muninn

An Integrated Web-based Dashboard for Threat Analysis

Modules:

Web server – Apache 2.0
Searching and indexing service – Elasticsearch
Parsing and filtering service – Logstash
Data visualization platform – Kibana
System statistics collection – Metricbeat
Log data collection – Filebeat
Network statistics collection – Packetbeat
Active network connection monitoring– Custom agent
Threat intelligence aggregation – Minemeld
Alerting service – Elastalert
Threat analysis –

a. VirusTotal API

b. Shodan API

c. Whois information – ipdata.co
Real-time malware campaign tracking – AlienVault OTX
Threat Attribution – MITRE ATT&CK Kibana Dashboard

Architecture

Threat Dashboard

Threat Attribution Dashboard

VirusTotal Intel

Pushing Telegram alert

Received Telegram alert