A comprehensive security analysis platform combining threat intelligence, digital forensics, network scanning, and system auditing in one unified interface.
- Multi-source Lookups: IP, Domain, URL, File Hash analysis
- API Integration: VirusTotal, AbuseIPDB, AlienVault OTX, URLScan, Shodan
- Real-time Analysis: Live threat data from 5+ intelligence sources
- Static Analysis: PE parsing, entropy calculation, string extraction
- Hash Generation: MD5, SHA1, SHA256
- Multi-engine Scanning: Hybrid Analysis, MetaDefender, VirusTotal
- Evidence Collection: System information, running processes, browser history
- USB Device History: Registry-based USB artifact analysis
- Automated Reporting: JSON evidence export
- Network Discovery: Host discovery and ping sweeps
- Port Scanning: Common service port detection
- Service Detection: Banner grabbing and service identification
- Startup Analysis: Auto-start program inspection
- Service Enumeration: Windows service auditing
- Security Assessment: Firewall status and system hardening checks
- Python 3.8+
- Windows 10/11 (Linux support in development)
# Clone repository git clone https://github.com/APMarzuki/CyberGuardian-X.git cd CyberGuardian-X # Create virtual environment python -m venv .venv .venv\Scripts\activate # Windows # Install dependencies pip install -r requirements.txt # Configure API keys copy config.ini.example config.ini # Edit config.ini with your API keys # Run application python app.py Dependencies See requirements.txt for complete list: requests>=2.28 - API communication psutil>=5.9 - System information tkinter - GUI framework python-magic-bin - File type detection π§ Configuration Get API keys from: VirusTotal AbuseIPDB AlienVault OTX URLScan Shodan Add keys to config.ini: ini [API_KEYS] VIRUSTOTAL_API_KEY = your_key_here ABUSEIPDB_API_KEY = your_key_here OTX_API_KEY = your_key_here URLSCAN_API_KEY = your_key_here SHODAN_API_KEY = your_key_here π― Usage Examples Threat Intelligence python # IP Reputation Check Lookup Type: ip Value: 8.8.8.8 # File Hash Analysis Lookup Type: hash Value: 44d88612fea8a8f36de82e1278abb02f File Analysis Drag & drop suspicious files for automated analysis View PE headers, strings, entropy, and hash information Cross-reference with multiple threat intelligence sources Forensic Collection One-click evidence gathering Export comprehensive system snapshots Browser artifact analysis π Project Structure text CyberGuardian-X/ βββ app.py # Main application launcher βββ requirements.txt # Python dependencies βββ config.ini # Configuration file βββ core/ # Core functionality β βββ ti_engine.py # Threat intelligence engine β βββ hash_utils.py # Cryptographic functions β βββ pe_parser.py # PE file analysis βββ modules/ # Feature modules β βββ gui.py # Main GUI interface β βββ scanner.py # File scanning engine β βββ forensic_lite.py # Digital forensics β βββ net_scanner.py # Network tools β βββ system_audit.py # Security auditing βββ apis/ # API clients β βββ vt_client.py # VirusTotal β βββ otx_client.py # AlienVault OTX β βββ abuseipdb_client.py # AbuseIPDB βββ config/ # Configuration βββ key_loader.py # API key management π€ Contributing We welcome contributions! Please see our Contributing Guidelines for details. Fork the repository Create a feature branch (git checkout -b feature/amazing-feature) Commit your changes (git commit -m 'Add amazing feature') Push to the branch (git push origin feature/amazing-feature) Open a Pull Request π License This project is licensed under the MIT License - see the LICENSE file for details. π Acknowledgments VirusTotal for file reputation services AlienVault OTX for open threat intelligence AbuseIPDB for IP reputation data URLScan.io for URL analysis Shodan for network intelligence π Support Issues: GitHub Issues Discussions: GitHub Discussions CyberGuardian X - Your unified platform for comprehensive security analysis and threat intelligence. text ### **3. Essential Repository Files** **Create these files in your repository:** **requirements.txt** (updated): ```txt # Core Dependencies requests>=2.28.0 psutil>=5.9.0 python-magic-bin>=0.4.24; sys_platform == "win32" pillow>=10.0.0 # Optional (for enhanced features) dnspython>=2.3.0 python-whois>=0.9.0 cryptography>=41.0.0 rich>=12.6.0 tldextract>=3.4.0 # Development pyinstaller>=5.10.0