mirror of https://github.com/mblanke/ThreatHunt.git synced 2026-03-01 05:50:21 -05:00

Files

mblanke 99d3fbc2b3 post CLAUDE updates

had CLAUDE AI made suggestions and edits to code.
added all route and moves some requirements around.

2025-06-17 06:13:59 -04:00

1.3 KiB

Raw Permalink Blame History

Velo Threat Hunter

A modern web application for threat hunting and security analysis, built with React frontend and Flask backend.

Features

Security Tools Detection: Identify running security tools (AV, EDR, VPN)
CSV Processing: Upload and analyze security logs
Baseline Analysis: System baseline comparison
Network Analysis: Network traffic and connection analysis
VirusTotal Integration: File and URL reputation checking

Architecture

ThreatHunt/
├── frontend/          # React application
├── backend/           # Flask API server
├── uploaded/          # File upload storage
└── output/           # Analysis results

Quick Start

Backend Setup

cd backend
chmod +x setup_backend.sh
./setup_backend.sh
source venv/bin/activate
python app.py

Frontend Setup

cd frontend
npm install
npm run dev

API Endpoints

GET / - Serve React app
GET /api/health - Health check
POST /api/upload - File upload
GET /api/analysis/<id> - Get analysis results

Security Considerations

File upload validation
Input sanitization
Rate limiting
CORS configuration

Contributing

Fork the repository
Create feature branch
Submit pull request

License

MIT License

1.3 KiB Raw Permalink Blame History