclient_x64.exe
 vpncli.exe
 vpn.exe
 vpnhub.exe
 vpnsecure.exe
 vpnserver.exe
 vpnserver_x64.exe
 vpnui.exe
 vpn-unlimited.exe
 vpnunlimited.exe
 vpn-unlimited-setup.exe
 vtund
 VyprVPN.exe
 vyprvpn.exe
 vyprvpn.exe
 VyprVPN-Installer.exe
 Windscribe.exe
 windscribe.exe
 windscribe.exe
 WindscribeSetup.exe
 wiresock-client.exe
 zenmate.exe
 zenmatevpn.exe
 ZoogVPN.exe
 zoogvpn.exe
 Vpnui.exe
 vpn.exe
 vpn
 nacvpn.exe
 termius.exe
 cudavpn_ndis62_x64.sys
 cudavpn_ndis64_x64.sys
 cudavpn_ndis65_x64.sys
 cudavpn_ndis68_arm64.sys
 cudavpn.sys
 brave_vpn_helper.exe
 brave_vpn_wireguard_service.exe
 anyconnect-win-4.9.04043-core-vpn-webdeploy-k9.exe
 nacvpn.exe
 vpnagent.exe
 vpncli.exe
 vpndownloader.exe
 vpnmgmttun.exe
 vpnui.exe
 vpnva64-6.sys
 com.docker.vpnkit.exe
 vpnkit-bridge.exe
 vpnkit.exe
 covpnv64.sys
 f5fpc.exe
 f5fpclientW.exe
 f5vpn_setup (1).exe
 f5vpn_setup.exe
 f5vpn.exe
 FortiClient.exe
 FortiSSLVPNdaemon.exe
 FortiSslVpnPluginApp.exe
 FortiSSLVPNsys.exe
 FortiVPNSt.exe
 sslvpn_inst_ZZDAT_Aija_Svede@vc.lm.gov.lv.exe
 sslvpn_inst_ZZDAT_Ilmars_Urbans@vc.lm.gov.lv.exe
 sslvpn_inst_ZZDAT_Valda_Branta@vc.lm.gov.lv.exe
 agilevpn.sys
 ipsec.exe
 agent_ovpnconnect.exe
 openvpn-gui.exe
 openvpn.exe
 OpenVPNConnect.exe
 openvpnserv.exe
 openvpnserv2.exe
 ovpn-dco.sys
 ovpnconnector.exe
 ovpnhelper_service.exe
 tap_ovpnconnect.sys
 ConnectVPN.exe
 PanGPA.exe
 PanGPS.exe
 phionvpn_ndis62_x64.sys
 phionvpn_ndis62_x86.sys
 phionvpn_ndis63_x64.sys
 phionvpn_ndis63_x86.sys
 phionvpn_ndis64_x64.sys
 phionvpn_ndis64_x86.sys
 phionvpn_ndis65_x64.sys
 phionvpn_ndis65_x86.sys
 phionvpn.sys
 scvpn.exe
 tailscaled.exe
 tor
--- a/backend/scripts/parse_tools_usage.py
+++ b/backend/scripts/parse_tools_usage.py
@@ -0,0 +1,52 @@
 import csv
 import re
 import os
 from glob import glob
 # 1. Extract tool/process names from the Markdown file
 def extract_tools(md_path):
    tools = set()
    with open(md_path, encoding='utf-8') as f:
        for line in f:
            line = line.strip()
            # Skip headers and empty lines
            if not line or line.endswith(':') or line.startswith('<!--'):
                continue
            # Only keep lines that look like process/tool names
            if re.match(r'^[\w\-.@]+(\.exe|\.dll|\.sys)?$', line, re.IGNORECASE):
                tools.add(line.lower())
    return tools
 # 2. Parse the CSV file and build mapping
 def parse_csv(csv_path, tools):
    tool_hosts = {}
    with open(csv_path, newline='', encoding='utf-8') as csvfile:
        reader = csv.DictReader(csvfile)
        for row in reader:
            host = row.get('host') or row.get('hostname')
            proc = row.get('process') or row.get('process_name') or row.get('image')
            if not host or not proc:
                continue
            proc = proc.lower()
            if proc in tools:
                tool_hosts.setdefault(proc, set()).add(host)
    return tool_hosts
 # 3. Output the breakdown
 def main():
    md_path = r'd:\Dev\ThreatHunt\backend\lists\security-tools.md'
    upload_dir = r'd:\Dev\ThreatHunt\uploaded'
    tools = extract_tools(md_path)
    csv_files = glob(os.path.join(upload_dir, '*.csv'))
    for csv_path in csv_files:
        print(f"\nResults for: {os.path.basename(csv_path)}")
        tool_hosts = parse_csv(csv_path, tools)
        if not tool_hosts:
            print("  No known tools found.")
            continue
        for tool, hosts in sorted(tool_hosts.items()):
            print(f"  {tool}: {', '.join(sorted(hosts))}")
 if __name__ == '__main__':
    main()
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -14,9 +14,13 @@
        "@mui/material": "^6.4.8",
        "@tailwindcss/vite": "^4.1.7",
        "axios": "^1.10.0",
        "csv-parser": "^3.2.0",
        "express": "^5.1.0",
        "lucide-react": "^0.515.0",
        "multer": "^2.0.1",
        "react": "^18.0.0",
        "react-dom": "^18.0.0",
        "react-dropzone": "^14.3.8",
        "react-router": "^7.6.0"
    },
    "devDependencies": {
@@ -27,4 +31,4 @@
        "tailwindcss": "^4.1.10",
        "vite": "^6.3.5"
    }
-}
+}
--- a/frontend/src/App.jsx
+++ b/frontend/src/App.jsx
@@ -1,10 +1,11 @@
-import React, { Suspense, useMemo } from "react";
+import React, { Suspense, useMemo, lazy } from "react";
 import { createTheme, ThemeProvider } from "@mui/material/styles";
 import { CssBaseline } from "@mui/material";
 import { BrowserRouter, Routes, Route } from "react-router";
 import Sidebar from "./components/Sidebar";
-import Baseline from "./components/Baseline";
+const Baseline = lazy(() => import("./components/Baseline"));
 const SecurityTools = lazy(() => import("./components/securitytools"));
 function App() {
@@ -28,6 +29,7 @@ function App() {
            <Suspense fallback={<div>Loading...</div>}>
              <Routes>
                <Route path="/baseline" element={<Baseline />} />
                <Route path="/securitytools" element={<SecurityTools />} />
              </Routes>
            </Suspense>
          </BrowserRouter>
--- a/frontend/src/components/Applications.js
+++ b/frontend/src/components/Applications.js
@@ -0,0 +1,7 @@
 import React from 'react';
 const Applications = () => {
    return <div>Applications Placeholder</div>;
 };
 export default Applications;
--- a/frontend/src/components/Baseline.jsx
+++ b/frontend/src/components/Baseline.jsx
@@ -33,10 +33,10 @@ const Baseline = () => {
            {/* Summary Cards */}
            <div className="grid grid-cols-2 md:grid-cols-4 gap-4 mb-6">
                {[
-                    { label: "Windows", color: "bg-blue-600", pattern: "windows" },
+                    { label: "Windows", color: "bg-blue-700", pattern: "windows" },
-                    { label: "Linux", color: "bg-green-600", pattern: "ubuntu" },
+                    { label: "Linux", color: "bg-green-700", pattern: "ubuntu" },
-                    { label: "Servers", color: "bg-red-600", pattern: "server" },
+                    { label: "Servers", color: "bg-red-800", pattern: "server" },
-                    { label: "Workstations", color: "bg-yellow-500", pattern: "workstation" },
+                    { label: "Workstations", color: "bg-yellow-400", pattern: "workstation" },
                ].map(({ label, color, pattern }) => (
                    <div
                        key={label}
--- a/frontend/src/components/CSVProcessing.js
+++ b/frontend/src/components/CSVProcessing.js
@@ -0,0 +1,7 @@
 import React from 'react';
 const CSVProcessing = () => {
    return <div>CSV Processing Placeholder</div>;
 };
 export default CSVProcessing;
--- a/frontend/src/components/HomePage.js
+++ b/frontend/src/components/HomePage.js
@@ -0,0 +1,7 @@
 import React from 'react';
 const HomePage = () => {
    return <div>Home Page Placeholder</div>;
 };
 export default HomePage;
--- a/frontend/src/components/Networking.js
+++ b/frontend/src/components/Networking.js
@@ -0,0 +1,7 @@
 import React from 'react';
 const Networking = () => {
    return <div>Networking Placeholder</div>;
 };
 export default Networking;
--- a/frontend/src/components/SettingsConfig.js
+++ b/frontend/src/components/SettingsConfig.js
@@ -0,0 +1,7 @@
 import React from 'react';
 const SettingsConfig = () => {
    return <div>Settings & Config Placeholder</div>;
 };
 export default SettingsConfig;
--- a/frontend/src/components/Sidebar.jsx
+++ b/frontend/src/components/Sidebar.jsx
@@ -4,6 +4,9 @@ import {
  ChevronDown, ChevronRight, Folder
 } from 'lucide-react';
 import AddIcon from '@mui/icons-material/Add';
 import BugReportIcon from '@mui/icons-material/BugReport';
 import EngineeringIcon from '@mui/icons-material/Engineering';
 const SidebarItem = ({ icon: Icon, label, children }) => {
  const [open, setOpen] = useState(false);
@@ -34,7 +37,7 @@ const SidebarItem = ({ icon: Icon, label, children }) => {
 const Sidebar = () => (
  <div className="h-screen w-64 shadow-lg p-4 flex flex-col space-y-2">
-    <h2 className="text-xl font-bold text-white mb-4">Velo Dashboard</h2>
+    <h2 className="text-xl font-bold text-white mb-4">Threat Hunt Dashboard</h2>
    <SidebarItem icon={ShieldCheck} label="HomePage" />
    <SidebarItem icon={Server} label="Baseline" />
    <SidebarItem icon={Bug} label="Networking" />
@@ -45,8 +48,8 @@ const Sidebar = () => (
      <div>Endpoint Detection & Response</div>
      <div>Virtual Private Networks</div>
    </SidebarItem>
-    <SidebarItem icon={Globe} label="Virus Totals" />
+    <SidebarItem icon={BugReportIcon} label="Virus Totals" />   
-    <SidebarItem icon={Globe} label="Configuration & Settings" />
+    <SidebarItem icon={EngineeringIcon} label="Settings & Config" />  
  </div>
 );
--- a/frontend/src/components/VirusTotal.js
+++ b/frontend/src/components/VirusTotal.js
@@ -0,0 +1,7 @@
 import React from 'react';
 const VirusTotal = () => {
    return <div>Virus Total Placeholder</div>;
 };
 export default VirusTotal;
--- a/frontend/src/components/securitytools.jsx
+++ b/frontend/src/components/securitytools.jsx
@@ -0,0 +1,64 @@
 import React, { useState, useCallback } from "react";
 import { useDropzone } from "react-dropzone";
 const SecurityTools = () => {
  const [uploadStatus, setUploadStatus] = useState(null);
  const [analysisResult, setAnalysisResult] = useState(null);
  const onDrop = useCallback(async (acceptedFiles) => {
    const formData = new FormData();
    acceptedFiles.forEach((file) => formData.append("file", file));
    setUploadStatus("Uploading...");
    try {
      const res = await fetch("/upload", {
        method: "POST",
        body: formData,
      });
      if (!res.ok) throw new Error("Upload failed");
      const data = await res.json();
      setAnalysisResult(data);
      setUploadStatus("Upload and analysis complete");
    } catch (err) {
      console.error(err);
      setUploadStatus("Upload failed");
    }
  }, []);
  const { getRootProps, getInputProps, isDragActive } = useDropzone({ onDrop });
  return (
    <div className="p-6 text-white">
      <h1 className="text-3xl font-bold mb-6">Security Tools: File Analysis</h1>
      <div
        {...getRootProps()}
        className={`border-dashed border-4 rounded-lg p-10 text-center transition-colors duration-300 ${
          isDragActive ? "border-cyan-400 bg-zinc-800" : "border-zinc-600 bg-zinc-900"
        }`}
      >
        <input {...getInputProps()} />
        {isDragActive ? (
          <p>Drop the files here...</p>
        ) : (
          <p>Drag and drop files here, or click to browse.</p>
        )}
      </div>
      {uploadStatus && <p className="mt-4 text-cyan-400">{uploadStatus}</p>}
      {analysisResult && (
        <div className="mt-6 bg-zinc-800 p-4 rounded-lg overflow-auto">
          <h2 className="text-xl font-semibold mb-2">Analysis Result:</h2>
          <pre className="whitespace-pre-wrap text-sm text-zinc-300">
            {JSON.stringify(analysisResult, null, 2)}
          </pre>
        </div>
      )}
    </div>
  );
 };
 export default SecurityTools;
--- a/frontend/{
+++ b/frontend/{