Spaces:

Domify
/

Infograph

Running

App Files Files Community

Domify commited on Mar 29

Commit

7831b98

verified ·

1 Parent(s): 78719d1

Create app.py

Browse files

Files changed (1) hide show

app.py +582 -0

app.py ADDED Viewed

	@@ -0,0 +1,582 @@

+import os
+import io
+import json
+import datetime
+import hashlib
+import asyncio
+import base64
+from collections import defaultdict
+from fastapi import FastAPI, HTTPException, UploadFile, File, Form
+from fastapi.middleware.cors import CORSMiddleware
+from fastapi.responses import JSONResponse, FileResponse
+from pydantic import BaseModel
+from google.oauth2.service_account import Credentials
+from googleapiclient.discovery import build
+from googleapiclient.http import MediaIoBaseUpload
+import httpx
+import qrcode
+from PIL import Image
+app = FastAPI()
+# CORS
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=["https://domify-academy.free.nf", "http://localhost:3000"],
+    allow_methods=["*"],
+    allow_headers=["*"],
+)
+# ==================== SECURE KEYS ====================
+VT_API_KEY = os.getenv("VT_API_KEY")
+if not VT_API_KEY:
+    print("⚠️ WARNING: VT_API_KEY not set!")
+# Google Services
+SHEET_ID = os.getenv("GOOGLE_SHEET_ID")
+DRIVE_FOLDER_ID = os.getenv("GOOGLE_DRIVE_FOLDER_ID")
+SERVICE_ACCOUNT_INFO = json.loads(os.getenv("GOOGLE_SERVICE_ACCOUNT_JSON", "{}"))
+# Rate Limiting (15 seconds between scans)
+rate_limit_cache = defaultdict(float)
+RATE_LIMIT_SECONDS = 15
+def check_rate_limit(ip: str):
+    """Check if user has exceeded rate limit"""
+    now = datetime.datetime.now().timestamp()
+    last_scan = rate_limit_cache.get(ip, 0)
+    if now - last_scan < RATE_LIMIT_SECONDS:
+        wait_time = int(RATE_LIMIT_SECONDS - (now - last_scan))
+        return False, wait_time
+    rate_limit_cache[ip] = now
+    return True, 0
+def get_services():
+    if not SERVICE_ACCOUNT_INFO:
+        return None, None
+    creds = Credentials.from_service_account_info(
+        SERVICE_ACCOUNT_INFO,
+        scopes=[
+            "https://www.googleapis.com/auth/drive.file",
+            "https://www.googleapis.com/auth/spreadsheets"
+        ]
+    )
+    drive = build("drive", "v3", credentials=creds)
+    sheets = build("sheets", "v4", credentials=creds)
+    return drive, sheets
+class ScanRequest(BaseModel):
+    target: str
+    type: str
+# ==================== URL SCAN ====================
+@app.post("/api/scan/url")
+async def scan_url(request: ScanRequest, client_ip: str = None):
+    if not VT_API_KEY:
+        return {"status": "error", "message": "API key not configured"}
+    # Rate limiting
+    can_scan, wait_time = check_rate_limit(client_ip or "unknown")
+    if not can_scan:
+        return {"status": "rate_limited", "message": f"Please wait {wait_time} seconds before scanning again"}
+    try:
+        async with httpx.AsyncClient() as client:
+            # Submit URL
+            submit_res = await client.post(
+                "https://www.virustotal.com/api/v3/urls",
+                headers={"x-apikey": VT_API_KEY},
+                data={"url": request.target}
+            )
+            if submit_res.status_code != 200:
+                return {"status": "error", "message": "Submission failed"}
+            submit_data = submit_res.json()
+            scan_id = submit_data.get("data", {}).get("id")
+            # Wait for analysis (longer for better results)
+            await asyncio.sleep(8)
+            # Get results
+            analysis_res = await client.get(
+                f"https://www.virustotal.com/api/v3/analyses/{scan_id}",
+                headers={"x-apikey": VT_API_KEY}
+            )
+            analysis = analysis_res.json()
+            stats = analysis.get("data", {}).get("attributes", {}).get("stats", {})
+            # Get detailed results
+            detailed = analysis.get("data", {}).get("attributes", {}).get("results", {})
+            top_threats = []
+            for engine, result in detailed.items():
+                if result.get("category") in ["malicious", "suspicious"]:
+                    top_threats.append({
+                        "engine": engine,
+                        "category": result.get("category"),
+                        "result": result.get("result", "Detected")
+                    })
+            await store_scan_result(request.target, "url", stats, scan_id)
+            # Generate report
+            report = generate_report(request.target, "url", stats, top_threats[:5])
+            report_id = await save_report_to_drive(report, request.target, "url")
+            return {
+                "status": "success",
+                "scan_id": scan_id,
+                "results": {
+                    "malicious": stats.get("malicious", 0),
+                    "suspicious": stats.get("suspicious", 0),
+                    "undetected": stats.get("undetected", 0),
+                    "harmless": stats.get("harmless", 0),
+                    "timeout": stats.get("timeout", 0)
+                },
+                "top_threats": top_threats[:5],
+                "report_id": report_id,
+                "scan_time": "~8 seconds"
+            }
+    except Exception as e:
+        return {"status": "error", "message": str(e)}
+# ==================== IP SCAN ====================
+@app.post("/api/scan/ip")
+async def scan_ip(request: ScanRequest, client_ip: str = None):
+    if not VT_API_KEY:
+        return {"status": "error", "message": "API key not configured"}
+    can_scan, wait_time = check_rate_limit(client_ip or "unknown")
+    if not can_scan:
+        return {"status": "rate_limited", "message": f"Please wait {wait_time} seconds"}
+    try:
+        async with httpx.AsyncClient() as client:
+            response = await client.get(
+                f"https://www.virustotal.com/api/v3/ip_addresses/{request.target}",
+                headers={"x-apikey": VT_API_KEY}
+            )
+            if response.status_code != 200:
+                return {"status": "error", "message": "IP not found"}
+            data = response.json()
+            attributes = data.get("data", {}).get("attributes", {})
+            stats = attributes.get("last_analysis_stats", {})
+            # Get recent communication
+            communications = []
+            for comm in attributes.get("last_https_certificate", {}).get("subject", {}).items():
+                communications.append(f"{comm[0]}: {comm[1]}")
+            await store_scan_result(request.target, "ip", stats)
+            # Generate report
+            report = generate_report(request.target, "ip", stats)
+            report_id = await save_report_to_drive(report, request.target, "ip")
+            return {
+                "status": "success",
+                "results": {
+                    "malicious": stats.get("malicious", 0),
+                    "suspicious": stats.get("suspicious", 0),
+                    "undetected": stats.get("undetected", 0),
+                    "harmless": stats.get("harmless", 0),
+                    "country": attributes.get("country", "Unknown"),
+                    "network": attributes.get("network", "Unknown"),
+                    "as_owner": attributes.get("as_owner", "Unknown")
+                },
+                "communications": communications[:5],
+                "report_id": report_id
+            }
+    except Exception as e:
+        return {"status": "error", "message": str(e)}
+# ==================== DOMAIN SCAN ====================
+@app.post("/api/scan/domain")
+async def scan_domain(request: ScanRequest, client_ip: str = None):
+    if not VT_API_KEY:
+        return {"status": "error", "message": "API key not configured"}
+    can_scan, wait_time = check_rate_limit(client_ip or "unknown")
+    if not can_scan:
+        return {"status": "rate_limited", "message": f"Please wait {wait_time} seconds"}
+    try:
+        async with httpx.AsyncClient() as client:
+            response = await client.get(
+                f"https://www.virustotal.com/api/v3/domains/{request.target}",
+                headers={"x-apikey": VT_API_KEY}
+            )
+            if response.status_code != 200:
+                return {"status": "error", "message": "Domain not found"}
+            data = response.json()
+            attributes = data.get("data", {}).get("attributes", {})
+            stats = attributes.get("last_analysis_stats", {})
+            await store_scan_result(request.target, "domain", stats)
+            report = generate_report(request.target, "domain", stats)
+            report_id = await save_report_to_drive(report, request.target, "domain")
+            return {
+                "status": "success",
+                "results": {
+                    "malicious": stats.get("malicious", 0),
+                    "suspicious": stats.get("suspicious", 0),
+                    "undetected": stats.get("undetected", 0),
+                    "harmless": stats.get("harmless", 0),
+                    "creation_date": attributes.get("creation_date", "Unknown"),
+                    "registrar": attributes.get("registrar", "Unknown"),
+                    "whois": attributes.get("whois", "Not available")[:200]
+                },
+                "report_id": report_id
+            }
+    except Exception as e:
+        return {"status": "error", "message": str(e)}
+# ==================== FILE SCAN ====================
+@app.post("/api/scan/file")
+async def scan_file(file: UploadFile = File(...), client_ip: str = None):
+    if not VT_API_KEY:
+        return {"status": "error", "message": "API key not configured"}
+    can_scan, wait_time = check_rate_limit(client_ip or "unknown")
+    if not can_scan:
+        return {"status": "rate_limited", "message": f"Please wait {wait_time} seconds"}
+    try:
+        # Read file content
+        content = await file.read()
+        file_size = len(content)
+        if file_size > 32 * 1024 * 1024:  # 32MB limit
+            return {"status": "error", "message": "File too large (max 32MB)"}
+        # Calculate hash
+        sha256_hash = hashlib.sha256(content).hexdigest()
+        async with httpx.AsyncClient() as client:
+            # First check if file already analyzed
+            file_check = await client.get(
+                f"https://www.virustotal.com/api/v3/files/{sha256_hash}",
+                headers={"x-apikey": VT_API_KEY}
+            )
+            if file_check.status_code == 200:
+                # File already in DB
+                file_data = file_check.json()
+                stats = file_data.get("data", {}).get("attributes", {}).get("last_analysis_stats", {})
+                return {
+                    "status": "success",
+                    "file_name": file.filename,
+                    "sha256": sha256_hash,
+                    "results": {
+                        "malicious": stats.get("malicious", 0),
+                        "suspicious": stats.get("suspicious", 0),
+                        "undetected": stats.get("undetected", 0),
+                        "harmless": stats.get("harmless", 0)
+                    },
+                    "message": "File already in VirusTotal database"
+                }
+            # Upload file for scanning
+            files = {"file": (file.filename, content, file.content_type)}
+            upload_res = await client.post(
+                "https://www.virustotal.com/api/v3/files",
+                headers={"x-apikey": VT_API_KEY},
+                files=files
+            )
+            if upload_res.status_code != 200:
+                return {"status": "error", "message": "Upload failed"}
+            upload_data = upload_res.json()
+            scan_id = upload_data.get("data", {}).get("id")
+            # Wait for analysis (longer for files)
+            await asyncio.sleep(15)
+            # Get results
+            analysis_res = await client.get(
+                f"https://www.virustotal.com/api/v3/analyses/{scan_id}",
+                headers={"x-apikey": VT_API_KEY}
+            )
+            analysis = analysis_res.json()
+            stats = analysis.get("data", {}).get("attributes", {}).get("stats", {})
+            await store_scan_result(file.filename, "file", stats, sha256_hash)
+            report = generate_report(file.filename, "file", stats)
+            report_id = await save_report_to_drive(report, file.filename, "file")
+            return {
+                "status": "success",
+                "file_name": file.filename,
+                "sha256": sha256_hash,
+                "results": {
+                    "malicious": stats.get("malicious", 0),
+                    "suspicious": stats.get("suspicious", 0),
+                    "undetected": stats.get("undetected", 0),
+                    "harmless": stats.get("harmless", 0)
+                },
+                "report_id": report_id,
+                "scan_time": "~15 seconds"
+            }
+    except Exception as e:
+        return {"status": "error", "message": str(e)}
+# ==================== BATCH SCAN ====================
+class BatchRequest(BaseModel):
+    targets: list[str]
+    type: str
+@app.post("/api/scan/batch")
+async def batch_scan(request: BatchRequest, client_ip: str = None):
+    if len(request.targets) > 10:
+        return {"status": "error", "message": "Max 10 targets per batch"}
+    results = []
+    for target in request.targets:
+        # Simulate batch scanning
+        results.append({
+            "target": target,
+            "status": "queued",
+            "message": "Scan initiated"
+        })
+    return {
+        "status": "success",
+        "batch_id": hashlib.md5(str(datetime.datetime.now()).encode()).hexdigest()[:8],
+        "total": len(request.targets),
+        "results": results
+    }
+# ==================== REAL-TIME ALERTS ====================
+# Store alert subscriptions (in memory, can be moved to DB)
+alert_subscriptions = {}
+class AlertSubscription(BaseModel):
+    email: str
+    threshold: int = 1  # Alert if malicious > threshold
+    webhook: str = None
+@app.post("/api/subscribe")
+async def subscribe_alerts(subscription: AlertSubscription):
+    alert_subscriptions[subscription.email] = {
+        "threshold": subscription.threshold,
+        "webhook": subscription.webhook,
+        "created": datetime.datetime.now().isoformat()
+    }
+    return {"status": "success", "message": "Subscribed to threat alerts"}
+async def send_alert(email: str, target: str, threat_level: int, results: dict):
+    """Send alert when threat detected"""
+    if email in alert_subscriptions:
+        if threat_level >= alert_subscriptions[email]["threshold"]:
+            # In production, send email via SendGrid or webhook
+            print(f"🔴 ALERT: {email} - {target} detected {threat_level} threats")
+            # Store alert in sheet
+            await store_alert(email, target, threat_level, results)
+# ==================== REPORT GENERATION ====================
+def generate_report(target, scan_type, stats, threats=None):
+    """Generate detailed threat report"""
+    now = datetime.datetime.now()
+    report = f"""
+========================================
+        DOMIFY THREAT REPORT
+========================================
+Generated: {now.strftime('%Y-%m-%d %H:%M:%S')}
+Report ID: {hashlib.md5(f"{target}{now}".encode()).hexdigest()[:8]}
+TARGET INFORMATION
+------------------
+Type: {scan_type.upper()}
+Target: {target}
+Scan Source: VirusTotal API
+THREAT ANALYSIS
+---------------
+Malicious:   {stats.get('malicious', 0)} vendors
+Suspicious:  {stats.get('suspicious', 0)} vendors
+Harmless:    {stats.get('harmless', 0)} vendors
+Undetected:  {stats.get('undetected', 0)} vendors
+Timeout:     {stats.get('timeout', 0)} vendors
+VERDICT
+-------
+"""
+    malicious = stats.get('malicious', 0)
+    if malicious > 5:
+        report += "CRITICAL: High threat level detected!\n"
+    elif malicious > 0:
+        report += "WARNING: Malicious activity detected!\n"
+    elif stats.get('suspicious', 0) > 0:
+        report += "CAUTION: Suspicious activity detected\n"
+    else:
+        report += "CLEAR: No threats detected\n"
+    if threats:
+        report += "\nTOP THREATS\n-----------\n"
+        for threat in threats[:5]:
+            report += f"• {threat.get('engine')}: {threat.get('category')} - {threat.get('result')}\n"
+    report += f"""
+========================================
+Generated by Domify Threat Intelligence
+Powered by VirusTotal
+========================================
+"""
+    return report
+async def save_report_to_drive(report, target, scan_type):
+    """Save report to Google Drive"""
+    try:
+        drive, _ = get_services()
+        if not drive:
+            return None
+        now = datetime.datetime.now()
+        report_id = hashlib.md5(f"{target}{now}".encode()).hexdigest()[:8]
+        file_name = f"threat_report_{scan_type}_{report_id}.txt"
+        file = drive.files().create(
+            body={'name': file_name, 'parents': [DRIVE_FOLDER_ID]},
+            media_body=io.BytesIO(report.encode()),
+            fields='id,webViewLink'
+        ).execute()
+        return file.get('id')
+    except Exception as e:
+        print(f"Report save failed: {e}")
+        return None
+# ==================== STORE FUNCTIONS ====================
+async def store_scan_result(target, scan_type, stats, scan_id=None):
+    try:
+        _, sheets = get_services()
+        if not sheets:
+            return
+        now = datetime.datetime.now().isoformat()
+        values = [[
+            now,
+            target,
+            scan_type,
+            stats.get("malicious", 0),
+            stats.get("suspicious", 0),
+            stats.get("undetected", 0),
+            stats.get("harmless", 0),
+            scan_id or ""
+        ]]
+        sheets.spreadsheets().values().append(
+            spreadsheetId=SHEET_ID,
+            range="ScanHistory!A:H",
+            valueInputOption="USER_ENTERED",
+            body={"values": values}
+        ).execute()
+    except Exception as e:
+        print(f"Store failed: {e}")
+async def store_alert(email, target, threat_level, results):
+    try:
+        _, sheets = get_services()
+        if not sheets:
+            return
+        now = datetime.datetime.now().isoformat()
+        values = [[
+            now,
+            email,
+            target,
+            threat_level,
+            json.dumps(results)
+        ]]
+        sheets.spreadsheets().values().append(
+            spreadsheetId=SHEET_ID,
+            range="Alerts!A:E",
+            valueInputOption="USER_ENTERED",
+            body={"values": values}
+        ).execute()
+    except Exception as e:
+        print(f"Alert store failed: {e}")
+# ==================== HISTORY & HEALTH ====================
+@app.get("/api/history")
+async def get_history(limit: int = 10):
+    try:
+        _, sheets = get_services()
+        if not sheets:
+            return {"status": "error", "message": "Sheets not configured"}
+        result = sheets.spreadsheets().values().get(
+            spreadsheetId=SHEET_ID,
+            range="ScanHistory!A:H"
+        ).execute()
+        rows = result.get("values", [])
+        history = []
+        for row in rows[1:limit+1]:
+            if len(row) >= 5:
+                history.append({
+                    "date": row[0],
+                    "target": row[1],
+                    "type": row[2],
+                    "malicious": int(row[3]) if row[3] else 0,
+                    "suspicious": int(row[4]) if row[4] else 0
+                })
+        return {"status": "success", "history": history}
+    except Exception as e:
+        return {"status": "error", "message": str(e)}
+@app.get("/api/report/{report_id}")
+async def get_report(report_id: str):
+    try:
+        drive, _ = get_services()
+        if not drive:
+            return {"status": "error", "message": "Drive not configured"}
+        # Search for report
+        results = drive.files().list(
+            q=f"name contains '{report_id}'",
+            fields="files(id, name, webViewLink)"
+        ).execute()
+        files = results.get('files', [])
+        if files:
+            return {
+                "status": "success",
+                "file_id": files[0]['id'],
+                "file_name": files[0]['name'],
+                "file_url": files[0]['webViewLink']
+            }
+        return {"status": "error", "message": "Report not found"}
+    except Exception as e:
+        return {"status": "error", "message": str(e)}
+@app.get("/health")
+async def health():
+    return {"status": "ok", "rate_limit_seconds": RATE_LIMIT_SECONDS}
+if __name__ == "__main__":
+    import uvicorn
+    uvicorn.run(app, host="0.0.0.0", port=7860)