ThreatHunt/backend/run.py at bb562a91cafdf3cc8ce658e06330fe3e5dc38333 - ThreatHunt - Gitea: Git with a cup of tea

mblanke/ThreatHunt

mirror of https://github.com/mblanke/ThreatHunt.git synced 2026-03-01 05:50:21 -05:00

Files

mblanke 04a9946891 feat: host-centric network map, analysis dashboard, deduped inventory

- Rewrote NetworkMap to use deduplicated host inventory (163 hosts from 394K rows)
- New host_inventory.py service: scans datasets, groups by FQDN/ClientId, extracts IPs/users/OS
- New /api/network/host-inventory endpoint
- Added AnalysisDashboard with 6 tabs (IOC, anomaly, host profile, query, triage, reports)
- Added 16 analysis API endpoints with job queue and load balancer
- Added 4 AI/analysis ORM models (ProcessingJob, AnalysisResult, HostProfile, IOCEntry)
- Filters system accounts (DWM-*, UMFD-*, LOCAL/NETWORK SERVICE)
- Infers OS from hostname patterns (W10-* -> Windows 10)
- Canvas 2D force-directed graph with host/external-IP node types
- Click popover shows hostname, FQDN, IPs, OS, users, datasets, connections

2026-02-20 07:16:17 -05:00

17 lines

323 B

Python

Raw Blame History

 """Entry point for backend server."""
 import logging
 import uvicorn
 logging.basicConfig(
     level=logging.INFO,
     format="%(asctime)s - %(name)s - %(levelname)s - %(message)s",
 )
 if __name__ == "__main__":
     uvicorn.run(
         "app.main:app",
         host="0.0.0.0",
         port=8000,
         reload=False,
     )