Spaces:
Sleeping
Sleeping
A newer version of the Gradio SDK is available:
5.45.0
metadata
title: ThreatRadar
emoji: π
colorFrom: yellow
colorTo: red
sdk: gradio
sdk_version: 5.33.0
app_file: src/gradio_interface.py
pinned: false
license: mit
short_description: AI-Powered Cybersecurity Threat Intelligence
tags:
- mcp-server-track
π‘ ThreatRadar
AI-Powered Cybersecurity Threat Intelligence
A comprehensive cybersecurity threat intelligence platform that combines IOC (Indicator of Compromise) analysis with advanced threat intelligence capabilities. ThreatRadar provides an intuitive web interface for cybersecurity professionals and researchers.
Demo Link - Demo Link
π Features
- π― IOC Analysis: Analyze IP addresses, domains, URLs, and file hashes using VirusTotal
- π Threat Intelligence: Search and analyze cybersecurity threats, APT groups, malware families using Tavily
- π€ AI-Powered Analysis: Uses Nebius LLM for intelligent threat assessment and natural language processing
- β‘ Real-Time Detection: Automatically identifies and extracts IOCs from natural language queries
- π₯οΈ Web Interface: Intuitive Gradio-powered web interface for easy access
- π Rich Reporting: HTML-formatted results with expandable raw data sections
π οΈ Quick Start
π Prerequisites
- API Keys for:
- VirusTotal API (sign up at https://www.virustotal.com/gui/join-us)
- Nebius API (for LLM analysis)
- Tavily API (optional, for enhanced threat intelligence)
π§ Setup
- Configure your API keys in the Hugging Face Spaces secrets:
VT_API_KEY: Your VirusTotal API keyNEBIUS_API_KEY: Your Nebius API keyTAVILY_API_KEY: Your Tavily API key (optional)
π― Usage
π Web Interface (Gradio)
The application automatically starts when deployed to Hugging Face Spaces. Simply:
- Enter your query in the input field
- Click "π Analyze" to get comprehensive threat intelligence
π Example Queries
| Query Type | Example | Description |
|---|---|---|
| IP Address | 8.8.8.8 |
Analyze IP reputation and threat status |
| Domain | malicious-domain.com |
Check domain for malicious activity |
| File Hash | 44d88612fea8a8f36de82e1278abb02f |
Analyze file hash (MD5/SHA1/SHA256) |
| URL | https://suspicious-site.com |
Check URL for threats |
| APT Intelligence | What is APT29? |
Get threat actor information |
| Malware Research | Tell me about Lazarus Group |
Research threat groups |
| General Security | Explain ransomware attack vectors |
Security knowledge queries |
π MCP Server Integration
ThreatRadar automatically provides an MCP (Model Context Protocol) server through Gradio when deployed. This allows integration with MCP-compatible tools and IDEs.
Available MCP Tool:
analyze_cyberthreat_query: Comprehensive cybersecurity analysis with automatic IOC detection and threat intelligence- Handles: IOCs (IPs, domains, URLs, hashes), APT groups, malware families, campaigns, tactics, and natural language queries
- Auto-detects: Automatically identifies IOC types and routes to appropriate analysis engines
- Examples:
- "8.8.8.8" - IP analysis
- "APT29 tactics" - Threat intelligence search
- "What can you tell me about the IP 192.168.1.1 and APT29?" - Mixed analysis
Using with Cursor IDE:
- ThreatRadar automatically exposes MCP tools when running
- Connect your Cursor IDE or other mcp compatible application to the ThreatRadar MCP server
- Use the tools directly from your IDE for threat analysis
# To use with locally cloned applicaiton
Add the below to mcp.json file to use the mcp server. Replace the URL with one provided by GRADIO.
Use it through locally run gradio_interface.py
{
"mcpServers": {
"gradio": {
"url": "http://127.0.0.1:7860/gradio_api/mcp/sse"
}
}
}
# Or through gradio spaces mcp url
{
"mcpServers": {
"gradio": {
"url": "https://agents-mcp-hackathon-threatradar.hf.space/gradio_api/mcp/sse"
}
}
}
ποΈ Project Structure
ThreatRadar/
βββ π requirements.txt # Python dependencies
βββ π src/ # Main source code
βββ π gradio_interface.py # Web interface (Gradio)
βββ π core/ # Core functionality modules
βββ π§ base_client.py # Base client class
βββ π‘οΈ virustotal_client.py # VirusTotal API integration
βββ π€ nebius_llm_client.py # Nebius LLM integration
π Acknowledgments
- VirusTotal for comprehensive malware detection
- Tavily for enhanced threat intelligence search
- Nebius for AI-powered analysis capabilities
- Gradio for the intuitive web interface
- Hugging Face for providing the Spaces platform