HSMW_CC24/cc24-hub
Archived
2
0
Fork 0
Code Pull Requests Activity

readme

Browse Source
This commit is contained in:
overcuriousity 2025-07-16 09:10:39 +02:00
parent f7c9670529
commit 1573557164
1 changed files with 108 additions and 265 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

361
README.md
View File

@ -1,297 +1,140 @@
# cc24-hub # CC24-Hub
Der neue Hub für CC24. Ein Framework für diverse Forensik-Tools und Übersicht über die verfügbaren Anwendungen auf der Plattform. Ein kuratiertes Verzeichnis für digitale Forensik- und Incident-Response-Tools, entwickelt für die Seminargruppe CC24-w1.
DISCLAIMER: Vibe-Coding von Anthropic Claude 4 Sonnet.
## Features ## 🎯 Projektübersicht
- **Performance**: Sub-2 second load times, sub-500ms filtering CC24-Hub ist eine statische Website, die eine strukturierte Übersicht über bewährte DFIR-Tools bietet. Das Projekt orientiert sich am NIST-Framework (SP 800-86) und kategorisiert Tools nach forensischen Domänen und Untersuchungsphasen.
- **YAML-Driven Content**: Easy tool management through simple file edits
- **Dark/Light Themes**: Automatic system detection with manual override
- **Service Monitoring**: Real-time status via Uptime Kuma integration
- **Mobile Responsive**: Works on all device sizes
- **Zero Dependencies**: No external CDNs or cloud services
## Quick Start ### Hauptfunktionen
### Prerequisites - **Tool-Katalog**: Umfassende Sammlung von Open-Source und kommerziellen Forensik-Tools
- **Matrix-Ansicht**: Visualisierung der Tools nach Domänen und Prozess-Phasen
- **Erweiterte Filterung**: Suche nach Name, Beschreibung, Tags, Domäne und Phase
- **Self-Hosted Integration**: Direkte Links zu gehosteten Tool-Instanzen
- **Status-Monitoring**: Live-Überwachung der verfügbaren Services
- **Responsive Design**: Optimiert für Desktop und Mobile
- **Dark/Light Mode**: Automatische Theme-Erkennung mit manueller Überschreibung
- Node.js 16+ ## 🛠️ Technischer Stack
- npm or yarn
### Installation - **Framework**: [Astro](https://astro.build/) (Static Site Generator)
- **Styling**: Vanilla CSS mit CSS Custom Properties
- **Datenformat**: YAML für Tool-Definitionen
- **Deployment**: Statische HTML-Generierung
- **Node.js**: >=18.0.0
## 🚀 Installation & Deployment
### Lokale Entwicklung
1. **Clone the repository**
```bash ```bash
git clone https://git.cc24.dev/mstoeck3/cc24-hub # Repository klonen
git clone https://git.cc24.dev/mstoeck3/cc24-hub.git
cd cc24-hub cd cc24-hub
```
2. **Install dependencies** # Dependencies installieren
```bash
npm install npm install
# Development Server starten
npm run dev
``` ```
3. **Start development server** Die Seite ist dann unter `http://localhost:4321` verfügbar.
### Produktions-Deployment
```bash ```bash
npm start # Build erstellen
npm install && npm run build
``` ```
4. **Build for production** Die statische Seite wird im `dist/` Verzeichnis generiert und kann in die Webroot des Webservers kopiert werden.
```bash
npm run build
```
The site will be available at `http://localhost:8080` and files will be generated in `_site/`. ### Verfügbare Scripts
## Project Structure - `npm run dev` - Development Server
- `npm run build` - Produktions-Build
- `npm run preview` - Vorschau des Builds
- `npm run deploy:static` - Statisches Deployment (Script)
## 📁 Projektstruktur
``` ```
dfir-tools-hub/ cc24-hub/
├── src/ ├── src/
│ ├── _data/ # YAML data files │ ├── components/ # Astro-Komponenten
│ │ ├── tools.yaml # Tools database │ │ ├── Navigation.astro
│ │ └── services.yaml # Service monitoring config │ │ ├── ToolCard.astro
│ ├── _includes/ # Shared template components │ │ ├── ToolFilters.astro
│ ├── _layouts/ # Page layout templates │ │ └── ToolMatrix.astro
│ │ └── base.njk # Base layout │ ├── data/
│ ├── js/ # Client-side JavaScript │ │ └── tools.yaml # Tool-Definitionen
│ │ ├── search.js # Search and filtering │ ├── layouts/
│ │ ├── theme.js # Theme management │ │ └── BaseLayout.astro
│ │ ├── modal.js # Tool detail modal │ ├── pages/ # Seiten-Routing
│ │ └── status.js # Status page logic │ │ ├── index.astro
│ ├── scss/ # Sass stylesheets │ │ ├── about.astro
│ │ └── main.scss # Main stylesheet │ │ ├── status.astro
│ ├── about/ │ │ └── impressum.astro
│ │ └── index.njk # About page │ ├── scripts/
│ ├── privacy/ │ │ └── theme.js # Theme-Management
│ │ └── index.njk # Privacy page │ └── styles/
│ ├── status/ │ └── global.css # Globale Styles
│ │ └── index.njk # Status page ├── public/ # Statische Assets
│ └── index.njk # Home page └── astro.config.mjs # Astro-Konfiguration
├── .eleventy.js # Eleventy configuration
├── package.json # Dependencies and scripts
└── README.md # This file
``` ```
## Content Management ## 🔧 Tool-Datenformat
### Adding Tools Tools werden in `src/data/tools.yaml` definiert:
Edit `src/_data/tools.yaml` to add or modify tools:
```yaml ```yaml
tools: tools:
- id: new-tool # Unique identifier - name: "Tool Name"
name: "Tool Name" # Display name description: "Beschreibung des Tools"
description: "Brief description of the tool" domains: ["incident-response", "malware-analysis"]
domains: # Forensic domains phases: ["data-collection", "analysis"]
- "Filesystem Forensics" platforms: ["Linux", "Windows"]
- "Network Forensics" skillLevel: "intermediate"
phases: # DFIR phases accessType: "download"
- "Datensammlung" url: "https://example.com"
- "Analyse" projectUrl: "https://hosted.example.com" # Optional für gehostete Tools
platforms: # Supported platforms license: "Apache 2.0"
- "Linux" tags: ["tag1", "tag2"]
- "Windows" statusUrl: "https://status.example.com/badge" # Optional
- "macOS"
skillLevel: "Intermediate" # Beginner|Intermediate|Advanced
accessType: "CLI" # CLI|GUI|Web|SaaS
url: "https://example.com" # Project homepage
tags: # Search tags
- "tag1"
- "tag2"
type: "FOSS" # FOSS|SaaS
``` ```
### Configuring Services ### Verfügbare Kategorien
Edit `src/_data/services.yaml` for service monitoring: **Domänen:**
- `incident-response` - Incident Response & Breach-Untersuchung
- `law-enforcement` - Strafverfolgung & Kriminalermittlung
- `malware-analysis` - Malware-Analyse & Reverse Engineering
- `fraud-investigation` - Betrugs- & Finanzkriminalität
- `network-forensics` - Netzwerk-Forensik & Traffic-Analyse
- `mobile-forensics` - Mobile Geräte & App-Forensik
- `cloud-forensics` - Cloud & Virtuelle Umgebungen
- `ics-forensics` - Industrielle Kontrollsysteme (ICS/SCADA)
```yaml **Phasen:**
# Uptime Kuma Configuration - `data-collection` - Datensammlung
uptimeKuma: - `examination` - Auswertung
enabled: true # Enable/disable integration - `analysis` - Analyse
apiUrl: "https://status.lab.local/api" - `reporting` - Bericht & Präsentation
apiKey: "your-api-key" # Optional API key - `collaboration` - Übergreifend & Kollaboration
refreshInterval: 30000 # Refresh every 30 seconds
# Static service definitions ## 🤝 Beitragen
services:
- id: service-id
name: "Service Name"
description: "Service description"
url: "https://service.lab.local"
category: "Analyse Tools"
status: "operational" # operational|degraded|maintenance|down
uptime: "99.9%"
responseTime: "245ms"
```
## DFIR Methodology ### Tool hinzufügen
Tools are organized according to the standard DFIR framework: 1. Fork des Repositories erstellen
2. Neuen Tool-Eintrag in `src/data/tools.yaml` hinzufügen
3. Pull Request mit Beschreibung der Änderungen erstellen
### Domains ### Korrekturen & Verbesserungen
- **Filesystem Forensics**: File system Analyse and recovery
- **Network Forensics**: Network traffic and protocol Analyse
- **Memory Forensics**: RAM and memory artifact Analyse
- **Live Forensics**: Real-time system Analyse
- **Malware Analyse**: Malicious software Auswertung
- **Cryptocurrency**: Blockchain and crypto investigations
### Phases - Bug Reports und Feature Requests über Issues melden
- **Datensammlung**: Evidence acquisition and preservation - Code-Beiträge über Pull Requests willkommen
- **Auswertung**: Data extraction and parsing - Dokumentation und Übersetzungen erwünscht
- **Analyse**: Evidence correlation and interpretation
- **Bericht & Präsentation**: Documentation and timeline creation
## Service Status Integration
### Uptime Kuma Setup
1. **Install Uptime Kuma** on your network
2. **Configure monitors** for your DFIR services
3. **Enable API access** in Uptime Kuma settings
4. **Update configuration** in `src/_data/services.yaml`:
```yaml
uptimeKuma:
enabled: true
apiUrl: "https://your-uptime-kuma.local/api"
apiKey: "your-api-key"
```
## Development
### Available Scripts
- `npm start` - Start development server with live reload
- `npm run build` - Build production site
- `npm run debug` - Build with debug information
- `npm run clean` - Clean build directory
### Customization
#### Themes
- Modify color variables in `src/scss/main.scss`
- Supports CSS custom properties for dynamic theming
- Automatic dark mode detection with manual override
#### Search and Filtering
- Client-side search for instant results
- Multi-criteria filtering (domain + phase + search term)
- Matrix view for comprehensive tool overview
#### Performance Optimization
- Static site generation for fast loading
- Minimal JavaScript footprint
- Local asset bundling (no CDNs)
- Optimized CSS with utility classes
## Deployment
### Static Hosting
Build and deploy to any static host:
```bash
npm run build
# Upload _site/ contents to your web server
```
### Docker
Create a `Dockerfile`:
```dockerfile
FROM node:18-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build
FROM nginx:alpine
COPY --from=builder /app/_site /usr/share/nginx/html
EXPOSE 80
```
### Self-Hosted Services
For lab environments, consider deploying alongside:
- **Timesketch**: Timeline Analyse platform
- **MISP**: Threat intelligence sharing
- **Neo4j**: Graph database for relationships
## Browser Support
Features gracefully degrade in older browsers.
## Contributing
### Tool Submissions
1. Fork the repository
2. Add tool information to `src/_data/tools.yaml`
3. Test locally with `npm start`
4. Submit a pull request
### Issue Bericht & Präsentation
Report bugs or suggest features via GitHub Issues.
### Development Guidelines
- Maintain sub-500ms search performance
- Test across major browsers
- Follow existing code style
- Update documentation for changes
## License
BSD-3-Clause License - see LICENSE file for details.
## Acknowledgments
- NIST SP 800-86 for DFIR methodology framework
- Eleventy static site generator
- Uptime Kuma for service monitoring
- Open source DFIR community
## Troubleshooting
### Common Issues
**Build fails with Sass errors**
```bash
npm install --save-dev sass@latest
```
**Search not working**
- Check browser console for JavaScript errors
- Ensure `window.toolsData` is populated
- Verify YAML syntax in tools.yaml
**Uptime Kuma integration failing**
- Check network connectivity to API endpoint
- Verify API key permissions
- Review browser network tab for CORS issues
**Performance issues**
- Ensure tools.yaml isn't excessively large (>1000 tools)
- Check for JavaScript errors blocking execution
- Verify efficient CSS selectors
### Getting Help
1. Check the troubleshooting section above
2. Review GitHub Issues for similar problems
3. Open a new issue with:
- Browser and version
- Error messages
- Steps to reproduce