Skip to content

NtsikaTech/Integrity-Monitoring-FIM-system

BranchesTags

Repository files navigation

FileSentinel

A modern File Integrity Monitoring (FIM) system with Python Flask backend and recruiter-friendly frontend.

Python Flask JavaScript HTML5 CSS3

🚀 Features

  • 🛡️ Integrity Monitoring – Tracks unauthorized changes, deletions, or additions in monitored files and directories
  • 📋 Baseline Hashing – Uses SHA-256 to verify file integrity against trusted snapshots
  • 🚨 Alerts & Logs – Generates alerts when integrity violations are detected
  • ⚙️ File Management – Add or remove files and directories for monitoring via dashboard
  • 🔐 Authentication – Secure login portal with session management

🛡️ Threat Detection & SOC Context

What threat does this detect?

FileSentinel detects unauthorized file system changes that may indicate:

  • Malware persistence
  • Web server compromise
  • Insider threats
  • Privilege abuse
  • Post-exploitation activity

This directly supports detection of integrity violations within the CIA Triad.

What attack would this catch?

This system can detect attacks such as:

  • Web shells added to web server directories
  • Malicious modification of configuration files
  • Backdoor scripts inserted after initial compromise
  • Attackers tampering with logs to hide activity
  • Ransomware modifying or deleting critical system files

These actions commonly occur after initial access, during attacker persistence or defense evasion phases.

How would this be used in a SOC?

In a real SOC environment, FileSentinel would:

  • Continuously monitor critical system and application directories
  • Generate alerts when file integrity baselines are violated
  • Feed alerts into a SIEM for correlation with:
    • Authentication logs
    • Network traffic
    • Endpoint activity
  • Enable analysts to quickly:
    • Identify compromised hosts
    • Confirm post-exploitation activity
    • Escalate incidents for containment and remediation
  • Support compliance and audit requirements by maintaining integrity logs

This tool mirrors the core functionality of enterprise FIM solutions used in SOC operations.

📋 Prerequisites

Before running this application, make sure you have:

  1. Python (v3.10 or higher) - Download Python

    • ⚠️ During Python installation, check "Add Python to PATH"

  2. Git (optional) - for cloning the repository - Download Git

🛠️ Installation

Option 1: Quick Start (Windows)

  1. Double-click start-all.bat to launch backend and frontend automatically (if included)

Option 2: Manual Setup

Backend (Python Flask):

cd backend
pip install -r requirements.txt
python app.py

About

FileSentinel is a Python-based File Integrity Monitoring tool that tracks changes to files and directories, ensuring data integrity through cryptographic hashing and alerts for unauthorized modifications

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages