<<<<<<< Updated upstream

ThreatHunt

=======

Cyber Threat Hunter

A modern web application for threat hunting and security analysis, built with React frontend and Flask backend.

Features

• Security Tools Detection: Identify running security tools (AV, EDR, VPN)
• CSV Processing: Upload and analyze security logs
• Baseline Analysis: System baseline comparison
• Network Analysis: Network traffic and connection analysis
• VirusTotal Integration: File and URL reputation checking

Architecture

ThreatHunt/
├── frontend/          # React application
├── backend/           # Flask API server
├── uploaded/          # File upload storage
└── output/           # Analysis results

Quick Start

Backend Setup

cd backend
chmod +x setup_backend.sh
./setup_backend.sh
source venv/bin/activate
python app.py

Frontend Setup

cd frontend
npm install
npm run dev

API Endpoints

• GET / - Serve React app
• GET /api/health - Health check
• POST /api/upload - File upload
• GET /api/analysis/<id> - Get analysis results

Security Considerations

• File upload validation
• Input sanitization
• Rate limiting
• CORS configuration

Contributing

1. Fork the repository
2. Create feature branch
3. Submit pull request

License

MIT License

Stashed changes