2023-05-04 14:35:56 +00:00
<!DOCTYPE html>
< html >
< head >
< title > AIL-Framework< / title >
< link rel = "icon" href = "{{ url_for('static', filename='image/ail-icon.png')}}" >
<!-- Core CSS -->
< link href = "{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel = "stylesheet" >
< link href = "{{ url_for('static', filename='css/font-awesome.min.css') }}" rel = "stylesheet" >
< link href = "{{ url_for('static', filename='css/daterangepicker.min.css') }}" rel = "stylesheet" >
< link href = "{{ url_for('static', filename='css/tags.css') }}" rel = "stylesheet" >
<!-- JS -->
< script src = "{{ url_for('static', filename='js/jquery.js')}}" > < / script >
< script src = "{{ url_for('static', filename='js/popper.min.js')}}" > < / script >
< script src = "{{ url_for('static', filename='js/bootstrap4.min.js')}}" > < / script >
< script src = "{{ url_for('static', filename='js/tags.js') }}" > < / script >
< / head >
< body >
{% include 'nav_bar.html' %}
< div class = "container-fluid" >
< div class = "row" >
{% include 'hunter/menu_sidebar.html' %}
< div class = "col-12 col-lg-10" id = "core_content" >
< div class = "card my-3" >
< div class = "card-header bg-dark text-white" >
< h5 class = "card-title" > {%if dict_tracker%}Edit a{%else%}Create a new{%endif%} Tracker< / h5 >
< / div >
< div class = "card-body" >
2023-05-11 14:21:43 +00:00
< form action = "{%if dict_tracker%}{{ url_for('hunters.tracker_edit') }}{%else%}{{ url_for('hunters.add_tracked_menu') }}{%endif%}" method = 'post' >
2023-05-04 14:35:56 +00:00
{%if dict_tracker%}
< input id = "tracker_uuid" name = "tracker_uuid" class = "form-control" type = "text" value = "{{dict_tracker['uuid']}}" hidden >
{%endif%}
< div class = "row" >
< div class = "col-12 col-xl-9" >
< div class = "input-group mb-2 mr-sm-2" >
< div class = "input-group-prepend" >
< div class = "input-group-text bg-secondary text-white" > < i class = "fas fa-at" > < / i > < / div >
< / div >
2023-05-11 14:21:43 +00:00
< input id = "mails" name = "mails" class = "form-control" placeholder = "E-Mails Notification (optional, space separated)" type = "text" { % if dict_tracker % } { % if dict_tracker [ ' mails ' ] % } value = "{%for mail in dict_tracker['mails'] %}{{mail}} {%endfor%}" { % endif % } { % endif % } >
2023-05-04 14:35:56 +00:00
< / div >
< div class = "input-group mb-2 mr-sm-2" >
< div class = "input-group-prepend" >
< div class = "input-group-text bg-info text-white" > < i class = "fas fa-anchor" > < / i > < / div >
< / div >
< input id = "webhook" name = "webhook" class = "form-control" placeholder = "Webhook URL" type = "text" { % if dict_tracker % } { % if dict_tracker [ ' webhook ' ] % } value = "{{dict_tracker['webhook']}}" { % endif % } { % endif % } >
< / div >
< div class = "input-group mb-2 mr-sm-2" >
< div class = "input-group-prepend" >
< div class = "input-group-text bg-info text-white" > < i class = "fas fa-pencil-alt" > < / i > < / div >
< / div >
< input id = "description" name = "description" class = "form-control" placeholder = "Tracker Description (optional)" type = "text" { % if dict_tracker % } { % if dict_tracker [ ' description ' ] % } value = "{{dict_tracker['description']}}" { % endif % } { % endif % } >
< / div >
< div class = "card my-4" >
< div class = "card-header bg-info text-white" >
< b > Objects to Track:< / b >
< / div >
< div class = "card-body" >
{# < div class = "custom-control custom-switch mt-1" > #}
{# < input class = "custom-control-input" type = "checkbox" name = "cve_obj" id = "cve_obj" checked = "" > #}
{# < label class = "custom-control-label" for = "cve_obj" > < i class = "fas fa-bug" > < / i > CVE< / label > #}
{# < / div > #}
{# < div class = "custom-control custom-switch mt-1" > #}
{# < input class = "custom-control-input" type = "checkbox" name = "crypto_obj" id = "crypto_obj" checked = "" > #}
{# < label class = "custom-control-label" for = "crypto_obj" > < i class = "fas fa-coins" > < / i > Cryptocurrency< / label > #}
{# < / div > #}
< div class = "custom-control custom-switch mt-1" >
< input class = "custom-control-input" type = "checkbox" name = "decoded_obj" id = "decoded_obj" checked = "" >
2023-07-31 14:00:31 +00:00
< label class = "custom-control-label" for = "decoded_obj" > < i class = "fas fa-lock-open" > < / i > Decoded < i class = "fas fa-info-circle text-info" data-toggle = "tooltip" data-placement = "right" title = "Content that has been decoded from an encoded format, such as base64" > < / i > < / label >
2023-05-04 14:35:56 +00:00
< / div >
{# < div class = "custom-control custom-switch mt-1" > #}
{# < input class = "custom-control-input" type = "checkbox" name = "domain_obj" id = "domain_obj" checked = "" > #}
{# < label class = "custom-control-label" for = "domain_obj" > < i class = "fas fa-spider" > < / i > Domain< / label > #}
{# < / div > #}
< div class = "custom-control custom-switch mt-1" >
< input class = "custom-control-input" type = "checkbox" name = "item_obj" id = "item_obj" checked = "" >
2023-07-31 14:00:31 +00:00
< label class = "custom-control-label" for = "item_obj" > < i class = "fas fa-file" > < / i > Item < i class = "fas fa-info-circle text-info" data-toggle = "tooltip" data-placement = "right" title = "Text that has been processed by AIL. It can include various types of extracted information" > < / i > < / label >
2023-05-04 14:35:56 +00:00
< / div >
< div class = "card border-dark mb-4" id = "sources_item_div" >
< div class = "card-body" >
< h5 > Filter Item by sources< / h5 >
< div class = "input-group mb-2 mr-sm-2" >
< div class = "input-group-prepend" >
< div class = "input-group-text bg-dark text-white" > < i class = "fas fa-folder" > < / i > < / div >
< / div >
< input id = "sources_item" class = "form-control" type = "text" name = "sources_item" placeholder = "Item Sources to track (ALL IF EMPTY)" autocomplete = "off" >
< / div >
< / div >
< / div >
< div class = "custom-control custom-switch mt-1" >
< input class = "custom-control-input" type = "checkbox" name = "pgp_obj" id = "pgp_obj" checked = "" >
2023-07-31 14:00:31 +00:00
< label class = "custom-control-label" for = "pgp_obj" > < i class = "fas fa-key" > < / i > PGP < i class = "fas fa-info-circle text-info" data-toggle = "tooltip" data-placement = "right" title = "PGP key/block metadata" > < / i > < / label >
2023-05-04 14:35:56 +00:00
< / div >
< div class = "card border-dark mb-4" id = "sources_pgp_div" >
< div class = "card-body" >
< h6 > Filter PGP by subtype:< / h6 >
< div class = "custom-control custom-switch mt-1" >
< input class = "custom-control-input" type = "checkbox" name = "filter_pgp_name" id = "filter_pgp_name" checked = "" >
< label class = "custom-control-label" for = "filter_pgp_name" >
< svg height = "26" width = "26" >
< g class = "nodes" >
< circle cx = "13" cy = "13" r = "13" fill = "#44AA99" > < / circle >
< text x = "13" y = "13" text-anchor = "middle" dominant-baseline = "central" class = "graph_node_icon fas" font-size = "16px" >  < / text >
< / g >
< / svg >
name
< / label >
< / div >
< div class = "custom-control custom-switch mt-1" >
< input class = "custom-control-input" type = "checkbox" name = "filter_pgp_mail" id = "filter_pgp_mail" checked = "" >
< label class = "custom-control-label" for = "filter_pgp_mail" >
< svg height = "26" width = "26" >
< g class = "nodes" >
< circle cx = "13" cy = "13" r = "13" fill = "#44AA99" > < / circle >
< text x = "13" y = "13" text-anchor = "middle" dominant-baseline = "central" class = "fas" font-size = "16px" >  < / text >
< / g >
< / svg >
mail
< / label >
< / div >
< / div >
< / div >
{# < div class = "custom-control custom-switch mt-1" > #}
{# < input class = "custom-control-input" type = "checkbox" name = "level" id = "screenshot_obj" checked = "" > #}
{# < label class = "custom-control-label" for = "screenshot_obj" > < i class = "fas fa-image" > < / i > Screenshot< / label > #}
{# < / div > #}
{# < div class = "custom-control custom-switch mt-1" > #}
{# < input class = "custom-control-input" type = "checkbox" name = "level" id = "username_obj" checked = "" > #}
{# < label class = "custom-control-label" for = "username_obj" > < i class = "fas fa-user" > < / i > Username< / label > #}
{# < / div > #}
{# < li class = "list-group-item text-left" > #}
{# < div class = "form-check" > #}
{# < input class = "form-check-input" type = "checkbox" value = "True" id = "CveCheck" name = "CveCheck" checked = "" > #}
{# < label class = "form-check-label" for = "CveCheck" > < i class = "fas fa-bug" > < / i > Cve< / label > #}
{# < / div > #}
{# < div class = "form-check" > #}
{# < input class = "form-check-input" type = "checkbox" value = "True" id = "CryptocurrencyCheck" name = "CryptocurrencyCheck" checked = "" > #}
{# < label class = "form-check-label" for = "CryptocurrencyCheck" > < i class = "fas fa-coins" > < / i > Cryptocurrency< / label > #}
{# < / div > #}
{# < div class = "form-check" > #}
{# < input class = "form-check-input" type = "checkbox" value = "True" id = "DecodedCheck" name = "DecodedCheck" checked = "" > #}
{# < label class = "form-check-label" for = "DecodedCheck" > < i class = "fas fa-lock-open" > < / i > Decoded< / label > #}
{# < / div > #}
{# < div class = "form-check" > #}
{# < input class = "form-check-input" type = "checkbox" value = "True" id = "ScreenshotCheck" name = "ScreenshotCheck" checked = "" > #}
{# < label class = "form-check-label" for = "ScreenshotCheck" > < i class = "fas fa-image" > < / i > Screenshot< / label > #}
{# < / div > #}
{# < div class = "form-check" > #}
{# < input class = "form-check-input" type = "checkbox" value = "True" id = "PgpCheck" name = "PgpCheck" checked = "" > #}
{# < label class = "form-check-label" for = "PgpCheck" > < i class = "fas fa-key" > < / i > PGP< / label > #}
{# < / div > #}
{# < div class = "form-check" > #}
{# < input class = "form-check-input" type = "checkbox" value = "True" id = "UsernameCheck" name = "UsernameCheck" checked = "" > #}
{# < label class = "form-check-label" for = "UsernameCheck" > < i class = "fas fa-user" > < / i > Username< / label > #}
{# < / div > #}
{# < div class = "form-check" > #}
{# < input class = "form-check-input" type = "checkbox" value = "True" id = "DomainCheck" name = "DomainCheck" checked = "" > #}
{# < label class = "form-check-label" for = "DomainCheck" > < i class = "fas fa-spider" > < / i > Domain< / label > #}
{# < / div > #}
{# < div class = "form-check" > #}
{# < input class = "form-check-input" type = "checkbox" value = "True" id = "ItemCheck" name = "ItemCheck" checked = "" > #}
{# < label class = "form-check-label" for = "ItemCheck" > < i class = "fas fa-user" > < / i > Item< / label > #}
{# < / div > #}
{##}
{# < / li > #}
< / div >
< / div >
< div class = "card my-4" >
< div class = "card-header bg-secondary text-white" >
< b > Tags< / b >
< / div >
< div class = "card-body" >
< div class = "input-group mb-2 mr-sm-2" >
< div class = "input-group-prepend" >
< div class = "input-group-text bg-danger text-white" > < i class = "fas fa-tag" > < / i > < / div >
< / div >
2023-05-11 14:21:43 +00:00
< input id = "tags" name = "tags" class = "form-control" placeholder = "Custom Tags (optional, space separated)" type = "text" { % if dict_tracker % } { % if dict_tracker [ ' tags ' ] % } value = "{%for tag in dict_tracker['tags']%}{{tag}} {%endfor%}" { % endif % } { % endif % } >
2023-05-04 14:35:56 +00:00
< / div >
{% include 'tags/block_tags_selector.html' %}
< / div >
< / div >
< / div >
< div class = "col-12 col-xl-3" >
< div class = "custom-control custom-switch mt-1" >
< input class = "custom-control-input" type = "checkbox" name = "level" id = "id_level" { % if dict_tracker % } { % if dict_tracker [ ' level ' ] = = 1 % } checked { % endif % } { % else % } checked { % endif % } >
< label class = "custom-control-label" for = "id_level" >
< i class = "fas fa-users" > < / i > Show tracker to all Users
< / label >
< / div >
< / div >
< / div >
< hr >
< h4 > Tracker Type:< / h4 >
< select id = "tracker_type" name = "tracker_type" class = "custom-select w-25 mb-3" >
< option disabled selected value > -- Select a tracker type -- < / option >
< option value = "word" > Word< / option >
< option value = "set" > Set< / option >
< option value = "regex" > Regex< / option >
< option value = "yara" > YARA rule< / option >
< option value = "typosquatting" > Typo-squatting< / option >
< / select >
< p id = "tracker_desc" > Terms to track (space separated)< / p >
< div class = "row" id = "simple_input" >
< div class = "col-12 col-lg-10" >
2023-05-11 14:21:43 +00:00
< input id = "tracker" name = "tracker" class = "form-control" placeholder = "Terms to track (space separated)" type = "text" { % if dict_tracker % } { % if dict_tracker [ ' type ' ] ! = ' yara ' and dict_tracker [ ' type ' ] ! = ' typosquatting ' % } value = "{{dict_tracker['tracked']}}" { % endif % } { % endif % } >
2023-05-04 14:35:56 +00:00
< / div >
< div class = "col-12 col-lg-2" >
< input type = "number" id = "nb_word" name = "nb_word" name = "quantity" min = "1" placeholder = "Nb of keywords" { % if dict_tracker % } { % if dict_tracker [ ' nb_words ' ] % } value = "{{dict_tracker['nb_words']}}" { % endif % } { % endif % } >
< / div >
< / div >
< div class = "mb-2" id = "yara_rule" >
< div class = "" id = "yara_default_rules" >
< h6 > Default YARA rules:< / h6 >
< select class = "custom-select w-100 mb-3" id = "yara_default_rule" name = "yara_default_rule" onchange = "get_default_rule_content(this);" >
< option selected > Select a default rule< / option >
{% for yara_types in all_yara_files %}
{% for yara_file_name in all_yara_files[yara_types] %}
< option value = "{{yara_types}}/{{yara_file_name}}" > {{yara_types}} - {{yara_file_name}}< / option >
{% endfor %}
{% endfor %}
< / select >
< pre class = "border bg-light" id = "default_yara_rule_content" > < / pre >
< / div >
< hr >
< h6 > Custom YARA rules:< / h6 >
< div class = "row" id = "textarea" >
< textarea class = "form-control mx-3" id = "text_input" name = "yara_custom_rule" placeholder = "Enter your own YARA rule" rows = "5" > {%if dict_tracker%}{%if dict_tracker['type']=='yara' and dict_tracker['content']%}{{dict_tracker['content']}}{%endif%}{%endif%}< / textarea >
< / div >
< / div >
< br >
< button class = "btn btn-success mt-2" >
< i class = "fas fa-plus" > < / i > {%if dict_tracker%}Edit{%else%}Create{%endif%} Tracker
< / button >
< / form >
< / div >
< / div >
< / div >
< / div >
< / div >
< / body >
< script >
var ltags;
var chart = {};
$(document).ready(function(){
$("#page-Tracker").addClass("active");
$("#nav_manual_crawler").addClass("active");
$("#tracker_desc").hide();
$("#tracker").hide();
$("#nb_word").hide();
$("#yara_rule").hide();
sources_item = $('#sources_item').tagSuggest({
data: {{all_sources|safe}},
2023-05-11 14:21:43 +00:00
{%if dict_tracker%}{%if dict_tracker['filters']%}{%if dict_tracker['filters']['item']%}{%if dict_tracker['filters']['item']['sources']%}value: {{dict_tracker['filters']['item']['sources']|safe}},{%endif%}{%endif%}{%endif%}{%endif%}
2023-05-04 14:35:56 +00:00
sortOrder: 'name',
maxDropHeight: 200,
name: 'sources_item',
emptyText: 'Item Sources to track (ALL IF EMPTY)',
});
$('#tracker_type').on('change', function() {
var tracker_type = this.value;
if (tracker_type=="word") {
$("#tracker_desc").text("Token to track. You need to use a regex if you want to use one of the following special characters [< >~!?@#$%^&*|()_-+={}\":; ,.\'\n\r\t]/\\ ");
$("#tracker_desc").show();
$("#tracker").show();
$("#nb_word").hide();
$("#yara_rule").hide();
} else if (tracker_type=="set") {
$("#tracker_desc").text("Set of Terms to track (space separated). This tracker is used to check if an item contain one or more terms specified in a set. If an item contain NB unique terms (by default NB of unique keywords = 1), this tracker is triggered. You need to use a regex if you want to use one of the following special characters [< >~!?@#$%^&*|()_-+={}\":; ,.\'\n\r\t]/\\ ");
$("#tracker_desc").show();
$("#tracker").show();
$("#nb_word").show();
$("#yara_rule").hide();
} else if (tracker_type=="regex") {
$("#tracker_desc").text("Enter a valid Python regex");
$("#tracker_desc").show();
$("#tracker").show();
$("#nb_word").hide();
$("#yara_rule").hide();
} else if (tracker_type=="yara") {
$("#tracker_desc").text("Select a default yara rule or create your own rule:");
$("#tracker_desc").show();
$("#tracker").hide();
$("#nb_word").hide();
$("#yara_rule").show();
} else if (tracker_type=="typosquatting") {
$("#tracker_desc").text("Generation of variation for domain name. Only one domain name at a time.");
$("#tracker_desc").show();
$("#tracker").show();
$("#nb_word").hide();
$("#yara_rule").hide();
}
});
{%if dict_tracker%}
$('#tracker_type').val('{{dict_tracker['type']}}').change();
2023-05-11 14:21:43 +00:00
{%if dict_tracker['type']=='yara'%}
{% if dict_tracker['tracked'][0:21] == 'ail-yara-rules/rules/' %}
$('#yara_default_rule').val('{{dict_tracker['tracked'][21:]}}').change();
{%endif%}
2023-05-04 14:35:56 +00:00
{%endif%}
{%endif%}
$('#item_obj').on("change", function () {
item_source_input_controller();
});
$('#pgp_obj').on("change", function () {
pgp_source_input_controller();
});
});
2023-07-31 14:00:31 +00:00
$(function () {
$('[data-toggle="tooltip"]').tooltip()
})
2023-05-04 14:35:56 +00:00
function toggle_sidebar(){
if($('#nav_menu').is(':visible')){
$('#nav_menu').hide();
$('#side_menu').removeClass('border-right')
$('#side_menu').removeClass('col-lg-2')
$('#core_content').removeClass('col-lg-10')
}else{
$('#nav_menu').show();
$('#side_menu').addClass('border-right')
$('#side_menu').addClass('col-lg-2')
$('#core_content').addClass('col-lg-10')
}
}
function item_source_input_controller() {
if($('#item_obj').is(':checked')){
$("#sources_item_div").show();
}else{
$("#sources_item_div").hide();
}
}
function pgp_source_input_controller() {
if($('#pgp_obj').is(':checked')){
$("#sources_pgp_div").show();
}else{
$("#sources_pgp_div").hide();
}
}
function get_default_rule_content(selector){
var yara_name = selector.value
if (yara_name === "Select a default rule") {
jQuery("#default_yara_rule_content").text("")
} else {
2023-05-11 14:21:43 +00:00
$.getJSON("{{ url_for('hunters.get_default_yara_rule_content') }}?rule=" + yara_name,
2023-05-04 14:35:56 +00:00
function(data) {
jQuery("#default_yara_rule_content").text(data['content'])
});
}
}
< / script >