Hugging Face's logo

Spaces:
S-Dreamer
/
CyberForge
Running

App Files Community
CyberForge
File size: 2,397 Bytes 
bb6d7b4
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
"""
Model for storing threat information discovered in dark web monitoring.
"""
from sqlalchemy import Column, String, Text, Integer, Float, DateTime, Enum
from sqlalchemy.orm import relationship
import enum
from datetime import datetime

from src.models.base import BaseModel

class ThreatSeverity(enum.Enum):
    """Severity levels for threats."""
    CRITICAL = "Critical"
    HIGH = "High"
    MEDIUM = "Medium"
    LOW = "Low"
    INFORMATIONAL = "Informational"


class ThreatCategory(enum.Enum):
    """Categories of threats."""
    DATA_BREACH = "Data Breach"
    CREDENTIAL_LEAK = "Credential Leak"
    VULNERABILITY = "Vulnerability"
    MALWARE = "Malware"
    PHISHING = "Phishing"
    IDENTITY_THEFT = "Identity Theft"
    RANSOMWARE = "Ransomware"
    DARK_WEB_MENTION = "Dark Web Mention"
    SOCIAL_ENGINEERING = "Social Engineering"
    INSIDER_THREAT = "Insider Threat"
    APT = "Advanced Persistent Threat"
    OTHER = "Other"


class ThreatStatus(enum.Enum):
    """Status of a threat."""
    NEW = "New"
    INVESTIGATING = "Investigating"
    CONFIRMED = "Confirmed"
    MITIGATED = "Mitigated"
    RESOLVED = "Resolved"
    FALSE_POSITIVE = "False Positive"


class Threat(BaseModel):
    """Model for threats discovered in dark web monitoring."""
    __tablename__ = "threats"
    
    # Threat metadata
    title = Column(String(255), nullable=False)
    description = Column(Text, nullable=False)
    severity = Column(Enum(ThreatSeverity), nullable=False)
    category = Column(Enum(ThreatCategory), nullable=False)
    status = Column(Enum(ThreatStatus), nullable=False, default=ThreatStatus.NEW)
    
    # Source information
    source_url = Column(String(1024))
    source_name = Column(String(255))
    source_type = Column(String(100))
    discovered_at = Column(DateTime, default=datetime.utcnow)
    
    # Affected entity
    affected_entity = Column(String(255))
    affected_entity_type = Column(String(100))
    
    # Risk assessment
    confidence_score = Column(Float, default=0.0)
    risk_score = Column(Float, default=0.0)
    
    # Relationships
    indicators = relationship("Indicator", back_populates="threat", cascade="all, delete-orphan")
    alerts = relationship("Alert", back_populates="threat", cascade="all, delete-orphan")
    
    def __repr__(self):
        return f"<Threat(id={self.id}, title={self.title}, severity={self.severity})>"