| title: Murshid - مُرشِد | |
| emoji: 🛡️ | |
| colorFrom: blue | |
| colorTo: indigo | |
| sdk: docker | |
| pinned: false | |
| license: mit | |
| # 🛡️ Murshid | مُرشِد | |
| **From Alerts to Guidance: MITRE ATT&CK-Aligned Techniques Mapping for SOC Analysts** | |
| REST API + Dashboard for analyzing Wazuh IDS rules and mapping them to MITRE ATT&CK techniques. | |
| ## Features | |
| - **Rule Analysis**: Parse Wazuh XML rules and classify MITRE ATT&CK techniques | |
| - **WQL Queries**: Get pre-built Wazuh Query Language templates per technique | |
| - **Dashboard**: Interactive web UI with statistics and DB viewer | |
| - **ML Pipeline**: Logistic Regression with SecureBERT+ embeddings | |
| ## Tech Stack | |
| - **FastAPI** — REST API | |
| - **SQLite** — Database | |
| - **Logistic Regression** — Primary classification model | |
| - **SecureBERT+** — Text embeddings (optional, requires torch) | |
| ## API Endpoints | |
| | Method | URL | Description | | |
| |--------|-----|-------------| | |
| | `GET` | `/health` | System health check | | |
| | `POST` | `/rules/analyze` | Analyze a Wazuh XML rule | | |
| | `GET` | `/results/{rule_id}` | Get stored results for a rule | | |
| | `GET` | `/queries/{technique_id}` | Get WQL templates for a technique | | |
| | `GET` | `/docs` | Interactive Swagger documentation | | |