/IntelOwl-ng

IntelOwl's Web Interface. Built with Angular 10.

Primary LanguageTypeScriptGNU Affero General Public License v3.0AGPL-3.0

⚠️ This repository has been archived. IntelOwl has a new GUI written in React.js and its code lives inside the main repository only.

IntelOwl-ng

Language grade: JavaScript CodeFactor code style: prettier

Official web client for Intel Owl, a scalable API which gathers threat intelligence data about a particular file or observable (ip, domain, url, hash) by querying many different analyzers and services that are externally or internally available.

Built with Angular 10 on top of ngx-admin.

Demo

Live Demo hosted on firebase. (Last Updated for IntelOwl v3.0.0)

Features

  • A dashboard to display different visualizations of Job data, with the following features:
    • Tabular view of all jobs which can be filtered, sorted or searched through.
    • Pie charts for visualizing job data on the basis of status, observable_classification, file_mimetype and is_sample.
    • Clicking on any slice on the Pie Chart will filter the jobs list based on the selected classification.
    • “Save as PNG” feature for the graphs.
  • Job result can be viewed as a nested list or prettified JSON.
  • analyzer_config.json from IntelOwl in a tabular view which can be filtered, sorted or searched through. Along with this, there's also a dendogram-tree view.
  • Requesting new analysis/scans with simple-to-use forms. They take care of warnings for you and also lets you specify tags to group different analysis' together.

Docker

IntelOwl-ng's Docker image on Dockerhub is a data-only image. In other terms, it's a scratch image that contains only the final production build artifacts and cannot be started as a container. This makes the image super light-weight i.e. ~7 mb uncompressed and we can use Docker's multi-stage builds to inject these build artifacts into another base container such as nginx. Official example from Intel Owl repository.

You should never need to build/start this docker image yourself, you should always use the docker-compose files from main IntelOwl repository.

Installation

For a development server, we make use of proxy configuration given in proxy.config.json to make calls to the backend server. Therefore, this application requires Intel Owl running on http://localhost:80 (by default). If you wish to change this URL, you can do so by changing the target parameter in proxy.config.json.

Clone this repository

$ git clone https://github.com/intelowlproject/intelowl-ng
$ cd intelowl-ng/

Build locally

Dependencies
  • node.js: v12.18.0 (Latest LTS)
  • any one of: yarn: v1.22.4 or npm for package management.
Install packages

Install the packages described in the package.json and verify that it works:

intelowl-ng$ yarn install

or,

intelowl-ng$ npm install
Development server

Run npm start or yarn start for a dev server. Navigate to http://localhost:4200/. The app will automatically reload if you change any of the source files. Shut it down manually with Ctrl-C.

Developing

Project structure
dist/                        compiled version
e2e/                         end-to-end tests
src/                         project source code
|- app/                      app components
|  |- @core/                 core module (singleton services and single-use components)
|     |- models/models.ts    various interfaces used
|     |- services/           injectable services
|  |- @theme/                reusable theme module, reusable components, directives, pipes.
|     |- styles/             ngx-admin themes and global scss variables
|  |- pages/                 app's primary modules and components
|  |- app.component.*        app root component (shell)
|  |- app.module.ts          app root module definition
|  |- app-routing.module.ts  app routes
|- assets/                   app assets (images, etc.)
|- environments/             values for various build environments
|- index.html                html entry point
|- main.ts                   app entry point
|- polyfills.ts              polyfills needed by Angular
+- test.ts                   unit tests entry point
README.md                    project docs and coding guides
Dockerfile                   multi-staged Dockerfile
Libraries
Code scaffolding

Run ng generate component component-name to generate a new component. You can also use ng generate directive/pipe/service/class/module.

Build

Run ng build or yarn build to build the project. The build artifacts will be stored in the dist/ directory. Use the --prod flag for a production build.

Further help

To get more help on the angular-cli use ng --help or go check out the Angular-CLI README.

Contributing

  1. Please create a new branch based on the develop branch that contains the most recent changes.
$ git checkout -b myfeature develop
  1. Run this before committing your changes to git.
$ yarn prettier:write
$ yarn lint

Fix the linting issues, if there are any.

  1. Read this before submitting a pull request.