greysec/litterbox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
69bcfe507a3fd41374adff107541cce4e112b84a
litterbox/app/templates/dynamic_analysis.html
T
BlackSnufkin 48fa4cfbe9 Improved Summery Section
2025-01-05 03:04:30 -08:00

202 lines
12 KiB
HTML
Raw Blame History

{% extends "base.html" %}
{% block content %}
<div class="max-w-6xl mx-auto px-4 py-6">
<!-- Header -->
<div class="flex items-center justify-between mb-6">
<div>
<h1 class="text-xl font-medium text-gray-100">Analysis Summary</h1>
<p class="text-base text-gray-500 mb-6">Comprehensive overview of all scan results.</p>
</div>
<button onclick="window.location.href='/file/{{ file_info.md5 }}/info'"
class="px-4 py-2 bg-gray-500/10 text-gray-400 border border-gray-800 rounded-lg hover:bg-gray-500/20 transition-colors">
Back to File Info
</button>
</div>
<!-- Target Details -->
<div id="targetDetails" class="mb-6">
<div class="bg-gray-900/30 rounded-lg border border-gray-800 p-4 mb-4">
<h4 class="text-base font-medium text-gray-100 mb-2">Target Process</h4>
{% if analysis_results.moneta and analysis_results.moneta.findings.process_info %}
{% set info = analysis_results.moneta.findings.process_info %}
<p class="text-gray-300">
<span class="font-semibold">Name:</span> {{ info.name }}<br>
<span class="font-semibold">PID:</span> {{ info.pid }}<br>
<span class="font-semibold">Path:</span> <span class="text-gray-400">{{ info.path }}</span>
</p>
{% endif %}
</div>
</div>
<!-- Overall Status Grid -->
<div class="grid grid-cols-3 gap-4 mb-6">
<div class="bg-gray-900/30 rounded-lg border border-gray-800 p-4">
<div class="text-sm text-gray-500">Overall Status</div>
<div id="overallStatus" class="text-2xl font-semibold {{ 'text-red-500' if yara_detections + pesieve_detections + moneta_detections + patriot_detections + hsb_detections > 0 else 'text-green-500' }}">
{{ 'Threats Detected' if yara_detections + pesieve_detections + moneta_detections + patriot_detections + hsb_detections > 0 else 'Clean' }}
</div>
</div>
<div class="bg-gray-900/30 rounded-lg border border-gray-800 p-4">
<div class="text-sm text-gray-500">Total Detections</div>
<div id="totalDetections" class="text-2xl font-semibold text-gray-300">{{ yara_detections + pesieve_detections + moneta_detections + patriot_detections + hsb_detections }}</div>
</div>
<div class="bg-gray-900/30 rounded-lg border border-gray-800 p-4">
<div class="text-sm text-gray-500">Scan Duration</div>
<div id="scanDuration" class="text-2xl font-semibold text-gray-300">
{{ "%.2f"|format(analysis_results.moneta.findings.scan_duration if analysis_results.moneta else 0) }}s
</div>
</div>
</div>
<!-- Scanner Results Table -->
<div class="bg-gray-900/30 rounded-lg border border-gray-800 overflow-hidden">
<table class="w-full">
<thead>
<tr class="border-b border-gray-800">
<th class="px-6 py-3 text-left text-base font-medium text-gray-300">Scanner</th>
<th class="px-6 py-3 text-left text-base font-medium text-gray-300">Status</th>
<th class="px-6 py-3 text-left text-base font-medium text-gray-300">Detections</th>
<th class="px-6 py-3 text-left text-base font-medium text-gray-300">Details</th>
</tr>
</thead>
<tbody id="scannerResultsBody" class="divide-y divide-gray-800">
<!-- YARA Results Row -->
<tr>
<td class="px-6 py-4 text-base text-gray-300">YARA</td>
<td class="px-6 py-4">
<span class="px-2 py-1 text-base rounded {{ 'bg-red-500/10 text-red-500' if yara_detections else 'bg-green-500/10 text-green-500' }}">
{{ 'Suspicious' if yara_detections else 'Clean' }}
</span>
</td>
<td class="px-6 py-4 text-base {{ 'text-red-500' if yara_detections else 'text-gray-400' }}">{{ yara_detections }}</td>
<td class="px-6 py-4">
{% if yara_detections %}
<div class="text-base text-gray-400">
{% for match in analysis_results.yara.matches %}
<div class="mb-1">
Rule: <span class="text-red-400">{{ match.rule }}</span>
{% if match.metadata %}
(Severity: {{ match.metadata.severity }})
{% endif %}
</div>
{% endfor %}
</div>
{% else %}
<span class="text-base text-gray-400">No threats detected</span>
{% endif %}
</td>
</tr>
<!-- PE-sieve Results Row -->
<tr>
<td class="px-6 py-4 text-base text-gray-300">PE-sieve</td>
<td class="px-6 py-4">
<span class="px-2 py-1 text-base rounded {{ 'bg-red-500/10 text-red-500' if pesieve_detections else 'bg-green-500/10 text-green-500' }}">
{{ 'Suspicious' if pesieve_detections else 'Clean' }}
</span>
</td>
<td class="px-6 py-4 text-base {{ 'text-red-500' if pesieve_detections else 'text-gray-400' }}">{{ pesieve_detections }}</td>
<td class="px-6 py-4">
{% if pesieve_detections %}
{% set findings = analysis_results.pe_sieve.findings %}
<div class="text-base text-gray-400">
<div>Implanted: {{ findings.implanted }}</div>
<div>Implanted PE: {{ findings.implanted_pe }}</div>
<div>Implanted shellcode: {{ findings.implanted_shc }}</div>
</div>
{% else %}
<span class="text-base text-gray-400">No modifications detected</span>
{% endif %}
</td>
</tr>
<!-- Moneta Results Row -->
<tr>
<td class="px-6 py-4 text-base text-gray-300">Moneta</td>
<td class="px-6 py-4">
<span class="px-2 py-1 text-base rounded {{ 'bg-red-500/10 text-red-500' if moneta_detections else 'bg-green-500/10 text-green-500' }}">
{{ 'Suspicious' if moneta_detections else 'Clean' }}
</span>
</td>
<td class="px-6 py-4 text-base {{ 'text-red-500' if moneta_detections else 'text-gray-400' }}">{{ moneta_detections }}</td>
<td class="px-6 py-4">
{% if moneta_detections %}
{% set findings = analysis_results.moneta.findings %}
<div class="text-base text-gray-400">
{% if findings.total_private_rwx > 0 %}
<div>Private RWX: {{ findings.total_private_rwx }}</div>
{% endif %}
{% if findings.total_private_rx > 0 %}
<div>Private RX: {{ findings.total_private_rx }}</div>
{% endif %}
{% if findings.total_modified_code > 0 %}
<div>Modified Code: {{ findings.total_modified_code }}</div>
{% endif %}
{% if findings.total_heap_executable > 0 %}
<div>Heap Executable: {{ findings.total_heap_executable }}</div>
{% endif %}
{% if findings.total_missing_peb > 0 %}
<div>Missing PEB: {{ findings.total_missing_peb }}</div>
{% endif %}
{% if findings.total_mismatching_peb > 0 %}
<div>Mismatching PEB: {{ findings.total_mismatching_peb }}</div>
{% endif %}
</div>
{% else %}
<span class="text-base text-gray-400">No anomalies detected</span>
{% endif %}
</td>
</tr>
<!-- Patriot Results Row -->
<tr>
<td class="px-6 py-4 text-base text-gray-300">Patriot</td>
<td class="px-6 py-4">
<span class="px-2 py-1 text-base rounded {{ 'bg-red-500/10 text-red-500' if patriot_detections else 'bg-green-500/10 text-green-500' }}">
{{ 'Suspicious' if patriot_detections else 'Clean' }}
</span>
</td>
<td class="px-6 py-4 text-base {{ 'text-red-500' if patriot_detections else 'text-gray-400' }}">{{ patriot_detections }}</td>
<td class="px-6 py-4">
{% if patriot_detections %}
<div class="text-base text-gray-400">
{% for finding in analysis_results.patriot.findings.findings %}
<div class="mb-1">
{{ finding.type }} ({{ finding.level }})
</div>
{% endfor %}
</div>
{% else %}
<span class="text-base text-gray-400">No suspicious activities</span>
{% endif %}
</td>
</tr>
<!-- HSB Results Row -->
<tr>
<td class="px-6 py-4 text-base text-gray-300">Hunt-Sleeping-Beacons</td>
<td class="px-6 py-4">
<span class="px-2 py-1 text-base rounded {{ 'bg-red-500/10 text-red-500' if hsb_detections else 'bg-green-500/10 text-green-500' }}">
{{ 'Suspicious' if hsb_detections else 'Clean' }}
</span>
</td>
<td class="px-6 py-4 text-base {{ 'text-red-500' if hsb_detections else 'text-gray-400' }}">{{ hsb_detections }}</td>
<td class="px-6 py-4">
{% if hsb_detections %}
<div class="text-base text-gray-400">
{% for detection in analysis_results.hsb.findings.detections %}
{% for finding in detection.findings %}
<div class="mb-1">{{ finding.type }} ({{ finding.severity }})</div>
{% endfor %}
{% endfor %}
</div>
{% else %}
<span class="text-base text-gray-400">No suspicious behavior</span>
{% endif %}
</td>
</tr>
</tbody>
</table>
</div>
</div>
{% endblock %}
Reference in New Issue View Git Blame Copy Permalink