admin/RmEye
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1

Browse Source 
1
This commit is contained in:
huoji
2022-10-11 16:59:26 +08:00
parent 534443a475
commit a31398883e
5 changed files with 44 additions and 114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
Image/18.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 320 KiB

BIN
Image/dashboard_new.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 157 KiB

129
Web/syseye/src/layouts/MainLayout.vue
View File

@@ -1,116 +1,37 @@
<template>
<q-layout view="lHh Lpr lFf" style="background-color: rgb(239, 243, 246)">
<q-layout view="lHh Lpr lFf" style="background-color: rgb(239, 243, 246)">
<q-header elevated height-hint="98">
<q-toolbar class="text-primary bg-white">
<q-toolbar-title> RmEye内部测试版本v0.0.0.1 </q-toolbar-title>
<q-btn flat round dense icon="lightbulb"></q-btn>
</q-toolbar>
<q-toolbar class="text-white" style="background-color: rgb(210,61,42)">
<q-toolbar-title> RmEye测试版v1.0.1.3 </q-toolbar-title>
<q-btn flat round dense icon="lightbulb"></q-btn>
</q-toolbar>
<q-toolbar style="font-size: 16px;background-color:rgb(47,43,48);">
<q-breadcrumbs active-color="white">
<q-breadcrumbs-el label="仪表盘" icon="dashboard" to="/page/dashboard" />
<q-breadcrumbs-el label="未处理威胁列表" icon="report" to="#" @click="routerToThreatList(0);" />
<q-breadcrumbs-el label="已处理威胁列表" icon="done" to="#" @click="routerToThreatList(1);" />
<q-breadcrumbs-el label="已忽略威胁列表" icon="texture" to="#" @click="routerToThreatList(2);" />
<q-breadcrumbs-el label="白名单列表" icon="list" to="#" @click="routerToWhiteList();" />
</q-breadcrumbs>
</q-toolbar>
</q-header>
<q-drawer
show-if-above
:mini="miniState"
@mouseover="miniState = false"
@mouseout="miniState = true"
:width="200"
:breakpoint="500"
bordered
class="bg-white text-primary"
>
<q-scroll-area class="fit">
<q-list padding>
<q-item
:active="selectLabel == 'dashboard'"
clickable
v-ripple
active-class="menu-active"
@click="selectLabel = 'dashboard'"
to="/page/dashboard"
>
<q-item-section avatar>
<q-icon name="dashboard" />
</q-item-section>
<q-item-section> 仪表盘 </q-item-section>
</q-item>
<q-item
:active="selectLabel == 'non_hanlde_report'"
clickable
v-ripple
active-class="menu-active"
@click="
selectLabel = 'non_hanlde_report';
routerToThreatList(0);
"
>
<q-item-section avatar>
<q-icon name="report" />
</q-item-section>
<q-item-section> 未处理威胁列表 </q-item-section>
</q-item>
<q-item
:active="selectLabel == 'handle_report'"
clickable
v-ripple
active-class="menu-active"
@click="
selectLabel = 'handle_report';
routerToThreatList(1);
"
>
<q-item-section avatar>
<q-icon name="done" />
</q-item-section>
<q-item-section> 已处理威胁列表 </q-item-section>
</q-item>
<q-item
:active="selectLabel == 'ingore_report'"
clickable
v-ripple
active-class="menu-active"
@click="
selectLabel = 'ingore_report';
routerToThreatList(2);
"
>
<q-item-section avatar>
<q-icon name="texture" />
</q-item-section>
<q-item-section> 已忽略威胁列表 </q-item-section>
</q-item>
<q-item
:active="selectLabel == 'white_list'"
clickable
v-ripple
active-class="menu-active"
@click="
selectLabel = 'white_list';
routerToWhiteList();
"
>
<q-item-section avatar>
<q-icon name="list" />
</q-item-section>
<q-item-section> 白名单列表 </q-item-section>
</q-item>
</q-list>
</q-scroll-area>
</q-drawer>
<template v-if="isInPlugin == false">
<q-page-container>
<router-view />
</q-page-container>
<q-page-container>
<router-view />
</q-page-container>
</template>
<template v-if="isInPlugin">
<div class="q-gutter-md q-mb-sm q-pa-lg">
<HtmlPanel v-model:url="PluginUrl" />
</div>
<div class="q-gutter-md q-mb-sm q-pa-lg">
<HtmlPanel v-model:url="PluginUrl" />
</div>
</template>
</q-layout>
</q-layout>
</template>
<script>
import { defineComponent } from 'vue'
import {
defineComponent
} from 'vue'
import HtmlPanel from '../components/Html.vue' // 根据实际路径导入
import axios from 'axios'
export default defineComponent({
@@ -185,7 +106,7 @@ export default defineComponent({
/*滚动条里面小方块*/
border-radius: 15px;
-webkit-box-shadow: inset 0 0 5px rgba(0, 0, 0, 0.2);
background: #027be3;
background: rgb(47,43,48);
}
::-webkit-scrollbar-track {

20
Web/syseye/src/pages/Dashboard.vue
View File

@@ -63,29 +63,29 @@ export default defineComponent({
title: '发现的威胁',
icon: 'remove_red_eye',
value: '200',
color1: '#5064b5',
color2: '#3e51b5'
color1: '#b9b6ab',
color2: '#969388'
},
{
title: '确认的威胁',
icon: 'flash_on',
value: '500',
color1: '#f37169',
color2: '#f34636'
color1: '#9f6a61',
color2: '#a27a73'
},
{
title: '忽略的威胁',
icon: 'texture',
icon: 'add_moderator',
value: '50',
color1: '#ea6a7f',
color2: '#ea4b64'
color1: '#1fd7a2',
color2: '#19C896'
},
{
title: '进行中的威胁',
icon: 'bar_chart',
icon: 'stream',
value: '1020',
color1: '#a270b1',
color2: '#9f52b1'
color1: '#f34a50',
color2: '#c77c6f'
}
],
threatStatistics: {

9
readme.md
View File

@@ -25,6 +25,9 @@ https://key08.com/index.php/2022/08/09/1505.html
请牢记,RmEye自身定位是轻量级威胁检出工具
### 最新新闻
2022/10/11:
重新设计了一下界面...
2022/9/29:
国庆节更新,增加ip与hash的ioc插件,目前Rmeye有能力对ip和hash进行标注,使用时务必换成自己的apikey,其他请看下面的ioc部分
@@ -53,6 +56,12 @@ https://github.com/RoomaSec/RmEye/blob/main/doc_day0_rule.md
增加uac提权检测插件`uac_bypass_detect`,但是受限于sysmon,没有办法获取RPC信息,因此只能检测一部分的UAC提权行为.并且有误报,请酌情考虑
### 检出截图
新dashboard(2022/10/11更新):
![image](Image/dashboard_new.png)
新界面(2022/10/11更新):
![image](Image/18.png)
IOC(2022/10/1更新):
![image](Image/16.png)
![image](Image/17.png)