Threat Net is a graphing utility used to display connections between Indicators of Compromise (IoC)
cd threat-netIf this is the first time you are running:
python3 -m venv env
pip install -r requirements.txtOtherwise activate the environment via:
source env/bin/activateFor dev use:
export FLASK_ENV=developmentYou may also need to set the app launch file:
export FLASK_APP=run.pyTo run the backend:
flask runYou need to install all required npm packages:
cd threat-net/app/static
npm installTo use Webpack's automatic js reloading with Babel:
cd threat-net/app/static
webpack --watchFirst, install the appropriate MongoDB Community Server. The code block below is copied from their website when I tried to install it, but might've changed since then.
wget -qO - https://www.mongodb.org/static/pgp/server-4.2.asc | sudo apt-key add -
echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.2.list
sudo apt-get update
sudo apt-get install -y mongodb-orgTo start the mongo service:
sudo systemctl start mongod
sudo systemctl status mongodThen, create the directory where the db will be stored:
sudo mkdir -p /data/dbIf you want to see the current contents of the graph db:
mongo
use graph_db
db.graph_collection.find().pretty()cd threat-netIf you have not set up a virtual environment, you may need to do:
python3 -m venv envOtherwise actiate the env via:
env\Scripts\activate.batIf this is the first time you are running:
$ pip install -r requirements.txtFor dev use:
set FLASK_ENV=developmentYou may also need to set the app launch file:
set FLASK_APP=run.pyTo run the backend:
flask runYou need to install all required npm packages:
cd threat-net\app\static
npm installTo use Webpack's automatic js reloading with Babel:
cd threat-net\app\static
webpack --watchFirst, install the appropriate MongoDB Community Server You do not need to install it as a service. Create a folder to store the DB data
cd C:\
md "\data\db"Now run mongodb (change --dbpath if you made a folder in a different location)
"C:\Program Files\MongoDB\Server\4.2\bin\mongod.exe" --dbpath="c:\data\db"- pass a variable through Jinja via render_template
- call the flask api from a linked js file
- call the flask function from within html via src="{{ url_for('home.dummyAPI') }}"
Number 3 is my personal choice for this project, and I've embedded it in an iframe to highlight it
IMPORTANT: Before attempting to run on AWS, follow the instructions for running locally and ensure it works. This will get all the dependencies needed for the program.
The current configuration is ready to be deployed on AWS elastic beanstalk. Follow these steps to deploy on AWS:
-
In
threat-net/Dockerfile, uncomment the 2 lines under the "# For AWS Docker configuration", and comment out the line under "# For Local Docker Configuration" -
In
app/models/DocumentDB.py, comment out the graph_db declaration for a local database and uncomment the graph_db declaration for the DocumentDB -
If this is a new deployment with a new Documentdb, change the graph_db declaration to be for the desired database.
- The argument needed for the MongoClient constructor can be found by going to your DocumentDB cluster page, under "Connectivity and security", under "Connect to this cluster with an application".
-
Create a new Elastic Beanstalk application
-
Create a new Environment:
- Select "Preconfigured Platform" and the "Preconfigured - Docker" Python option
- Select "Upload your code" under the "Application Code" Section
- Run "zip -r threat-net.zip threat-net" in the directory of this README to create a zip file of the code, then upload threat-net.zip under the "Upload Your Code" Section
- Select "Create the Environment" and wait for the application to start up