greysec/litterbox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

LitterBox v4.1.0

Browse Source
This commit is contained in:
BlackSnufkin
2025-09-02 07:36:52 -07:00
parent a40b354f68
commit 01df8eb099
13 changed files with 541 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CHANGELOG.md
+10 -1
View File
@@ -2,6 +2,16 @@
All notable changes to this project will be documented in this file.
## [v4.1.0] - 2025-09-01
### Added
- Docker deployment support for Linux hosts
- Automated Windows 10 container setup with LitterBox installation
- Web viewer and RDP access for containerized environments
- `--ip` parameter to specify custom host IP address
### Fixed
- Missing page title in doppelganger template
## [v4.0.0] - 2025-08-19
### Added
@@ -14,7 +24,6 @@ All notable changes to this project will be documented in this file.
- Collapsible sidebar with smooth animations and state persistence
- Enhanced Python client library with HolyGrail analysis support and comprehensive API coverage
- Comprehensive LNK files parser library
- `--ip` parameter to specify custom host IP address
### Changed
- Extended binary detection to support Go and Rust runtime analysis
Config/config.yaml
+1 -1
View File
@@ -4,7 +4,7 @@ application:
host: "127.0.0.1"
port: 1337
debug: false
version: "4.0.0"
version: "4.1.0"
utils:
allowed_extensions:
Docker/docker-compose.yml
+28
View File
@@ -0,0 +1,28 @@
services:
litterbox-windows:
image: dockurr/windows
container_name: litterbox-windows
environment:
VERSION: "10"
RAM_SIZE: "8G"
CPU_CORES: "4"
DISK_SIZE: "75G"
USERNAME: "litterbox"
PASSWORD: "sandbox123"
devices:
- /dev/kvm
- /dev/net/tun
cap_add:
- NET_ADMIN
ports:
- 8006:8006
- 3389:3389/tcp
- 3389:3389/udp
- 1337:1337
- 8080:8080
volumes:
- ./windows:/storage
- ./oem:/oem
- ./share:/data
restart: always
stop_grace_period: 2m
Docker/install.ps1
+398
View File
@@ -0,0 +1,398 @@
#Requires -RunAsAdministrator
# LitterBox Malware Analysis Platform - Automated Setup
# Automated installation and configuration script for LitterBox isolated malware analysis environment
# Configuration
$Script:Config = @{
InstallDir = "C:\LitterBox"
RepoUrl = "https://github.com/BlackSnufkin/LitterBox.git"
DebloatRepoUrl = "https://github.com/W4RH4WK/Debloat-Windows-10.git"
DebloatPath = "C:\Debloat-Windows-10"
WebPort = 1337
MCPPort = 8080
LogFile = "$env:TEMP\LitterBox-Setup.log"
}
# Logging functions
function Write-Log {
param([string]$Message, [string]$Level = "INFO")
$Timestamp = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
$LogEntry = "[$Timestamp] [$Level] $Message"
Add-Content -Path $Script:Config.LogFile -Value $LogEntry
switch ($Level) {
"SUCCESS" { Write-Host "[+] $Message" -ForegroundColor Green }
"WARNING" { Write-Host "[!] $Message" -ForegroundColor Yellow }
"ERROR" { Write-Host "[-] $Message" -ForegroundColor Red }
default { Write-Host "[*] $Message" -ForegroundColor Cyan }
}
}
function Test-Administrator {
$CurrentUser = [Security.Principal.WindowsIdentity]::GetCurrent()
$Principal = New-Object Security.Principal.WindowsPrincipal($CurrentUser)
return $Principal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
}
function Initialize-Environment {
Write-Log "Initializing LitterBox setup environment" "SUCCESS"
if (-not (Test-Administrator)) {
Write-Log "Script must be run as Administrator" "ERROR"
exit 1
}
# Set execution policy
try {
Set-ExecutionPolicy Bypass -Scope Process -Force -ErrorAction Stop
Write-Log "Execution policy configured"
}
catch {
Write-Log "Failed to set execution policy: $($_.Exception.Message)" "ERROR"
exit 1
}
# Create installation directory
if (-not (Test-Path $Script:Config.InstallDir)) {
New-Item -ItemType Directory -Path $Script:Config.InstallDir -Force | Out-Null
Write-Log "Created installation directory: $($Script:Config.InstallDir)"
}
}
function Set-DefenderExclusions {
Write-Log "Configuring Windows Defender exclusions"
try {
Add-MpPreference -ExclusionPath $Script:Config.InstallDir -ErrorAction Stop
Write-Log "Windows Defender exclusions applied for: $($Script:Config.InstallDir)" "SUCCESS"
Set-MpPreference -SubmitSamplesConsent 2 -ErrorAction SilentlyContinue
Set-MpPreference -MAPSReporting 0 -ErrorAction SilentlyContinue
Write-Log "Windows Defender sample submission disabled" "SUCCESS"
}
catch {
Write-Log "Failed to configure Defender exclusions: $($_.Exception.Message)" "WARNING"
Write-Log "Malware samples may be quarantined during analysis" "WARNING"
}
}
function Install-Prerequisites {
Write-Log "Installing system prerequisites"
# Install .NET Framework 3.5
Write-Log "Installing .NET Framework 3.5..."
try {
dism /online /enable-feature /featurename:NetFx3 /all /norestart /quiet 2>&1 | Out-Null
if ($LASTEXITCODE -eq 0) {
Write-Log ".NET Framework 3.5 installed successfully" "SUCCESS"
}
else {
Write-Log ".NET Framework 3.5 installation failed (Exit code: $LASTEXITCODE)" "WARNING"
}
}
catch {
Write-Log "Error installing .NET Framework 3.5: $($_.Exception.Message)" "WARNING"
}
}
function Install-Chocolatey {
Write-Log "Installing Chocolatey package manager"
try {
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1')) 2>&1 | Out-Null
# Refresh environment variables
$env:Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") + ";" + [System.Environment]::GetEnvironmentVariable("Path", "User")
Write-Log "Chocolatey installed successfully" "SUCCESS"
}
catch {
Write-Log "Failed to install Chocolatey: $($_.Exception.Message)" "ERROR"
throw
}
}
function Install-Dependencies {
Write-Log "Installing core dependencies via Chocolatey"
# Install core packages
Write-Log "Installing Python, Git, and dependencies..."
choco install -y python3 git 7zip vcredist-all --no-progress 2>&1 | Out-Null
# Install build tools (commented sections from original)
Write-Log "Installing Visual C++ and build tools..."
choco install dotnetfx -y --no-progress --ignore-package-exit-codes --force 2>&1 | Out-Null
choco install visualstudio2022buildtools -y --no-progress --force 2>&1 | Out-Null
choco install visualstudio2022-workload-vctools -y --no-progress --force 2>&1 | Out-Null
choco install windows-sdk-10-version-2004-all -y --no-progress --force 2>&1 | Out-Null
# Wait for installations
Start-Sleep -Seconds 30
# Refresh PATH
$env:Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") + ";" + [System.Environment]::GetEnvironmentVariable("Path", "User")
Write-Log "Dependencies installation completed" "SUCCESS"
}
function Clone-DebloatRepo {
Write-Log "Cloning W4RH4WK Debloat-Windows-10 repository"
# Remove existing repo if present
if (Test-Path $Script:Config.DebloatPath) {
Remove-Item $Script:Config.DebloatPath -Recurse -Force
Write-Log "Removed existing debloat repository"
}
Set-Location C:\
try {
git clone $Script:Config.DebloatRepoUrl 2>&1 | Out-Null
Write-Log "Debloat repository cloned successfully" "SUCCESS"
return $Script:Config.DebloatPath
}
catch {
Write-Log "Failed to clone debloat repository: $($_.Exception.Message)" "ERROR"
throw
}
}
function Run-DebloatScripts {
param([string]$RepoPath, [int]$Round)
Write-Log "Running debloat scripts - Round $Round"
$ScriptsPath = "$RepoPath\scripts"
Set-Location $ScriptsPath
# Unblock all PowerShell scripts
Get-ChildItem -Recurse *.ps*1 | Unblock-File
Write-Log "PowerShell scripts unblocked"
$Scripts = @(
"block-telemetry.ps1",
"disable-services.ps1",
"fix-privacy-settings.ps1",
"optimize-user-interface.ps1",
"remove-default-apps.ps1"
#"remove-onedrive.ps1"
)
foreach ($Script in $Scripts) {
if (Test-Path $Script) {
Write-Log "Executing $Script..."
try {
Start-Process -FilePath "powershell" -ArgumentList "-ExecutionPolicy", "Bypass", "-File", ".\$Script" -Wait -WindowStyle Hidden | Out-Null
Write-Log "$Script completed successfully" "SUCCESS"
}
catch {
Write-Log "Error in $Script`: $($_.Exception.Message)" "WARNING"
}
}
else {
Write-Log "$Script not found" "WARNING"
}
}
Write-Log "Debloat round $Round completed" "SUCCESS"
}
function Prep-SandBox {
$RepoPath = Clone-DebloatRepo
# Round 1
Run-DebloatScripts -RepoPath $RepoPath -Round 1
Write-Log "Waiting 10 seconds before Round 2..."
Start-Sleep -Seconds 10
# Round 2
Run-DebloatScripts -RepoPath $RepoPath -Round 2
Write-Log "Windows debloating completed!" "SUCCESS"
Write-Log "Reboot required to complete all changes" "WARNING"
# Cleanup - Remove debloat repository
Write-Log "Cleaning up debloat repository..."
Set-Location C:\
Start-Sleep -Seconds 5
try {
Remove-Item $RepoPath -Recurse -Force -ErrorAction Stop
Write-Log "Debloat repository removed successfully" "SUCCESS"
}
catch {
Write-Log "Repository cleanup will be attempted after reboot" "WARNING"
# Schedule cleanup for next boot
$CleanupScript = "Remove-Item '$RepoPath' -Recurse -Force -ErrorAction SilentlyContinue"
New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce' -Name 'LitterBoxCleanup' -Value "powershell -Command `"$CleanupScript`"" -PropertyType String -Force | Out-Null
}
}
function Install-LitterBox {
Write-Log "Cloning and configuring LitterBox repository"
# Clone repository
Write-Log "Cloning LitterBox repository..."
Set-Location C:\
try {
git clone $Script:Config.RepoUrl 2>&1 | Out-Null
Set-Location $Script:Config.InstallDir
Write-Log "LitterBox repository cloned successfully" "SUCCESS"
}
catch {
Write-Log "Failed to clone LitterBox repository: $($_.Exception.Message)" "ERROR"
throw
}
# Create virtual environment
Write-Log "Creating Python virtual environment..."
try {
python -m venv venv 2>&1 | Out-Null
Write-Log "Python virtual environment created" "SUCCESS"
}
catch {
Write-Log "Failed to create virtual environment: $($_.Exception.Message)" "ERROR"
throw
}
# Install Python dependencies
Write-Log "Installing Python dependencies..."
try {
& ".\venv\Scripts\Activate.ps1"
.\venv\Scripts\pip.exe install --upgrade pip --quiet 2>&1 | Out-Null
.\venv\Scripts\pip.exe install -r requirements.txt --quiet 2>&1 | Out-Null
Write-Log "Python dependencies installed successfully" "SUCCESS"
}
catch {
Write-Log "Failed to install Python dependencies: $($_.Exception.Message)" "ERROR"
throw
}
}
function Configure-Firewall {
Write-Log "Configuring Windows Firewall rules"
try {
New-NetFirewallRule -DisplayName "LitterBox Web" -Direction Inbound -Protocol TCP -LocalPort $Script:Config.WebPort -Action Allow -ErrorAction Stop | Out-Null
New-NetFirewallRule -DisplayName "LitterBox MCP" -Direction Inbound -Protocol TCP -LocalPort $Script:Config.MCPPort -Action Allow -ErrorAction Stop | Out-Null
Write-Log "Firewall rules configured for ports $($Script:Config.WebPort) and $($Script:Config.MCPPort)" "SUCCESS"
}
catch {
Write-Log "Failed to configure firewall rules: $($_.Exception.Message)" "WARNING"
}
}
function Create-StartupFiles {
Write-Log "Creating startup scripts and shortcuts"
# Create startup batch file
$StartupScript = @"
@echo off
echo Starting LitterBox Malware Analysis Platform...
cd $($Script:Config.InstallDir)
call .\venv\Scripts\activate.bat
python litterbox.py --debug --ip 0.0.0.0
"@
try {
$StartupScript | Out-File -FilePath "$($Script:Config.InstallDir)\litterox.bat" -Encoding ASCII
Write-Log "Startup script created successfully"
}
catch {
Write-Log "Failed to create startup script: $($_.Exception.Message)" "ERROR"
throw
}
# Create desktop shortcut
Write-Log "Creating desktop shortcut..."
try {
$WshShell = New-Object -comObject WScript.Shell
$Shortcut = $WshShell.CreateShortcut("C:\Users\Public\Desktop\LitterBox.lnk")
$Shortcut.TargetPath = "$($Script:Config.InstallDir)\litterox.bat"
$Shortcut.WorkingDirectory = $Script:Config.InstallDir
$Shortcut.IconLocation = "$($Script:Config.InstallDir)\app\static\favicon.ico"
$Shortcut.Description = "LitterBox Malware Analysis Platform"
$Shortcut.Save()
# Set shortcut to run as administrator
$bytes = [System.IO.File]::ReadAllBytes('C:\Users\Public\Desktop\LitterBox.lnk')
$bytes[0x15] = $bytes[0x15] -bor 0x20
[System.IO.File]::WriteAllBytes('C:\Users\Public\Desktop\LitterBox.lnk', $bytes)
Write-Log "Desktop shortcut created with admin privileges" "SUCCESS"
}
catch {
Write-Log "Failed to create desktop shortcut: $($_.Exception.Message)" "WARNING"
}
}
function Setup-AutoStart {
Write-Log "Configuring LitterBox auto-start with admin privileges"
try {
# Remove any existing registry entry
Remove-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run' -Name 'LitterBox' -ErrorAction SilentlyContinue
# Create scheduled task for startup with admin privileges
$Action = New-ScheduledTaskAction -Execute "$($Script:Config.InstallDir)\litterox.bat"
$Trigger = New-ScheduledTaskTrigger -AtLogOn
$Settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -StartWhenAvailable
$Principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -LogonType ServiceAccount -RunLevel Highest
Register-ScheduledTask -TaskName "LitterBox" -Action $Action -Trigger $Trigger -Settings $Settings -Principal $Principal -Force | Out-Null
Write-Log "Scheduled task configured with admin privileges" "SUCCESS"
}
catch {
Write-Log "Failed to configure auto-start task: $($_.Exception.Message)" "WARNING"
Write-Log "Falling back to registry method without admin privileges" "WARNING"
try {
New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run' -Name 'LitterBox' -Value "$($Script:Config.InstallDir)\litterox.bat" -PropertyType String -Force | Out-Null
Write-Log "Registry auto-start entry created (requires manual admin)" "SUCCESS"
}
catch {
Write-Log "Failed to create registry auto-start entry: $($_.Exception.Message)" "ERROR"
}
}
}
function Start-LitterBox {
Write-Log "Starting LitterBox platform..." "SUCCESS"
Set-Location $Script:Config.InstallDir
try {
Start-Process -FilePath "$($Script:Config.InstallDir)\litterox.bat" -WindowStyle Normal
Write-Log "LitterBox setup completed successfully!" "SUCCESS"
Write-Log "Installation directory: $($Script:Config.InstallDir)" "SUCCESS"
Write-Log "Web interface: http://localhost:$($Script:Config.WebPort)" "SUCCESS"
Write-Log "MCP interface: http://localhost:$($Script:Config.MCPPort)" "SUCCESS"
Write-Log "Desktop shortcut created" "SUCCESS"
Write-Log "Windows Defender exclusions applied" "SUCCESS"
Write-Log "LitterBox is now running!" "SUCCESS"
}
catch {
Write-Log "Failed to start LitterBox: $($_.Exception.Message)" "ERROR"
}
}
# Main execution flow
try {
Write-Log "=== LitterBox Malware Analysis Platform Setup Started ===" "SUCCESS"
Initialize-Environment
Set-DefenderExclusions
Install-Prerequisites
Install-Chocolatey
Install-Dependencies
Prep-SandBox
Install-LitterBox
Configure-Firewall
Create-StartupFiles
Setup-AutoStart
Start-LitterBox
Write-Log "=== LitterBox Setup Completed Successfully ===" "SUCCESS"
}
catch {
Write-Log "Setup failed: $($_.Exception.Message)" "ERROR"
Write-Log "Check log file: $($Script:Config.LogFile)" "ERROR"
exit 1
}
Docker/setup.sh
+42
View File
@@ -0,0 +1,42 @@
#!/bin/bash
echo "LitterBox Docker Setup"
echo "====================="
echo "[+] Installing Docker, Docker Compose, and CPU checker..."
sudo apt install docker.io docker-compose cpu-checker -y
echo "[+] Checking KVM support..."
if sudo kvm-ok; then
echo "[+] KVM acceleration available"
else
echo "[!] KVM not available - will run slower"
echo "[!] Enable virtualization in BIOS or use KVM: 'N' in docker-compose"
fi
# Create directories
mkdir -p oem
mkdir -p share
# Create install.bat
cat > oem/install.bat << 'EOF'
@echo off
echo [+] LitterBox Installation Starting...
powershell -ExecutionPolicy Bypass -File "C:\OEM\install.ps1"
echo [+] Installation complete!
EOF
# Copy existing install.ps1
cp install.ps1 oem/install.ps1
echo ""
echo "Starting Windows installation..."
echo "Web viewer: http://localhost:8006"
echo "Monitor installation progress in browser"
echo "Windows will auto-install, then LitterBox will be set up"
echo "LitterBox will be ready at http://localhost:1337 when complete"
# Start Docker container
sudo docker-compose up
README.md
+61 -31
View File
@@ -2,12 +2,14 @@
![LitterBox Logo](https://github.com/user-attachments/assets/20030454-55b8-4473-b7b7-f65bb7150d51)
[![Python 3.11+](https://img.shields.io/badge/python-3.11+-blue.svg)]()
[![License](https://img.shields.io/badge/license-GPL%20v3-green.svg)]()
[![OS](https://img.shields.io/badge/os-Windows-blue.svg)]()
[![MCP Supported](https://img.shields.io/badge/MCP-Supported-blueviolet.svg)]()
[![Python](https://img.shields.io/badge/Python-3.11+-3776AB?style=plastic&logo=python&logoColor=white)]()
[![Windows](https://img.shields.io/badge/Windows-Supported-0078D6?style=plastic&logo=onlyfans&logoColor=black)]()
[![Linux](https://img.shields.io/badge/Linux-Supported-FCC624?style=plastic&logo=linux&logoColor=black)]()
[![Docker](https://img.shields.io/badge/Docker-Enabled-2496ED?style=plastic&logo=docker&logoColor=white)]()
[![MCP](https://img.shields.io/badge/MCP-Ready-412991?style=plastic&logo=openai&logoColor=black)]()
[![GitHub Stars](https://img.shields.io/github/stars/BlackSnufkin/LitterBox)](https://github.com/BlackSnufkin/LitterBox/stargazers)
## Table of Contents
- [Overview](#overview)
- [Analysis Capabilities](#analysis-capabilities)
@@ -15,7 +17,8 @@
- [Integrated Tools](#integrated-tools)
- [API Reference](#api-reference)
- [Installation](#installation)
- [Access Methods](#access-methods)
- [Windows Installation](#windows-installation)
- [Linux Installation (Docker)](#linux-installation)
- [Configuration](#configuration)
- [Client Libraries](#client-libraries)
- [Contributing](#contributing)
@@ -47,6 +50,7 @@ The platform includes LLM-assisted analysis capabilities through the LitterBoxMC
| Entropy Analysis | Detection of encryption and obfuscation |
| Type Classification | Advanced MIME and file type analysis |
| Metadata Preservation | Original filename and timestamp tracking |
| Runtime detection | Compiled binary identification
### Executable Analysis
@@ -214,13 +218,14 @@ DELETE /file/<hash> # Remove specific analysis
## Installation
### System Requirements
- Windows operating system (Linux not supported)
### Windows Installation
**System Requirements:**
- Windows operating system
- Python 3.11 or higher
- Administrator privileges
### Deployment Process
**Deployment Process:**
1. Clone the repository:
```bash
git clone https://github.com/BlackSnufkin/LitterBox.git
@@ -234,27 +239,61 @@ python -m venv venv
pip install -r requirements.txt
```
## Operation
Standard operation:
**Operation:**
```bash
# Standard operation
python litterbox.py
```
Diagnostic mode:
```bash
# Diagnostic mode
python litterbox.py --debug
```
## Access Methods
**Access:**
- **Web UI**: `http://127.0.0.1:1337`
- **API Access**: Python client integration
- **LLM Integration**: MCP server
LitterBox offers three access interfaces:
---
- **Web UI**: Browser-based interface at `http://127.0.0.1:1337`
- **API Access**: Programmatic integration via Python client
- **LLM Integration**: AI agent interaction through MCP server
### Linux Installation
For API access, see the [Client Libraries](#client-libraries) section.
**System Requirements:**
- Linux operating system
- Docker and Docker Compose
- Hardware virtualization support
**Deployment Process:**
1. Clone the repository:
```bash
git clone https://github.com/BlackSnufkin/LitterBox.git
cd LitterBox/Docker
```
2. Run automated setup:
```bash
chmod +x setup.sh
./setup.sh
```
> Note: Initial setup takes approximately 1 hour depending on internet speed and system resources.
The setup script automatically:
- Installs Docker, Docker Compose, and CPU checker
- Verifies KVM hardware virtualization support
- Creates Windows 10 container environment with automated LitterBox installation
- Starts containerized Windows instance
**Access:**
- **Installation monitor**: `http://localhost:8006` (track Windows setup progress)
- **RDP access**: `localhost:3389` (available after installation completes, creds in docker file)
Once installation completes, LitterBox provides:
- **Web UI**: `http://127.0.0.1:1337`
- **API Access**: Python client integration
- **LLM Integration**: MCP server
---
>For API access, see the [Client Libraries](#client-libraries) section.
## Configuration
@@ -318,14 +357,5 @@ This project incorporates technologies from the following contributors:
## Interface
![Upload Interface](Screenshots/upload.png)
![LitterBox Demo](Screenshots/lb-demo.gif)
![Dynamic Analysis](Screenshots/dynamic.png)
![Static Analysis](Screenshots/static.png)
![BYOVD Analysis](Screenshots/byovd.png)
![Doppelganger Analysis](Screenshots/doppelganger.png)
![Summary View](Screenshots/summary.png)
Screenshots/doppelganger.png
BIN
View File
Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 882 KiB

Screenshots/dynamic.png
BIN
View File
Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 894 KiB

Screenshots/lb-demo.gif
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.4 MiB

Screenshots/static.png
BIN
View File
Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 864 KiB

Screenshots/summary.png
BIN
View File
Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 921 KiB

Screenshots/upload.png
BIN
View File
Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 933 KiB

app/templates/doppelganger.html
+1 -1
View File
@@ -1,13 +1,13 @@
<!-- app/templates/doppelganger.html -->
{% extends "base.html" %}
{% block page_title %}Doppelganger Analysis{% endblock %}
{% block content %}
<div class="max-w-6xl mx-auto px-4 py-12">
<!-- Header Section with Navigation -->
<div class="mb-8">
<div class="flex items-center justify-between mb-4">
<div>
<h1 class="text-2xl font-medium text-gray-100">Doppelganger Analysis</h1>
<p class="text-gray-400">
{% if analysis_type == 'blender' %}
Analyze and compare system processes with payloads to find shared IOCs.