{"id":15115322,"url":"https://github.com/J4FSec/In0ri","last_synced_at":"2025-09-27T21:30:32.322Z","repository":{"id":42590685,"uuid":"385320644","full_name":"J4FSec/In0ri","owner":"J4FSec","description":"Website defacement attack detection with deep learning ","archived":false,"fork":false,"pushed_at":"2023-06-30T03:00:45.000Z","size":302267,"stargazers_count":57,"open_issues_count":0,"forks_count":13,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-09-27T01:48:21.212Z","etag":null,"topics":["blackhat","blackhat2021","deep-learning","deface","defacement","defense","python"],"latest_commit_sha":null,"homepage":"","language":"CSS","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/J4FSec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-07-12T16:57:22.000Z","updated_at":"2024-08-13T05:59:22.000Z","dependencies_parsed_at":"2023-01-20T04:34:02.943Z","dependency_job_id":null,"html_url":"https://github.com/J4FSec/In0ri","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/J4FSec%2FIn0ri","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/J4FSec%2FIn0ri/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/J4FSec%2FIn0ri/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/J4FSec%2FIn0ri/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/J4FSec","download_url":"https://codeload.github.com/J4FSec/In0ri/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":234460505,"owners_count":18836837,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blackhat","blackhat2021","deep-learning","deface","defacement","defense","python"],"created_at":"2024-09-26T01:43:46.570Z","updated_at":"2025-09-27T21:30:27.193Z","avatar_url":"https://github.com/J4FSec.png","language":"CSS","funding_links":[],"categories":["CSS"],"sub_categories":[],"readme":"![](img/logo_transparent.png)\n![GitHub](https://img.shields.io/github/license/J4FSec/In0ri) ![](https://img.shields.io/badge/Python-3.6-informational) ![](https://img.shields.io/badge/uses-Flask-informational) ![](https://img.shields.io/badge/uses-Tensorflow-informational) ![](https://img.shields.io/badge/uses-Keras-informational) ![](https://img.shields.io/badge/uses-OpenSSL-informational) ![](https://img.shields.io/badge/uses-watchdog-informational)\n\nIn0ri is a defacement detection system utilizing a image-classification convolutional neural network.\n\n## Introduction\nWhen monitoring a website, In0ri will periodically take a screenshot of the website then put it through a preprocessor that will resize the image down to 250x250px and numericalize the image before passing it onto the classifier. The core of the classifier is a convolutional neural network that is trained to detect the defacement of a website. If the monitored website is indeed, defaced, In0ri will send out warnings via email to the user.\n\n## Requirement\n* Python3 (version \u003e=3.6)\n* Docker\n* Docker-compose\n\n## Installation\n\n### Cloning the repository\n\n```sh\ngit clone https://github.com/J4FSec/In0ri.git\ncd In0ri\n```\n\n### Docker\n\nYou can also use In0ri via the official Docker container  [here](https://hub.docker.com/repository/docker/in0ri/defaced).\n\n### Starting In0ri\n\n```sh\ndocker-compose up -d\n```\nAfter running the In0ri, open an Internet browser to `https://\u003cserverIP\u003e:8080/` to show WebUI.\n\n### Configuring email credentials to send notifications and agent keys from\n\nGoing to the WebUI and click tab \"Setting\" then select tag \"Email\" to configure email server.\n\n```py\nMail Server = \"mail.example.com\"\nUsername = \"foo@gmail.com\"\nPassword = \"$uper$ecurePa$$word\"\n```\n\n### Configure Telegram notification\n\nGoing to the WebUI and click tab \"Setting\" then select tag \"Telegram\" to configure Channel notifications on Telegram.\n\n```py\nChat ID= 'foo' # Channel ID to send notifications to\nToken = 'bar' # Bot token retrieved from @BotFather\n```\n\n## Usage\n\nThere are two ways to deploy and using In0ri:\n* Running off crontab by periodically visiting the url.\n* Internal agent running off the web server\n\n### First Method: URL Check\n\nVisit the Dashboard tab on WebUI, click on \"Add URLs\" then fill in the form and submit it.\n\n### Second Method: Internal Agent\n\nAt the table listing all urls which were registered on WebUI, click on \"Create Key\" button at column Actions, the Active Key will send to your email or click \"Details\" button to show it.\n\nOn the web server that you wants to be monitored by In0ri, download the Agent folder from Github repository\n\nInstalling the required packages for the internal Agent\n\n```sh\npython3 -m pip install -r requirements.txt\n```\n\nEdit the file `config.json` in the same folder as agent\n\n```sh\nnano config.json\n```\n\nA `key` is sent to your email after registering the Agent on the WebUI\n`rootPath` is the root directory of the web application that you want to be monitored\n`exludePath` are the subfolders that you wants excluded from the scans\n`apiServer` is the URL to the API server of In0ri\n`serverIP` is the IP of the API server of In0ri\n\n```json\n{\n    \"id\":\"01\",\n    \"key\":\"123123123\",\n    \"rootPath\":\"/var/www/html\",\n    \"excludePath\":\"\",\n    \"apiServer\":\"http://\u003cserverIP\u003e:8088/checkdeface\"\n}\n```\n\nAnd run the Agent:\n\n```sh\npython3 agent.py\n```\n## References\n\n* Model training is handled by [Shu](https://github.com/J4FSec/Shu)\n* [Black Hat Europe 2021](https://www.blackhat.com/eu-21/arsenal/schedule/index.html#inri-25045)\n* [Black Hat Asia 2022](https://www.blackhat.com/asia-22/arsenal/schedule/#inri-open-source-defacement-detection-with-deep-learning-25866)\n* [Black Hat USA 2022](https://www.blackhat.com/us-22/arsenal/schedule/index.html#inri-open-source-defacement-detection-with-deep-learning-27967)\n* Mentioned by [Kitploit](https://www.kitploit.com/2021/07/in0ri-defacement-detection-with-deep.html)\n\n## Authors\n\nIn0ri is built by Echidna with the help of Cu64 and Klone.\n\n## Contributing\nPull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.\n\n## License\n[GNU AGPLv3](https://choosealicense.com/licenses/agpl-3.0/)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FJ4FSec%2FIn0ri","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FJ4FSec%2FIn0ri","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FJ4FSec%2FIn0ri/lists"}