dhruv-p-a/ThreatView

# ThreatView - Threat Intelligence Dashboard ThreatView is a full-stack web application designed to help users identify malicious IP addresses, domains, and URLs by aggregating data from open-source threat intelligence feeds. ## Features - **Real-time Search:** Instantly check if an indicator (IP/Domain) is known to be malicious. - **Threat Dashboard:** View a live feed of the latest threats ingested from AlienVault OTX and PhishTank. - **Automated ETL:** A background scheduler fetches and normalizes data every hour. - **Simple UI:** A clean, responsive dashboard built with vanilla HTML, CSS, and JS. ## Tech Stack - **Backend:** Python 3.10+, FastAPI, SQLAlchemy, APScheduler. - **Database:** SQLite. - **Frontend:** HTML5, CSS3, JavaScript (ES6+). ## Project Structure threatview/ ├── backend/ │ ├── main.py # FastAPI application & Scheduler │ ├── database.py # SQLAlchemy configuration │ ├── models.py # Database schema │ ├── etl.py # Data Ingestion scripts │ └── requirements.txt # Python dependencies └── frontend/ ├── index.html # Main UI page ├── style.css # Styling └── script.js # Frontend logic ## Setup Instructions ### 1. Backend Setup 1. Navigate to the backend directory: cd threatview/backend 2. Create a virtual environment (optional but recommended): python -m venv venv source venv/bin/activate # On Windows: venv\Scripts\activate 3. Install dependencies: pip install -r requirements.txt 4. Run the backend server: python main.py *The server will start on `http://127.0.0.1:8000`. On first run, it will automatically pull initial data (ETL).* ### 2. Frontend Setup 1. Since the frontend is static HTML/JS, you can simply open `frontend/index.html` in any modern web browser. 2. Alternatively, use a "Live Server" extension if you're using VS Code. 3. Ensure the backend is running so the frontend can fetch data. ## Example API Responses ### GET `/threats` [ { "id": 1, "type": "URL", "value": "http://malicious-site.com/login", "source": "PhishTank", "threat_type": "Phishing", "created_at": "2023-10-27T10:00:00" } ] ### GET `/search?value=1.2.3.4` { "status": "Malicious", "type": "IP", "source": "AlienVault OTX", "threat_type": "Botnet Activity", "detected_at": "2023-10-27T09:45:00" } ## Notes - **OTX API Key:** For better data, register at [AlienVault OTX](https://otx.alienvault.com/) and add your API key in `etl.py`. - **Database:** The SQLite file `threats.db` will be created automatically in the `backend` folder.

标签：APScheduler, AV绕过, CSS3, ETL, FastAPI, HTML5, JavaCC, JavaScript ES6, PhishTank, Python, SQLAlchemy, SQLite, 仪表盘, 单页应用, 后台调度, 响应式界面, 威胁可视化, 威胁情报, 定时任务, 实时搜索, 开发者工具, 恶意IP, 恶意URL, 恶意域名, 指标查询, 数据可视化, 数据归一化, 数据摄取, 无后门, 网络安全监控, 自动化数据更新, 逆向工具, 驱动开发