mirror of
https://github.com/mblanke/ThreatHunt.git
synced 2026-03-01 14:00:20 -05:00
70 lines
1.3 KiB
Markdown
70 lines
1.3 KiB
Markdown
<<<<<<< Updated upstream
|
|
# ThreatHunt
|
|
=======
|
|
# Cyber Threat Hunter
|
|
|
|
A modern web application for threat hunting and security analysis, built with React frontend and Flask backend.
|
|
|
|
## Features
|
|
|
|
- **Security Tools Detection**: Identify running security tools (AV, EDR, VPN)
|
|
- **CSV Processing**: Upload and analyze security logs
|
|
- **Baseline Analysis**: System baseline comparison
|
|
- **Network Analysis**: Network traffic and connection analysis
|
|
- **VirusTotal Integration**: File and URL reputation checking
|
|
|
|
## Architecture
|
|
|
|
```
|
|
ThreatHunt/
|
|
├── frontend/ # React application
|
|
├── backend/ # Flask API server
|
|
├── uploaded/ # File upload storage
|
|
└── output/ # Analysis results
|
|
```
|
|
|
|
## Quick Start
|
|
|
|
### Backend Setup
|
|
|
|
```bash
|
|
cd backend
|
|
chmod +x setup_backend.sh
|
|
./setup_backend.sh
|
|
source venv/bin/activate
|
|
python app.py
|
|
```
|
|
|
|
### Frontend Setup
|
|
|
|
```bash
|
|
cd frontend
|
|
npm install
|
|
npm run dev
|
|
```
|
|
|
|
## API Endpoints
|
|
|
|
- `GET /` - Serve React app
|
|
- `GET /api/health` - Health check
|
|
- `POST /api/upload` - File upload
|
|
- `GET /api/analysis/<id>` - Get analysis results
|
|
|
|
## Security Considerations
|
|
|
|
- File upload validation
|
|
- Input sanitization
|
|
- Rate limiting
|
|
- CORS configuration
|
|
|
|
## Contributing
|
|
|
|
1. Fork the repository
|
|
2. Create feature branch
|
|
3. Submit pull request
|
|
|
|
## License
|
|
|
|
MIT License
|
|
>>>>>>> Stashed changes
|