Cyber Tools platform

Cyber Tools is a browser-based workspace for a college IT security team: one place to run day-to-day workflows instead of juggling a dozen vendor consoles. It brings together dashboards, file and log analysis helpers, threat-intel style feeds, and integrations with common enterprise tools — with strong auth, audit logging, and role-based access throughout.

The goal is operational speed: less context-switching, clearer handoffs between analysts, and safer automation behind the same login and policy layer.

• Backend: Python 3.x, Flask, Jinja templates, structured blueprints for major feature areas.
• Frontend: Server-rendered HTML with Bootstrap and Alpine-style interactivity where it helps — no heavy SPA for core flows.
• Containers: Docker image with a predictable runtime; docker-compose for local development and integration testing.
• Production: Google Cloud Run (from Cloud Build), HTTPS-only sessions, secrets via environment — not baked into images.
• AI & APIs: Optional Gemini / Vertex-powered features behind explicit configuration; external APIs (e.g. malware intel) where keys are available.

These are the kinds of capabilities the codebase is organised around — names and screens vary, but the themes are stable:

• Operations dashboard: Summary views and shortcuts for recurring checks — what needs attention first.
• File & artefact analysis: Upload or paste indicators, hash and inspect, tie into reputation and reporting flows.
• Threat-style feeds & research: Curated news and analysis with optional AI scoring — tuned so analysts can skim fast.
• Network & infrastructure views: Read-only hooks into monitoring and Wi-Fi platforms where APIs allow — fewer “open five tabs” moments.
• Browser forensics helpers: Guided workflows for artefacts you already have in scope — not a replacement for lab tools, but a practical front door.
• Identity & access: Google OAuth, SAML where required, granular tab permissions so teams only see what they should.
• Audit & accountability: Session and action logging suitable for a regulated environment.

1. Prototype locally — Flask app with templates; prove routes, auth, and the first integrations end-to-end.
2. Harden & modularise — Split features into blueprints and services, centralise config, add CSRF, upload limits, and proxy-aware headers for Cloud Run.
3. Containerise — Single image, explicit DATA_DIR / volume patterns for persistent JSON and logs in prod.
4. CI/CD — Cloud Build to Cloud Run with tagged revisions; environment-specific secrets and no debug in production.
5. Iterate with users — Kanban-style approvals, register workflows, and AI-assisted drafts landed where they reduced toil.

This page is a portfolio snapshot — not a public demo. Institutional identifiers and live URLs stay off the public site by design.