{"id":28098648,"url":"https://github.com/target/strelka-ui","last_synced_at":"2025-05-13T17:58:32.545Z","repository":{"id":61607431,"uuid":"525857111","full_name":"target/strelka-ui","owner":"target","description":"Strelka Web UI for File Submission and Analysis","archived":false,"fork":false,"pushed_at":"2025-04-30T18:11:39.000Z","size":25815,"stargazers_count":68,"open_issues_count":1,"forks_count":7,"subscribers_count":9,"default_branch":"main","last_synced_at":"2025-05-08T09:48:58.648Z","etag":null,"topics":["cfc","detection","file-scanner","python","python3","security","strelka","target-cfc","web-ui"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/target.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-08-17T15:41:05.000Z","updated_at":"2025-04-30T18:11:36.000Z","dependencies_parsed_at":"2023-02-15T11:31:33.125Z","dependency_job_id":"1b293976-6b92-4ab9-85cd-0dad3132de05","html_url":"https://github.com/target/strelka-ui","commit_stats":null,"previous_names":[],"tags_count":29,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/target%2Fstrelka-ui","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/target%2Fstrelka-ui/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/target%2Fstrelka-ui/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/target%2Fstrelka-ui/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/target","download_url":"https://codeload.github.com/target/strelka-ui/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253999797,"owners_count":21997336,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cfc","detection","file-scanner","python","python3","security","strelka","target-cfc","web-ui"],"created_at":"2025-05-13T17:58:31.765Z","updated_at":"2025-05-13T17:58:32.534Z","avatar_url":"https://github.com/target.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e\n \u003cimg src=\"./misc/assets/strelkaui_banner.png\" alt=\"Strelka Banner\" /\u003e\n\u003c/h1\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n[Releases][release]\u0026nbsp;\u0026nbsp;\u0026nbsp;|\u0026nbsp;\u0026nbsp;\u0026nbsp;[Pull Requests][pr]\u0026nbsp;\u0026nbsp;\u0026nbsp;|\u0026nbsp;\u0026nbsp;\u0026nbsp;[Issues][issues]\n\n[![GitHub release][img-version-badge]][repo] [![Build Status][img-actions-badge]][actions-ci] [![Pull Requests][img-pr-badge]][pr] [![Slack][img-slack-badge]][slack] [![License][img-license-badge]][license]\n\n\u003c/div\u003e\n\nThe Strelka Web UI is a browser and API-based file submission frontend for the [Strelka Enterprise File Scanner](https://github.com/target/strelka). It allows users to submit files to a Strelka cluster and review historical response results easily. The Strelka Web UI supports LDAP authentication and API access, providing a secure and flexible way to interact with the Strelka scanner. This document provides details on how to set up and use the Strelka Web UI, as well as its features and related projects.\n\n\u003cdiv align=\"center\"\u003e\n \u003cimg src=\"./misc/assets/strelkaui_results.gif\" alt=\"Strelka UI Results Page\" /\u003e\n \u003ch5\u003eStrelka UI Results Page\u003c/h5\u003e\n\u003c/div\u003e\n\n## Features\n\nThe file submission UI provides the following features:\n\n- Submit files to a Strelka cluster and examine responses from your browser.\n- Store and review previous submission results and activity in either a local or remote database.\n- Support for [LDAP Authentication](https://ldap.com/)\n- API support\n\n## Prerequisites\n\n- Accessible Strelka instance (See: [Strelka Quickstart](https://github.com/target/strelka#quickstart))\n- Docker\n- Docker-compose\n- Python 3.9+\n\n## Quick Start\n\nBy default, the Strelka UI is configured to use a minimal \"quickstart\" deployment that allows users to test the system. This deployment will target a local Strelka instance and start a local database. Users will be able to access this system with whatever username / password they want. For additional information on targeting a remote Strelka instance, database, or using LDAP for authentication, see the [Additional Setup](#quick-start) section:\n\n#### Step 1: Ensure a Strelka Cluster is Ready\n\n```\nStart or ensure Strelka cluster is ready and accessible.\nSee https://github.com/target/strelka for more information.\n```\n\n#### Step 2: Build and Start Strelka UI (Docker)\n\n```\n# Terminal 1\n# From the ./strelka-ui directory\n$ docker-compose -f docker-compose.yml up\n```\n\n#### Step 3: Access Strelka UI\n\n```\n1) Open A Browser\n2) Navigate to 0.0.0.0:8080\n3) Login with:\n - Username: strelka\n - Password: strelka\n```\n\n## Additional Steps\n\nThis section provides details on how to target a remote Strelka instance, a remote database for storage, and an LDAP server for authentication for more secure use. To enable these, you can use environment variables to override the defaults.\n\n#### Environment Variable Configuration\n\nBackend configuration is provided through environment variables and can be set statically in `./app/config/config.py`.\n\nRunning locally, the precedence of config is: `System environment -\u003e .env -\u003e ./app/config/config.py`.\nRunning in Docker, the precedence of config is: `Docker environment -\u003e System environment -\u003e ./app/config/config.py`.\n\nPlease reference `./app/example.env` for environment variable setup.\n\n#### Environment Variable Options\n\nThe following detail the configuration items in `./app/config/config.py`.\n\n| Field Name | Value | Required |\n|-----------------------------------------|-------------------------------------------------------------------------| -------- |\n| STRELKA_HOST | Strelka hostname (e.g., `0.0.0.0`) | Yes |\n| STRELKA_PORT | Strelka port number (e.g., `57314`) | Yes |\n| STRELKA_CERT | Path to certificate for Strelka, if needed (e.g., `/path/to/cert.pem`) | No |\n| CA_CERT_PATH | Path to CA certificates for LDAP, if needed (e.g., `/path/to/ca_certs`) | No |\n| VIRUSTOTAL_API_KEY | API Key for VirusTotal Hash Lookup | Yes |\n| VIRUSTOTAL_API_LIMIT | Limit how many files should be scanned by VirusTotal (Default: `30`) | Yes |\n| LDAP_URL | URL to LDAP server (e.g., `ldaps://ldap.example.com:636`) | No |\n| LDAP_SEARCH_BASE | Search base for LDAP queries (e.g., `DC=example,DC=com`) | No |\n| LDAP_USERNAME_ORGANIZATION | Username organization for LDAP queries (e.g., `org//`) | No |\n| LDAP_ATTRIBUTE_ACCOUNT_NAME_FIELD | LDAP attribute for account name (e.g., `sAMAccountName`) | No |\n| LDAP_ATTRIBUTE_FIRST_NAME_FIELD | LDAP attribute for first name (e.g., `givenName`) | No |\n| LDAP_ATTRIBUTE_LAST_NAME_FIELD | LDAP attribute for last name (e.g., `sn`) | No |\n| LDAP_ATTRIBUTE_MEMBER_OF_FIELD | LDAP attribute for member of (e.g., `memberOf`) | No |\n| LDAP_ATTRIBUTE_MEMBER_REQUIREMENT_FIELD | LDAP attribute for member requirement (e.g., `AD Attribute`) | No |\n| STATIC_ASSET_FOLDER | Build folder for UI (e.g., `build`) | Yes |\n| MIGRATION_DIRECTORY | SQLAlchemy migrations directory (e.g., `./migrations`) | Yes |\n| DATABASE_USERNAME | Database username (e.g., `admin`) | Yes |\n| DATABASE_PASSWORD | Database password (e.g., `password123`) | Yes |\n| DATABASE_HOST | Database hostname (e.g., `db.example.com`) | Yes |\n| DATABASE_PORT | Database port number (e.g., `5432`) | Yes |\n| DATABASE_DBNAME | Name of the database (e.g., `mydb`) | Yes |\n| API_KEY_EXPIRATION | Duration in days of API key expiration (e.g., `30`) | Yes |\n\n##### External Hotlink Support\n\nYou can also set a reference in the UI submission table to allow users to quickly pivot to an external site based on the `request.id`. By modifying `./ui/src/config.js` and following the `SEARCH_URL` example in the following table, you can provide users with a link to an external site (e.g., SIEM / logger). Ensure your link has the string `\u003cREPLACE\u003e` in it and the UI will replace that string with the relevant file's request ID.\n\nSupported modification fields in `./ui/src/config.js`:\n| Field Name | Value | Example |\n|--------------|------------------------------------------------------------------------------------------------|----------|\n| SEARCH_URL | Search URL for the external application | Ex: https://search.com/?q=request.id=\u003cREPLACE\u003e |\n| SEARCH_NAME | Search name for the external application | Ex: Splunk |\n| DEFAULT_EXCLUDED_SUBMITTERS | Default users to be exluded from Submission table view. Useful for hiding automations by default. | Ex: SearchBot |\n\n#### Providing CA certificates\nIf you need to provide a custom CA bundle due to your network environment, you can do so by setting the `REQUESTS_CA_BUNDLE` environment variable.\n\nWhen running via docker compose, the `certs` directory at the root of the project will be mounted to `/certs` in the container. Place your CA bundle in that directory and set the `REQUESTS_CA_BUNDLE` environment variable to point to it.\n\n## API\n\nThe Strelka UI also provides API routes for user script based access. Please reference the below routes for details:\n\n#### Authentication routes\n\n- [base url]/api/auth/login (POST)\n- [base url]/api/auth/logout (GET)\n\n#### Strelka routes\n\n- [base url]/api/strelka/scans/stats (GET)\n- [base url]/api/strelka/scans/upload (POST, form-encoded)\n- [base url]/api/strelka/scans?page=?\u0026per_page=? (GET)\n- [base url]/api/strelka/scans/[scan id](GET)\n\n#### Example\n\nExamples for how to authenticate to the Strelka UI API, gather Scan statistics, and Submit a file using Python `requests` can be found in `./misc/examples/api_examples.py`\n\n## Database\n\nThe database uses [https://www.sqlalchemy.org/](SQLAlchemy) as an ORM. [Flask-Migrate](https://flask-migrate.readthedocs.io/en/latest/) is used to provide db migrations though Alembic. A helper script file, `manage.py`, is provided to assist with common database tasks.\n\nIf you are creating a new database, or modifying the current one, you must perform the following steps - although upon starting the cluster, these commands will be executed for you:\n\nGenerate a new migration from model changes:\n\n- python manage.py db migrate\n\nUpdate the database using the current database configuration\n\n- python manage.py db upgrade\n\n## Application Details\n\nThe backend application is predominantly comprised of the following technologies:\n\n- [https://flask.palletsprojects.com/en/1.1.x/](Flask)\n- [https://www.sqlalchemy.org/](SQLAlchemy)\n- [https://www.postgresql.org/](PostgreSQL)\n\nThe frontend UI is a React JS application created using React served from Flask. The UI uses the `Antd` library and `Antd ProComponents`, and routing is handled by React Router.\n\n- [create-react-app](https://github.com/facebook/create-react-app)\n- [Ant Financial UI](https://ant.design/)\n- [Antd ProComponents](https://procomponents.ant.design/)\n- [React Router](https://reactrouter.com/web/)\n\n\u003cdiv align=\"center\"\u003e\n \u003cimg style=\"border:1px solid black;\" src=\"./misc/assets/strelkaui_dashboard.png\" alt=\"Strelka UI Dashboard Page\" /\u003e\n \u003ch5\u003eStrelka UI Dashboard Page\u003c/h5\u003e\n\u003c/div\u003e\n\n## Related Projects\n\n- [Strelka](https://github.com/target/strelka)\n\n## Licensing\n\nStrelka UI and its associated code is released under the terms of the [Apache 2.0 License](https://github.com/target/strelka-ui/blob/master/LICENSE).\n\n\u003cdiv align=\"center\"\u003e\n \u003cimg style=\"border:1px solid black;\" src=\"./misc/assets/target_banner.png\" alt=\"Target Banner\" /\u003e\n\u003c/div\u003e\n\n\u003c!--\nLinks\n--\u003e\n\n[release]: https://github.com/target/strelka-ui/releases/latest \"Strelka UI Latest Release\"\n[issues]: https://github.com/target/strelka-ui/issues \"Strelka UI Issues\"\n[pull-requests]: https://github.com/target/strelka-ui/pulls \"Strelka UI Pull Requests\"\n[repo]: https://github.com/target/strelka-ui \"Strelka UI Repository\"\n[slack]: https://join.slack.com/t/cfc-open-source/shared_invite/zt-e54crchh-a6x4iDy18D5lVwFKQoEeEQ \"Slack (external link)\"\n[actions-ci]: https://github.com/target/strelka-ui/actions/workflows/build_strelkaui_daily.yml \"Github Actions\"\n[pr]: https://github.com/target/strelka-ui/pulls \"Strelka UI Pull Requests\"\n[license]: https://github.com/target/strelka-ui/blob/master/LICENSE \"Strelka UI License File\"\n[docker]: https://www.docker.com/ \"Docker (external link)\"\n\n\u003c!--\nBadges\n--\u003e\n\n[img-version-badge]: https://img.shields.io/github/release/target/strelka-ui.svg?style=for-the-badge\n[img-actions-badge]: https://img.shields.io/github/actions/workflow/status/target/strelka-ui/build_strelkaui_daily.yml?branch=main\u0026style=for-the-badge\n[img-slack-badge]: https://img.shields.io/badge/slack-join-red.svg?style=for-the-badge\u0026logo=slack\n[img-pr-badge]: https://img.shields.io/badge/PRs-welcome-orange.svg?style=for-the-badge\u0026logo=data%3Aimage%2Fsvg%2Bxml%3Bbase64%2CPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c3ZnIGlkPSJzdmcyIiB3aWR0aD0iNjQ1IiBoZWlnaHQ9IjU4NSIgdmVyc2lvbj0iMS4wIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPiA8ZyBpZD0ibGF5ZXIxIj4gIDxwYXRoIGlkPSJwYXRoMjQxNyIgZD0ibTI5Ny4zIDU1MC44N2MtMTMuNzc1LTE1LjQzNi00OC4xNzEtNDUuNTMtNzYuNDM1LTY2Ljg3NC04My43NDQtNjMuMjQyLTk1LjE0Mi03Mi4zOTQtMTI5LjE0LTEwMy43LTYyLjY4NS01Ny43Mi04OS4zMDYtMTE1LjcxLTg5LjIxNC0xOTQuMzQgMC4wNDQ1MTItMzguMzg0IDIuNjYwOC01My4xNzIgMTMuNDEtNzUuNzk3IDE4LjIzNy0zOC4zODYgNDUuMS02Ni45MDkgNzkuNDQ1LTg0LjM1NSAyNC4zMjUtMTIuMzU2IDM2LjMyMy0xNy44NDUgNzYuOTQ0LTE4LjA3IDQyLjQ5My0wLjIzNDgzIDUxLjQzOSA0LjcxOTcgNzYuNDM1IDE4LjQ1MiAzMC40MjUgMTYuNzE0IDYxLjc0IDUyLjQzNiA2OC4yMTMgNzcuODExbDMuOTk4MSAxNS42NzIgOS44NTk2LTIxLjU4NWM1NS43MTYtMTIxLjk3IDIzMy42LTEyMC4xNSAyOTUuNSAzLjAzMTYgMTkuNjM4IDM5LjA3NiAyMS43OTQgMTIyLjUxIDQuMzgwMSAxNjkuNTEtMjIuNzE1IDYxLjMwOS02NS4zOCAxMDguMDUtMTY0LjAxIDE3OS42OC02NC42ODEgNDYuOTc0LTEzNy44OCAxMTguMDUtMTQyLjk4IDEyOC4wMy01LjkxNTUgMTEuNTg4LTAuMjgyMTYgMS44MTU5LTI2LjQwOC0yNy40NjF6IiBmaWxsPSIjZGQ1MDRmIi8%2BIDwvZz48L3N2Zz4%3D\n[img-license-badge]: https://img.shields.io/badge/license-apache-ff69b4.svg?style=for-the-badge\u0026logo=apache\n[img-docker-badge]: https://img.shields.io/badge/Supports-Docker-yellow.svg?style=for-the-badge\u0026logo=docker\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftarget%2Fstrelka-ui","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftarget%2Fstrelka-ui","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftarget%2Fstrelka-ui/lists"}