TinyCheck backend
The TinyCheck backend is accessible from the URL https://tinycheck.local. This backend allows you different things such as:
- Modifying the configuration (Enabling/Disabling the Kiosk mode, Virtual keyboard etc.);
- Disabling/Enabling the detection options (Indicators of Compromise, Heuristics etc.);
- Changing network configuration, changing the network interfaces, names of the access points;
- Importing/Exporting Indicators of Compromise;
- Importing/Exporting Whitelist elements;
As for the frontend, the backend is composed of a compiled VueJS application and a Flask application which is stored, once installed, under /usr/share/tinycheck/server/backend/. In that folder you can access to all the blueprints, classes and so on associated to the backend.
[WIP]
You can simply import IOCs or whitelisted elements by using the interface. You just have copy paste them, tag the elements and you can import them. Pro-tip: if you are adding different type of elements (such as domains, CIDRs and IP addresses) in a same bucket, you can use "Regex-parsing" and they will be automatically categorized as the video below shows.
🎥 Click here to see the mini video tutorial
If you have an export file, you can import it by using the import tab and click (or drop it) in the grey zone, as shown in the video below.
🎥 Click here to see the mini video tutorial
You can export the IOCs and the whitelisted elements in a file by simply clicking on the "Export" tab in the management view. This will grab all the IOCs/Elements to import them on another instance or publishing it on a Github repository to create a watcher URL.
🎥 Click here to see the mini video tutorial
You can search Indicators of Compromise and whitelisted elements by using the interface in order to know if they are present in the database and to delete them afterwards. The search field allows you to use wildcard search. The multiline research will be implemented in the near future.
🎥 Click here to see the mini video tutorial
If you have any timeout or something goes wrong and you don't know why. You can debug the TinyCheck backend by:
- Enable the debug mode of the Flask application by editing the
main.pyfile and addingdebug=Trueas an argument afterport=80(lines 48 and 50). - Stopping the service of TinyCheck frontend by typing in a terminal
sudo service tinycheck-backend stop. - Starting Tinycheck manually from the command line
sudo python3 /usr/share/tinycheck/server/backend/main.py. - Accessing to the interface with the developper mode of a web browser (press
F12) to see to see the network requests/JS exceptions.
Thanks to that, you can have an eye on possible exceptions occurred from the JavaScript console of the developer tools or the Python application in the terminal.
As the VueJS code is compiled, you can't update it directly from the /usr/share/tinycheck/server/backend/app/assets/ folder. If you want to patch the JavaScript code, you need to go to the /usr/share/tinycheck/app/backend/ folder and type, after your changes, npm run build. This command is going to compile the JavaScript code and send it automatically to the /usr/share/tinycheck/server/backend/app/assets/ folder.
Most of the JavaScript code used for the frontend is stored under /usr/share/tinycheck/app/backend/src/views/ as all of the app rely on views files which contain HTML/JS code.