memana123-op/IntelGrid

# INTELGRID INTELGRID is a Telegram-focused OSINT platform that ingests leak artifacts, parses structured intel, and exposes live dashboards + APIs for hunt workflows. ## What It Does - Monitors Telegram sources and captures intelligence signals from messages. - Downloads and ingests only allowed document extensions (default: `.zip`, `.rar`, `.txt`). - Stores raw artifacts in a Raw Vault with dedupe metadata. - Builds archive manifests and category indexes (`credentials`, `cookies`, `crypto`, `browser`, `other`). - Parses stealer-style data into MongoDB collections (`credentials`, `cookies`, `systems`, `log_files`). - Runs secret scanning (TruffleHog integration) and stores secret findings with filters. - Adds discovery graph intelligence (source channels, invite links, edges, events). - Serves a React frontend with sections for Search, Stats, Raw Vault, and Discovery. ## Project Structure - `backend/` FastAPI API, Telegram scraper, parsers, MongoDB access, enrichment modules. - `app/` React + Vite frontend dashboard. ## Core API Endpoints - Health/overview: `/api/stats`, `/api/metrics` - Search: `/api/search`, `/api/search/credentials`, `/api/search/sessions` - Raw vault: `/api/raw-artifacts`, `/api/raw-artifacts/{id}/download` - Secret findings: `/api/raw-artifacts/{id}/secrets`, `/api/raw-artifacts/{id}/rescan` - Discovery graph: `/api/discovery/summary`, `/api/discovery/sources`, `/api/discovery/invites`, `/api/discovery/edges` - LeakCheck enrichment: `/api/enrich/leakcheck` - Swagger docs: `/docs` ## Requirements - Python 3.10+ - Node.js 18+ - MongoDB 8+ (local or managed) - Telegram API credentials (`API_ID`, `API_HASH`, session) ## Quick Start (Local) ### 1) Backend cd backend python -m venv venv venv\Scripts\activate pip install -r requirements.txt Create `backend/.env` from `backend/.env.example` and set at minimum: MONGO_URI=mongodb://127.0.0.1:27017 DB_NAME=osint_platform ALLOWED_EXTENSIONS=.zip,.rar,.txt INGEST_QUEUE_MAX=1500 INGEST_WORKERS=2 INGEST_QUEUE_DROP_WHEN_FULL=true INGEST_PRIORITY_ENABLED=true Start backend API: python server.py Start scraper worker (separate terminal): python scraper.py ### 2) Frontend cd app npm install Create `app/.env` from `app/.env.example`: VITE_BACKEND_URL=http://127.0.0.1:8000/api VITE_STRICT_BACKEND=true Run frontend: npm run dev Open `http://localhost:5173`. ## Deployment Notes - Keep MongoDB on persistent storage with free space headroom. - Do not commit private keys, `.env`, or credentials. - If API becomes unresponsive but process is online, check MongoDB first (`systemctl status mongod`) and disk usage (`df -h`). ## Security Notes - This repository is for defensive intelligence workflows. - Use only on authorized/public data and lawful scopes. - Rotate credentials immediately if a secret/key was ever committed. ## License MIT (see `LICENSE` if present).

标签：自动化攻击