HomeLinuxIn0ri - Defacement detection with deep learning

In0ri – Defacement detection with deep learning

Table of Contents

In0ri is a defacement detection system utilizing an image-classification convolutional neural network.

When monitoring a website, In0ri will periodically take a screenshot of the website then put it through a preprocessor that will resize the image down to 250x250px and numerical the image before passing it onto the classifier. The core of the classifier is a convolutional neural network trained to detect a website’s defacement. If the monitored website is true, defaced, In0ri will send out warnings via email to the user.

Requirements

  1. Python3 (version >=3.6)
  2. Docker
  3. Docker-compose

Install The In0ri – Defacement detection

Clone the repository

Type the following command one by one on your terminal

				
					git clone https://github.com/J4FSec/In0ri.git
cd In0ri
				
			

Configuring email credentials to send notifications and agent keys from

Edit the file FlaskApp/sendEmail.py

				
					EMAIL_ADDRESS = "foo@gmail.com"
EMAIL_PASSWORD = "$uper$ecurePa$$word"
				
			

Configure Telegram notification

Edit the file chatbot.py

				
					CHAT_ID= 'foo' # Channel ID to send notifications to
TOKEN = 'bar' # Bot token retrieved from @BotFather
				
			

Usage of Defacement detection

There are two ways to deploy and using In0ri:

  1. Running off crontab by periodically visiting the URL.
  2. The internal agent running off the webserver

First Method: URL Check

Visit the WebUI on https://:8080/ and click on “Register” then fill in the form and submit it.

Second Method: Internal Agent Defacement detection

Visit the WebUI on https://:8080/ and click on “Register” then fill in the form and submit it.

Click on “Create Agent” then fill in the form and check your email for the Agent’s key.

On the webserver that you wants to be monitored by In0ri, download the Agent folder from the Github repository

Installing the required packages for the internal Agent

				
					python3 -m pip install watchdog
python3 -m pip install requests
				
			

Edit the file config.json in the same folder as the agent

				
					nano config.json
				
			

A key is sent to your email after registering the Agent on the WebUI root path is the root directory of the web application that you want to be monitored exclude path are the subfolders that you want to be excluded from the scans API server is the URL to the API server of In0ri server IP is the IP of the API server of In0ri

				
					{
    "id":"01",
    "key":"123123123",
    "rootPath":"/var/www/html",
    "excludePath":"",
    "apiServer":"http://<serverIP>:8088/checkdeface"
}

				
			

And run the Agent:

				
					python3 agent.py
				
			
RELATED ARTICLES

Leave A Reply

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular