Skip to content
/ eravo Public

Eravo is an advanced platform that accelerates incident response by swiftly assessing the maliciousness of files, URLs, or IP addresses, ensuring rapid and informed decisions during security incidents.

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

aropjoe/eravo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
cmd
cmd
 
 
eravo
eravo
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Eravo

Eravo is a powerful Django application designed to streamline incident response in the realm of cybersecurity. With a focus on providing real-time insights, it empowers security professionals to swiftly assess the maliciousness of files, URLs, and IP addresses during security incidents.

It facilitates the creation of incident records, enables the submission of potentially harmful items for analysis, and delivers comprehensive analysis results from diverse security data sources. By offering a centralized platform for incident management and threat evaluation, Eravo enhances the efficiency and effectiveness of incident response workflows, enabling proactive defense against emerging cybersecurity threats.

Table of Contents

Features

  • Display trends in malware detection based on VirusTotal scans.
  • Show commonly targeted industries with threat statistics.
  • Visualize geographic origins of threats.
  • Integrate with VirusTotal API for real-time data retrieval.
  • Provide a user-friendly dashboard for easy data exploration.
  • Create incident records with descriptions and status.
  • Submit files, URLs, or IP addresses for analysis during security incidents.
  • Retrieve insights and analysis results from multiple security data sources.
  • View incident details, including submitted malicious items and their analysis results.
  • Perform quick searches for IOCs such as files, URLs, or IP addresses in VirusTotal's database.
  • View search results and insights obtained from VirusTotal's scans.
  • Maintain a record of past IOC search queries for historical reference.

Getting Started

Prerequisites

  • Python (>= 3.6)
  • Django (>= 3.0)

Installation

  1. Clone the repository:

    git clone https://github.com/AropJoe/eravo.git
cd eravo

  2. Install the project dependencies:

    pip install -r requirements.txt

Configuration

  1. Obtain a VirusTotal API key by signing up on the VirusTotal website.

  2. Create a .env file in the project root and add your API key:

    VIRUSTOTAL_API_KEY=your_virustotal_api_key

Usage

  1. Run the Django development server:

    python manage.py runserver

  2. Access the Eravo dashboard by opening your web browser and navigating to http://127.0.0.1:8000/dashboard/.

  3. Populate scan results by visiting http://127.0.0.1:8000/populate-scan-results/ and providing the SHA256 hash of the file to fetch data for.

Contributing

Contributions are welcome! If you'd like to contribute to Eravo, please follow these steps:

  1. Fork the repository.
  2. Create a new branch for your feature or bug fix.
  3. Make your changes and write tests if necessary.
  4. Test your changes thoroughly.
  5. Create a pull request to the main repository's main branch.

License

This project is licensed under the MIT License.

About

Eravo is an advanced platform that accelerates incident response by swiftly assessing the maliciousness of files, URLs, or IP addresses, ensuring rapid and informed decisions during security incidents.

Topics

incident-response cybersecurity infosec virus-scanning reporting-tool

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages