Skip to content
/ HXTool Public
forked from fireeye/HXTool

HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physical workstation. HXTool provides additional features and capabilities over the standard FireEye HX web user interface. HXTool uses the fully documented REST API that comes with the FireEye HX for communication w…

License

Notifications You must be signed in to change notification settings

4n6mole/HXTool

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

HXTool

Summary

HXTool is a web-based, standalone tool that can be used with FireEye Endpoint Security (formerly HX).

HXTool provides additional features not directly available in the product by leveraging FireEye Endpoint Security's rich API.

Version

4.7

Installation

To install HXTool:

  1. Ensure that you have a working Python installation, see the Dependencies section below for version requirements.
  2. Unzip the distribution archive; Or, if you have code repository access, fetch the repo and place the files in a directory.
  3. Install HXTool's dependencies by running pip install -r requirements.txt from your operating system's command shell.
    • On Windows systems, pip.exe can be found in the "scripts" folder under your Python installation directory.
  4. After installing the dependencies, run python hxtool.py from your operating system's command shell and the server will start listening to tcp port 8080 (HTTPS).
    • Alternatively, on Windows, you should be able to double-click on the hxtool.py file.
  5. Access the web user interface via a browser: https://127.0.0.1:8080 (tested with Google Chrome and Mozilla Firefox)
  6. You will need an account on the Endpoint Security (HX) controller that has either the api_admin or api_analyst role.
  7. Don't forget to set the Background Processing credentials under Admin --> HXTool Settings. These credentials are used by the scheduler, and can be the same as what you have logged in with, or a separate set.

Dependencies

Python 3.6+

Full dependency list available in requirements.txt.

Optionally, the pymongo library may be installed for additional database functionality.

Configuration

Configuration for HXTool is held in the conf.json file, documentation is in README.CONFIG.

Docker

To build a Docker image from the HXTool source, execute the following:

docker build --pull -t hxtool:latest .

To run HXTool once the image build process is complete, execute the following:

docker run -p 8080:8080/tcp -d --cap-add=IPC_LOCK --name hxtool hxtool:latest

IPC_LOCK is needed for the GNOME keyring daemon. See README.DOCKER

Contribution

Guidelines

None so far

Who do I talk to?

Contributors

About

HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physical workstation. HXTool provides additional features and capabilities over the standard FireEye HX web user interface. HXTool uses the fully documented REST API that comes with the FireEye HX for communication w…

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • JavaScript 39.6%
  • Python 24.9%
  • HTML 21.1%
  • CSS 14.4%