Spaces:
Running
Running
Commit
·
9fde97a
1
Parent(s):
5c68a57
Update README.md
Browse files
README.md
CHANGED
|
@@ -1,2 +1,81 @@
|
|
| 1 |
-
#
|
| 2 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
# 🔐 SHADOWLOG
|
| 2 |
+
**Because attacks hide… but your logs don’t.**
|
| 3 |
+
*A Streamlit-Powered Cyber Threat Illuminator*
|
| 4 |
+
|
| 5 |
+
## 🕵️♂️ **Unmask the Invisible**
|
| 6 |
+
ShadowLog transforms raw logs into a battlefield map against cyber threats. Designed for SOC teams, IT admins, and security hunters, it exposes hidden attack patterns before they escalate.
|
| 7 |
+
|
| 8 |
+
```ascii
|
| 9 |
+
███████╗██╗ ██╗ █████╗ ██████╗ ██████╗ ██╗ ██╗██╗ ██████╗ ██████╗
|
| 10 |
+
██╔════╝██║ ██║██╔══██╗██╔══██╗██╔═══██╗██║ ██║██║ ██╔═══██╗██╔════╝
|
| 11 |
+
███████╗███████║███████║██║ ██║██║ ██║██║ █╗ ██║██║ ██║ ██║██║ ███╗
|
| 12 |
+
╚════██║██╔══██║██╔══██║██║ ██║██║ ██║██║███╗██║██║ ██║ ██║██║ ██║
|
| 13 |
+
███████║██║ ██║██║ ██║██████╔╝╚██████╔╝╚███╔███╔╝███████╗╚██████╔╝╚██████╔╝
|
| 14 |
+
╚══════╝╚═╝ ╚═╝╚═╝ ╚═╝╚═════╝ ╚═════╝ ╚══╝╚══╝ ╚══════╝ ╚═════╝ ╚═════╝
|
| 15 |
+
```
|
| 16 |
+
|
| 17 |
+
---
|
| 18 |
+
|
| 19 |
+
## 🚀 **Key Features**
|
| 20 |
+
- 🔍 **Deep-Log Illumination** : Visualize log patterns across servers, firewalls, and endpoints.
|
| 21 |
+
- ⚡ **Real-Time Threat Scoring** : AI-powered anomaly detection with severity alerts.
|
| 22 |
+
- 🎯 **Attack Timeline Reconstruction** : Map multi-stage breaches like a digital detective.
|
| 23 |
+
- 📊 **Custom Dashboards** : Build focused views for Zero-Day hunting, DDoS analysis, or insider threats.
|
| 24 |
+
- 🛡️ **One-Click MITRE ATT&CK Tagging** : Automatically classify threats using the industry framework.
|
| 25 |
+
|
| 26 |
+
---
|
| 27 |
+
|
| 28 |
+
## 🛠️ **Getting Started**
|
| 29 |
+
|
| 30 |
+
### Prerequisites
|
| 31 |
+
- Python 3.11+
|
| 32 |
+
- Streamlit
|
| 33 |
+
|
| 34 |
+
### Installation
|
| 35 |
+
```bash
|
| 36 |
+
git clone https://github.com/berangerthomas/shadowlog.git
|
| 37 |
+
cd shadowlog
|
| 38 |
+
pip install -r requirements.txt
|
| 39 |
+
```
|
| 40 |
+
|
| 41 |
+
### Launch the Hunter
|
| 42 |
+
```bash
|
| 43 |
+
streamlit run shadowlog.py
|
| 44 |
+
```
|
| 45 |
+
|
| 46 |
+
---
|
| 47 |
+
|
| 48 |
+
## 🖥️ **Usage Scenarios**
|
| 49 |
+
### 🗺️ Dashboard Overview
|
| 50 |
+
|
| 51 |
+
### 🔎 Threat Hunting
|
| 52 |
+
```python
|
| 53 |
+
# Sample custom query for suspicious SSH activity
|
| 54 |
+
|
| 55 |
+
```
|
| 56 |
+
|
| 57 |
+
### 🚨 Custom Alerts
|
| 58 |
+
```yaml
|
| 59 |
+
# Example alert rule (config/alerts.yml)
|
| 60 |
+
|
| 61 |
+
```
|
| 62 |
+
|
| 63 |
+
---
|
| 64 |
+
|
| 65 |
+
## 🤝 **Support & Contribution**
|
| 66 |
+
**Report a Ghost** : send us an email
|
| 67 |
+
**Contribute** : Open a GitHub Issue for feature requests or log parsers.
|
| 68 |
+
|
| 69 |
+
---
|
| 70 |
+
|
| 71 |
+
*“In the shadows, we hunt.”* 🕶️
|
| 72 |
+
```
|
| 73 |
+
|
| 74 |
+
---
|
| 75 |
+
|
| 76 |
+
### Notes :
|
| 77 |
+
- Personnalisez les liens/images (ex : `yourname`, liens vers dépôt réel).
|
| 78 |
+
- Ajoutez des captures d’écran réelles pour les sections visuelles.
|
| 79 |
+
- Adaptez les exemples de code/queries à votre implémentation réelle.
|
| 80 |
+
|
| 81 |
+
Un README qui marie professionnalisme et personnalité, comme l’esprit de ShadowLog 😉.
|