Sentinel IOC
π GitHub Pages
A C++ project for analyzing Indicators of Compromise (IOCs) using Object-Oriented Programming principles.
Description
Sentinel IOC simulates an IOC analyzer (malicious IPs, URLs, and hashes), enabling users to register, view, update, and delete this information. Itβs a practical introduction to Object-Oriented Programming (OOP) in C++.
Technologies Used
- Language: C++
- OOP Concepts: Inheritance, Polymorphism, Encapsulation & Abstraction
- File Handling: CSV (simulating database)
- Tools: Git & GitHub
- Documentation: GitHub Pages
- Other: Pointers and References
Features
- Register IOCs (IP, URL, Hash)
- List and search IOCs
- Update and delete IOCs
- Simulated threat analysis
- Command-line interface
- Graphical User Interface (optional, under development)
Project Structure
π sentinel-ioc/
β£ π googletest >> Unit tests
β£ π src/
β β£ π CLI
β β β£ π cli.hpp >> CLI interface class
β β β π cli.cpp
β β£ π data/
β β β π iocs.csv >> Simulated database (CSV format)
β β£ π fileManager
β β β£ π fileManager.hpp >> File read/write manager
β β β π fileManager.cpp
β β£ π indicator
β β β£ π indicator.hpp >> Abstract base class for IOCs
β β β π indicator.cpp
β β£ π indicatorManager
β β β£ π indicatorManager.hpp >> Manages IOC CRUD operations
β β β π indicatorManager.cpp
β β£ π maliciousHash
β β β£ π maliciousHash.hpp >> Derived class for malicious hash
β β β π maliciousHash.cpp
β β£ π maliciousIP
β β β£ π maliciousIP.hpp >> Derived class for malicious IP
β β β π maliciousIP.cpp
β β£ π maliciousURL
β β β£ π maliciousURL.hpp >> Derived class for malicious URL
β β β π maliciousURL.cpp
β β£ π utils
β β β£ π utils.hpp >> Utility functions (e.g., menu, timestamps)
β β β π utils.cpp
β β£ π sentinel.exe >> Main executable
β β£ π sentinel_tests.exe >> Unit tests executable
β β π main.cpp >> Application entry point
β£ π public/
β β£ π assets >> Project images
β β£ π sentinel-ioc.puml >> UML diagram
β β π report.md >> Project report
β β π report.pdf >> Project report
β π README_EN.md
OOP Concepts Demonstrated
- Classes & Objects: Used to define and instantiate IOCs and their manager.
- Inheritance:
MaliciousIP,MaliciousURL, andMaliciousHashinherit from the base classIndicator. - Polymorphism: A single
Indicator*pointer can refer to any derived IOC type. - Encapsulation: Controlled access via
private,protected, andpublicmembers. - Abstraction: The
Indicatorclass acts as an abstract interface for different types of indicators. TheCLIonly interacts with theIndicatorManagerβs public interface, without knowing the internal details of storing, searching or generating IDs.
How to Run on CLI
Clone the Repository
git clone https://github.com/bomday/sentinel-ioc.git
Requirements
- g++ version 7.0 or later
- Compile and run from the
/srcdirectory
Compile the Program
g++ -g -std=c++17 -o sentinel.exe main.cpp cli/cli.cpp utils/utils.cpp indicator/indicator.cpp maliciousIP/maliciousIP.cpp maliciousURL/maliciousURL.cpp maliciousHash/maliciousHash.cpp indicatorManager/indicatorManager.cpp fileManager/fileManager.cpp -I. -Icli -Iutils -Iindicator -ImaliciousIP -ImaliciousURL -ImaliciousHash -IindicatorManager -IfileManager
Run the Program
./sentinel.exe
Running Unit Tests
See the Test README
Running the Graphical User Interface (GUI)
See the GUI README
Video Demo
π Understand our structure and watch our Demo: YouTube
Interface finalized after first delivery
Images
Project Report
See the Report
Team
| Name | Course |
|---|---|
| Beatriz Helena | Information Systems |
| Dayane Lima | Information Systems |
| Maria AntΓ΄nia | Information Systems |
| Rafael Teles | Information Systems |
| Williams Andrade | Information Systems |