Added functionality

added securitytools functions
2026-03-01 14:00:20 -05:00 · 2025-06-17 05:51:24 -04:00
parent 14f95e3192
commit 80276d4b74
16 changed files with 1541 additions and 10 deletions
--- a/backend/pycache/app.cpython-313.pyc
+++ b/backend/pycache/app.cpython-313.pyc
--- a/backend/lists/security-tools.md
+++ b/backend/lists/security-tools.md
@@ -0,0 +1,452 @@
+Anti-Virus (AV):
+360rp.exe
+360sd.exe
+360tray.exe
+a2guard.exe
+a2service.exe
+a2start.exe
+agent.exe
+amp.exe
+ashServ.exe
+aswidsagent.exe
+avastsvc.exe
+avastui.exe
+avcenter.exe
+avengine.exe
+avgsrmaa.exe
+avgsvc.exe
+avguard.exe
+avgui.exe
+AVKService.exe
+AVKTray.exe
+AVKWCtl.exe
+avp.exe
+bdservicehost.exe
+beats.exe
+BgMain.exe
+BkavService.exe
+BkavUI.exe
+BullGuard.exe
+CbDefense.exe
+cb.exe
+ccsvchst.exe
+cis.exe
+clamscan.exe
+clamtray.exe
+cmdagent.exe
+coreServiceShell.exe
+cpda.exe
+CSFalconContainer.exe
+CSFalconService.exe
+CylanceSvc.exe
+CylanceUI.exe
+DeepInstinctService.exe
+DeepInstinctTray.exe
+drweb32.exe
+egui.exe
+ekrn.exe
+elastic-agent.exe
+FortiEDRCollector.exe
+FortiEDRDaemon.exe
+freshclam.exe
+fsav32.exe
+fshoster32.exe
+fsorsp.exe
+HeimdalAgent.exe
+HeimdalThorAgent.exe
+iptray.exe
+kavsvc.exe
+masvc.exe
+mbam.exe
+mbamservice.exe
+mbamtray.exe
+mcshield.exe
+mfemms.exe
+mfetp.exe
+MsMpEng.exe
+nanoav.exe
+nanoavtray.exe
+NisSrv.exe
+nortonsecurity.exe
+ns.exe
+NTRTScan.exe
+openav.exe
+pavsrvx86.exe
+psanhost.exe
+Rav.exe
+RavMonD.exe
+repux.exe
+sched.exe
+seccenter.exe
+SentinelAgent.exe
+SentinelStaticEngine.exe
+sfc.exe
+sophoscleanservice.exe
+SophosFS.exe
+sophosfs.exe
+sophossps.exe
+SophosUI.exe
+sophosui.exe
+spideragent.exe
+spidernt.exe
+TmCCSF.exe
+tpas.exe
+tpasvc.exe
+trac.exe
+V3Main.exe
+V3Svc.exe
+vba32ldr.exe
+vba32utl.exe
+vsmon.exe
+vsserv.exe
+wrsa.exe
+xagt.exe
+zatray.exe
+MsMpEng.exe  
+MpCmdRun.exe  
+NisSrv.exe  
+AvastUI.exe  
+AvastSvc.exe  
+aswEngSrv.exe  
+aswidsagent.exe  
+avgui.exe  
+avgsrvx.exe  
+avgwdsvcx.exe  
+avp.exe  
+avpsus.exe  
+bdagent.exe  
+vsserv.exe  
+updatesrv.exe  
+ns.exe  
+nortonsecurity.exe  
+ccsvchst.exe  
+nis.exe  
+mcshield.exe  
+masvc.exe  
+mfemms.exe  
+egui.exe  
+ekrn.exe  
+SophosUI.exe  
+SophosScan.exe  
+SavService.exe  
+UfSeAgnt.exe  
+TmListen.exe  
+NTRtScan.exe  
+avcenter.exe  
+avgnt.exe  
+avguard.exe  
+PSANHost.exe  
+PSUAService.exe  
+mbam.exe  
+mbamservice.exe  
+cfp.exe  
+cmdagent.exe
+MsMpEng.exe
+MpCmdRun.exe
+MpUXSrv.exe
+NisSrv.exe
+SecurityHealthService.exe
+SecurityHealthSystray.exe
+AvastUI.exe
+AvastSvc.exe
+aswEngSrv.exe
+aswidsagent.exe
+avgui.exe
+avgsrvx.exe
+avgwdsvcx.exe
+avp.exe
+avpsus.exe
+kavtray.exe
+klnagent.exe
+bdagent.exe
+bdservicehost.exe
+bdlaunch.exe
+vsserv.exe
+updatesrv.exe
+ns.exe
+nortonsecurity.exe
+ccsvchst.exe
+nis.exe
+symerr.exe
+symlcsvc.exe
+mcshield.exe
+mcagent.exe
+masvc.exe
+mfemms.exe
+mcupdate.exe
+mfevtps.exe
+egui.exe
+eguiProxy.exe
+ekrn.exe
+SophosUI.exe
+SophosScan.exe
+SavService.exe
+ALMon.exe
+sophossps.exe
+UfSeAgnt.exe
+TmListen.exe
+NTRtScan.exe
+PccNTMon.exe
+avcenter.exe
+avgnt.exe
+avguard.exe
+sched.exe
+avscan.exe
+PSANHost.exe
+PSUAService.exe
+PandaSecurityTb.exe
+mbam.exe
+mbamtray.exe
+mbamservice.exe
+MBAMService.exe
+cfp.exe
+cmdagent.exe
+cis.exe
+cavwp.exe
+fshoster32.exe
+fsav32.exe
+fsgk32.exe
+WRSA.exe
+zlclient.exe
+vsmon.exe
+CSFalconService.exe
+CSFalconContainer.exe
+SentinelAgent.exe
+CbDefense.exe
+klnagent.exe
+klnagchk.exe
+klnagntf.exe
+klnagwds.exe
+klcsldcl.exe
+klcsngtgui.exe
+klcspxy.exe
+klshwmsg.exe
+kldumper.exe
+klmover.exe
+klwd.exe
+ksnproxy.exe
+klrirbtagt.exe
+avpdtagt.dll
+
+
+
+
+
+
+
+EndPoint Detection Response (EDR):
+Check Point
+CrowdStrike Falcon 
+IBM/HCL Notes Agent 
+McAfee Agent 
+Microsoft Defender
+
+
+Virtual Private Networks (VPN):
+Adguardvpn.exe
+airvpn.exe
+amnezia.exe
+Astrillvpn.exe
+AtlasVPN.exe
+AtlasVPNSetup.exe
+AvastSecureLine.exe
+azirevpn.exe
+bdvpnapp.exe
+beetvpn.exe
+Betternet.exe
+betternet.exe
+BetternetForWindows.exe
+bitdefendervpn.exe
+cactusvpn.exe
+celovpn.exe
+clearvpn.exe
+cryptostrom.exe
+CyberGhost.exe
+cyberghost.exe
+cyberghostvpn.exe
+cyberghostvpnsetup.exe
+dewvpn.exe
+encryptme.exe
+ExpressVPN.exe
+expressvpn.exe
+expressvpn-ui.exe
+f5fpc.exe
+f5fpclientW.exe
+fastestvpn.exe
+fastestvpn.exe
+FortiClient.exe
+freedome.exe
+fsecurefreedomevpn.exe
+goosevpn.exe
+hideme.exe
+hideme.exe
+hide.me-setup.exe
+hide.me VPN.exe
+hidemyass.exe
+hma-vpn.exe
+HMA-VPN-Setup.exe
+HotspotShield.exe
+hotspotshield.exe
+HSS-Installer.exe
+hsswd.exe
+ipsec.exe
+ipvanish.exe
+ipvanish.exe
+iTopVPN.exe
+ivacy.exe
+ivacy.exe
+IvacySetup.exe
+IvacyVPN.exe
+ivpn.exe
+kscvpn.exe
+letsvpn.exe
+limevpn.exe
+maskvpn.exe
+mullvad.exe
+musclevpn.exe
+nordlayer.exe
+NordVPN.exe
+nordvpn.exe
+NordVPNSetup.exe
+nortonsecurevpn.exe
+nortonsecurity.exe
+openconnect.exe
+OPenvpn.exe
+ovpn.exe
+paladinvpn.exe
+PanGPA.exe
+PanGPS.exe
+perfectprivacy.exe
+phantomvpn.exe
+phantomvpn.exe
+pia-client.exe
+pia-client.exe
+pia-installer.exe
+pritunl.exe
+privadovpn.exe
+privateinternetaccess.exe
+ProtonVPN.exe
+protonvpn.exe
+protonvpn.exe
+ProtonVPN_setup.exe
+proxygate.exe
+PulseSecure.exe
+PureVPN.exe
+purevpn.exe
+PureVPN_Windows_Setup.exe
+safeconnect.exe
+safervpn.exe
+shieldvpn.exe
+shinevpn.exe
+strongswan.exe
+StrongVPN.exe
+strongvpn.exe
+strongvpn.exe
+StrongVPN-Windows.exe
+Surfshark.exe
+surfshark.exe
+surfshark.exe
+SurfsharkSetup.exe
+swg.exe
+tailscaled.exe
+torguard.exe
+TracSrvWrapper.exe
+TunnelBear.exe
+tunnelbear.exe
+TunnelBear-Installer.exe
+turbovpn.exe
+urban-vpn.exe
+veepn.exe
+virtualshieldvpn.exe
+vpnac.exe
+vpnarea.exe
+vpnclient.exe
+vpnclient_x64.exe
+vpncli.exe
+vpn.exe
+vpnhub.exe
+vpnsecure.exe
+vpnserver.exe
+vpnserver_x64.exe
+vpnui.exe
+vpn-unlimited.exe
+vpnunlimited.exe
+vpn-unlimited-setup.exe
+vtund
+VyprVPN.exe
+vyprvpn.exe
+vyprvpn.exe
+VyprVPN-Installer.exe
+Windscribe.exe
+windscribe.exe
+windscribe.exe
+WindscribeSetup.exe
+wiresock-client.exe
+zenmate.exe
+zenmatevpn.exe
+ZoogVPN.exe
+zoogvpn.exe
+Vpnui.exe
+vpn.exe
+vpn
+nacvpn.exe
+termius.exe
+cudavpn_ndis62_x64.sys
+cudavpn_ndis64_x64.sys
+cudavpn_ndis65_x64.sys
+cudavpn_ndis68_arm64.sys
+cudavpn.sys
+brave_vpn_helper.exe
+brave_vpn_wireguard_service.exe
+anyconnect-win-4.9.04043-core-vpn-webdeploy-k9.exe
+nacvpn.exe
+vpnagent.exe
+vpncli.exe
+vpndownloader.exe
+vpnmgmttun.exe
+vpnui.exe
+vpnva64-6.sys
+com.docker.vpnkit.exe
+vpnkit-bridge.exe
+vpnkit.exe
+covpnv64.sys
+f5fpc.exe
+f5fpclientW.exe
+f5vpn_setup (1).exe
+f5vpn_setup.exe
+f5vpn.exe
+FortiClient.exe
+FortiSSLVPNdaemon.exe
+FortiSslVpnPluginApp.exe
+FortiSSLVPNsys.exe
+FortiVPNSt.exe
+sslvpn_inst_ZZDAT_Aija_Svede@vc.lm.gov.lv.exe
+sslvpn_inst_ZZDAT_Ilmars_Urbans@vc.lm.gov.lv.exe
+sslvpn_inst_ZZDAT_Valda_Branta@vc.lm.gov.lv.exe
+agilevpn.sys
+ipsec.exe
+agent_ovpnconnect.exe
+openvpn-gui.exe
+openvpn.exe
+OpenVPNConnect.exe
+openvpnserv.exe
+openvpnserv2.exe
+ovpn-dco.sys
+ovpnconnector.exe
+ovpnhelper_service.exe
+tap_ovpnconnect.sys
+ConnectVPN.exe
+PanGPA.exe
+PanGPS.exe
+phionvpn_ndis62_x64.sys
+phionvpn_ndis62_x86.sys
+phionvpn_ndis63_x64.sys
+phionvpn_ndis63_x86.sys
+phionvpn_ndis64_x64.sys
+phionvpn_ndis64_x86.sys
+phionvpn_ndis65_x64.sys
+phionvpn_ndis65_x86.sys
+phionvpn.sys
+scvpn.exe
+tailscaled.exe
+tor
--- a/backend/scripts/parse_tools_usage.py
+++ b/backend/scripts/parse_tools_usage.py
@@ -0,0 +1,52 @@
+import csv
+import re
+import os
+from glob import glob
+
+# 1. Extract tool/process names from the Markdown file
+def extract_tools(md_path):
+    tools = set()
+    with open(md_path, encoding='utf-8') as f:
+        for line in f:
+            line = line.strip()
+            # Skip headers and empty lines
+            if not line or line.endswith(':') or line.startswith('<!--'):
+                continue
+            # Only keep lines that look like process/tool names
+            if re.match(r'^[\w\-.@]+(\.exe|\.dll|\.sys)?$', line, re.IGNORECASE):
+                tools.add(line.lower())
+    return tools
+
+# 2. Parse the CSV file and build mapping
+def parse_csv(csv_path, tools):
+    tool_hosts = {}
+    with open(csv_path, newline='', encoding='utf-8') as csvfile:
+        reader = csv.DictReader(csvfile)
+        for row in reader:
+            host = row.get('host') or row.get('hostname')
+            proc = row.get('process') or row.get('process_name') or row.get('image')
+            if not host or not proc:
+                continue
+            proc = proc.lower()
+            if proc in tools:
+                tool_hosts.setdefault(proc, set()).add(host)
+    return tool_hosts
+
+# 3. Output the breakdown
+def main():
+    md_path = r'd:\Dev\ThreatHunt\backend\lists\security-tools.md'
+    upload_dir = r'd:\Dev\ThreatHunt\uploaded'
+    tools = extract_tools(md_path)
+    csv_files = glob(os.path.join(upload_dir, '*.csv'))
+
+    for csv_path in csv_files:
+        print(f"\nResults for: {os.path.basename(csv_path)}")
+        tool_hosts = parse_csv(csv_path, tools)
+        if not tool_hosts:
+            print("  No known tools found.")
+            continue
+        for tool, hosts in sorted(tool_hosts.items()):
+            print(f"  {tool}: {', '.join(sorted(hosts))}")
+
+if __name__ == '__main__':
+    main()
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -14,9 +14,13 @@
        "@mui/material": "^6.4.8",
        "@tailwindcss/vite": "^4.1.7",
        "axios": "^1.10.0",
+        "csv-parser": "^3.2.0",
+        "express": "^5.1.0",
        "lucide-react": "^0.515.0",
+        "multer": "^2.0.1",
        "react": "^18.0.0",
        "react-dom": "^18.0.0",
+        "react-dropzone": "^14.3.8",
        "react-router": "^7.6.0"
    },
    "devDependencies": {
--- a/frontend/src/App.jsx
+++ b/frontend/src/App.jsx
@@ -1,10 +1,11 @@
-import React, { Suspense, useMemo } from "react";
+import React, { Suspense, useMemo, lazy } from "react";
 import { createTheme, ThemeProvider } from "@mui/material/styles";
 import { CssBaseline } from "@mui/material";
 import { BrowserRouter, Routes, Route } from "react-router";

 import Sidebar from "./components/Sidebar";
-import Baseline from "./components/Baseline";
+const Baseline = lazy(() => import("./components/Baseline"));
+const SecurityTools = lazy(() => import("./components/securitytools"));

 function App() {

@@ -28,6 +29,7 @@ function App() {
            <Suspense fallback={<div>Loading...</div>}>
              <Routes>
                <Route path="/baseline" element={<Baseline />} />
+                <Route path="/securitytools" element={<SecurityTools />} />
              </Routes>
            </Suspense>
          </BrowserRouter>
--- a/frontend/src/components/Applications.js
+++ b/frontend/src/components/Applications.js
@@ -0,0 +1,7 @@
+import React from 'react';
+
+const Applications = () => {
+    return <div>Applications Placeholder</div>;
+};
+
+export default Applications;
--- a/frontend/src/components/Baseline.jsx
+++ b/frontend/src/components/Baseline.jsx
@@ -33,10 +33,10 @@ const Baseline = () => {
            {/* Summary Cards */}
            <div className="grid grid-cols-2 md:grid-cols-4 gap-4 mb-6">
                {[
-                    { label: "Windows", color: "bg-blue-600", pattern: "windows" },
-                    { label: "Linux", color: "bg-green-600", pattern: "ubuntu" },
-                    { label: "Servers", color: "bg-red-600", pattern: "server" },
-                    { label: "Workstations", color: "bg-yellow-500", pattern: "workstation" },
+                    { label: "Windows", color: "bg-blue-700", pattern: "windows" },
+                    { label: "Linux", color: "bg-green-700", pattern: "ubuntu" },
+                    { label: "Servers", color: "bg-red-800", pattern: "server" },
+                    { label: "Workstations", color: "bg-yellow-400", pattern: "workstation" },
                ].map(({ label, color, pattern }) => (
                    <div
                        key={label}
--- a/frontend/src/components/CSVProcessing.js
+++ b/frontend/src/components/CSVProcessing.js
@@ -0,0 +1,7 @@
+import React from 'react';
+
+const CSVProcessing = () => {
+    return <div>CSV Processing Placeholder</div>;
+};
+
+export default CSVProcessing;
--- a/frontend/src/components/HomePage.js
+++ b/frontend/src/components/HomePage.js
@@ -0,0 +1,7 @@
+import React from 'react';
+
+const HomePage = () => {
+    return <div>Home Page Placeholder</div>;
+};
+
+export default HomePage;
--- a/frontend/src/components/Networking.js
+++ b/frontend/src/components/Networking.js
@@ -0,0 +1,7 @@
+import React from 'react';
+
+const Networking = () => {
+    return <div>Networking Placeholder</div>;
+};
+
+export default Networking;
--- a/frontend/src/components/SettingsConfig.js
+++ b/frontend/src/components/SettingsConfig.js
@@ -0,0 +1,7 @@
+import React from 'react';
+
+const SettingsConfig = () => {
+    return <div>Settings & Config Placeholder</div>;
+};
+
+export default SettingsConfig;
--- a/frontend/src/components/Sidebar.jsx
+++ b/frontend/src/components/Sidebar.jsx
@@ -4,6 +4,9 @@ import {
  ChevronDown, ChevronRight, Folder
 } from 'lucide-react';
 import AddIcon from '@mui/icons-material/Add';
+import BugReportIcon from '@mui/icons-material/BugReport';
+import EngineeringIcon from '@mui/icons-material/Engineering';
+

 const SidebarItem = ({ icon: Icon, label, children }) => {
  const [open, setOpen] = useState(false);
@@ -34,7 +37,7 @@ const SidebarItem = ({ icon: Icon, label, children }) => {

 const Sidebar = () => (
  <div className="h-screen w-64 shadow-lg p-4 flex flex-col space-y-2">
-    <h2 className="text-xl font-bold text-white mb-4">Velo Dashboard</h2>
+    <h2 className="text-xl font-bold text-white mb-4">Threat Hunt Dashboard</h2>
    <SidebarItem icon={ShieldCheck} label="HomePage" />
    <SidebarItem icon={Server} label="Baseline" />
    <SidebarItem icon={Bug} label="Networking" />
@@ -45,8 +48,8 @@ const Sidebar = () => (
      <div>Endpoint Detection & Response</div>
      <div>Virtual Private Networks</div>
    </SidebarItem>
-    <SidebarItem icon={Globe} label="Virus Totals" />
-    <SidebarItem icon={Globe} label="Configuration & Settings" />
+    <SidebarItem icon={BugReportIcon} label="Virus Totals" />   
+    <SidebarItem icon={EngineeringIcon} label="Settings & Config" />  
  </div>
 );

--- a/frontend/src/components/VirusTotal.js
+++ b/frontend/src/components/VirusTotal.js
@@ -0,0 +1,7 @@
+import React from 'react';
+
+const VirusTotal = () => {
+    return <div>Virus Total Placeholder</div>;
+};
+
+export default VirusTotal;
--- a/frontend/src/components/securitytools.jsx
+++ b/frontend/src/components/securitytools.jsx
@@ -0,0 +1,64 @@
+import React, { useState, useCallback } from "react";
+import { useDropzone } from "react-dropzone";
+
+const SecurityTools = () => {
+  const [uploadStatus, setUploadStatus] = useState(null);
+  const [analysisResult, setAnalysisResult] = useState(null);
+
+  const onDrop = useCallback(async (acceptedFiles) => {
+    const formData = new FormData();
+    acceptedFiles.forEach((file) => formData.append("file", file));
+
+    setUploadStatus("Uploading...");
+    try {
+      const res = await fetch("/upload", {
+        method: "POST",
+        body: formData,
+      });
+
+      if (!res.ok) throw new Error("Upload failed");
+
+      const data = await res.json();
+      setAnalysisResult(data);
+      setUploadStatus("Upload and analysis complete");
+    } catch (err) {
+      console.error(err);
+      setUploadStatus("Upload failed");
+    }
+  }, []);
+
+  const { getRootProps, getInputProps, isDragActive } = useDropzone({ onDrop });
+
+  return (
+    <div className="p-6 text-white">
+      <h1 className="text-3xl font-bold mb-6">Security Tools: File Analysis</h1>
+
+      <div
+        {...getRootProps()}
+        className={`border-dashed border-4 rounded-lg p-10 text-center transition-colors duration-300 ${
+          isDragActive ? "border-cyan-400 bg-zinc-800" : "border-zinc-600 bg-zinc-900"
+        }`}
+      >
+        <input {...getInputProps()} />
+        {isDragActive ? (
+          <p>Drop the files here...</p>
+        ) : (
+          <p>Drag and drop files here, or click to browse.</p>
+        )}
+      </div>
+
+      {uploadStatus && <p className="mt-4 text-cyan-400">{uploadStatus}</p>}
+
+      {analysisResult && (
+        <div className="mt-6 bg-zinc-800 p-4 rounded-lg overflow-auto">
+          <h2 className="text-xl font-semibold mb-2">Analysis Result:</h2>
+          <pre className="whitespace-pre-wrap text-sm text-zinc-300">
+            {JSON.stringify(analysisResult, null, 2)}
+          </pre>
+        </div>
+      )}
+    </div>
+  );
+};
+
+export default SecurityTools;
--- a/frontend/{
+++ b/frontend/{