From 55c50614e07c4207866b6de4ebe83c41b0253381 Mon Sep 17 00:00:00 2001 From: cschantz Date: Thu, 5 Feb 2026 20:39:35 -0500 Subject: [PATCH] Reorganize Security & Monitoring menu with sub-menus MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Issue: Security menu had 17 flat options, hard to navigate New Structure: Main Security Menu now has 5 organized categories: 1) 📊 Threat Analysis (5 tools) - Bot & Traffic Analyzer (full + quick scan) - IP Reputation Manager - Suspicious Login Monitor - Malware Scanner 2) 🔴 Live Monitoring (4 tools) - Live Attack Monitor - SSH Attack Monitor - Web Traffic Monitor - Firewall Activity Monitor 3) 📋 Log Viewers (4 tools) - Apache Access/Error logs - Mail log - Security log 4) 🔒 Security Actions (3 tools) - Enable cPHulk - Optimize CT_LIMIT - Block Malicious Bots 5) 🛠️ System Diagnostics (1 tool) - Historical Attack Analysis Implementation: - Added 5 sub-menu show/handle function pairs (10 functions) - Simplified main security menu to 5 category options - Maintained all existing module paths (no breaking changes) - Total: +163 lines, -39 lines (net +124 lines) Benefits: - Easier navigation - fewer options per screen - Logical grouping - related tools together - Scalable - easy to add new tools to categories - Clearer purpose - category names show intent Testing: ✓ Syntax validated ✓ All function calls preserved ✓ Navigation flow: Main → Category → Tool → Back Co-Authored-By: Claude Sonnet 4.5 --- launcher.sh | 202 ++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 163 insertions(+), 39 deletions(-) diff --git a/launcher.sh b/launcher.sh index 7988e45..9bc01cf 100755 --- a/launcher.sh +++ b/launcher.sh @@ -110,41 +110,177 @@ show_main_menu() { # SECURITY & MONITORING ############################################################################# -show_security_menu() { +############################################################################# +# SECURITY SUB-MENUS +############################################################################# + +# Threat Analysis Sub-Menu +show_threat_analysis_menu() { show_banner - echo -e "${GREEN}${BOLD}🛡️ Security & Monitoring${NC}" - echo "" - echo -e "${BOLD}Threat Analysis:${NC}" + echo -e "${GREEN}${BOLD}📊 Threat Analysis${NC}" echo "" echo -e " ${CYAN}1)${NC} 🤖 Bot & Traffic Analyzer - Full analysis (all logs)" echo -e " ${CYAN}2)${NC} 🤖 Quick Scan (1 hour) - Recent activity only" echo -e " ${CYAN}3)${NC} 📊 IP Reputation Manager - Query/manage IP database" - echo -e " ${CYAN}4)${NC} 🦠 Malware Scanner - ImunifyAV, ClamAV, Maldet" - echo -e " ${CYAN}17)${NC} 🔐 Suspicious Login Monitor - SSH/Panel login analysis" + echo -e " ${CYAN}4)${NC} 🔐 Suspicious Login Monitor - SSH/Panel login analysis" + echo -e " ${CYAN}5)${NC} 🦠 Malware Scanner - ImunifyAV, ClamAV, Maldet" echo "" - echo -e "${BOLD}Live Monitoring:${NC}" + echo -e " ${RED}0)${NC} Back to Security Menu" echo "" - echo -e " ${MAGENTA}5)${NC} 📡 Live Attack Monitor - Unified threat intelligence" - echo -e " ${MAGENTA}6)${NC} 🔐 SSH Attack Monitor - SSH brute force detection" - echo -e " ${MAGENTA}7)${NC} 🌐 Web Traffic Monitor - HTTP attack detection" - echo -e " ${MAGENTA}8)${NC} 🔥 Firewall Activity Monitor - CSF/iptables monitoring" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +handle_threat_analysis_menu() { + while true; do + show_threat_analysis_menu + read -r choice + + case $choice in + 1) run_module "security" "bot-analyzer.sh" ;; + 2) run_module "security" "bot-analyzer.sh" -H 1 ;; + 3) run_module "security" "ip-reputation-manager.sh" ;; + 4) run_module "security" "suspicious-login-monitor.sh" ;; + 5) run_module "security" "malware-scanner.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Live Monitoring Sub-Menu +show_live_monitoring_menu() { + show_banner + echo -e "${MAGENTA}${BOLD}🔴 Live Monitoring${NC}" echo "" - echo -e "${BOLD}Log Viewers:${NC}" + echo -e " ${MAGENTA}1)${NC} 📡 Live Attack Monitor - Unified threat intelligence" + echo -e " ${MAGENTA}2)${NC} 🔐 SSH Attack Monitor - SSH brute force detection" + echo -e " ${MAGENTA}3)${NC} 🌐 Web Traffic Monitor - HTTP attack detection" + echo -e " ${MAGENTA}4)${NC} 🔥 Firewall Activity Monitor - CSF/iptables monitoring" echo "" - echo -e " ${CYAN}9)${NC} Tail Apache Access Log - Live web access" - echo -e " ${CYAN}10)${NC} Tail Apache Error Log - Live web errors" - echo -e " ${CYAN}11)${NC} Tail Mail Log - Live email activity" - echo -e " ${CYAN}12)${NC} Tail Security Log - Live auth attempts" + echo -e " ${RED}0)${NC} Back to Security Menu" echo "" - echo -e "${BOLD}Security Actions:${NC}" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +handle_live_monitoring_menu() { + while true; do + show_live_monitoring_menu + read -r choice + + case $choice in + 1) run_module "security" "live-attack-monitor.sh" ;; + 2) run_module "security" "ssh-attack-monitor.sh" ;; + 3) run_module "security" "web-traffic-monitor.sh" ;; + 4) run_module "security" "firewall-activity-monitor.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Log Viewers Sub-Menu +show_log_viewers_menu() { + show_banner + echo -e "${BLUE}${BOLD}📋 Log Viewers${NC}" echo "" - echo -e " ${YELLOW}13)${NC} 🔒 Enable cPHulk Protection - Brute force protection" - echo -e " ${YELLOW}14)${NC} ⚙️ Optimize CT_LIMIT - Connection tracking tuning" - echo -e " ${YELLOW}16)${NC} 🤖 Block Malicious Bots - User-Agent blocking (Apache)" + echo -e " ${BLUE}1)${NC} 🌐 Apache Access Log - Live web access" + echo -e " ${BLUE}2)${NC} ❌ Apache Error Log - Live web errors" + echo -e " ${BLUE}3)${NC} 📧 Mail Log - Live email activity" + echo -e " ${BLUE}4)${NC} 🔐 Security Log - Live auth attempts" echo "" - echo -e "${BOLD}Analysis Tools:${NC}" + echo -e " ${RED}0)${NC} Back to Security Menu" echo "" - echo -e " ${GREEN}15)${NC} 🛡️ Historical Attack Analysis - Scan past logs for attacks (ET Open)" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +handle_log_viewers_menu() { + while true; do + show_log_viewers_menu + read -r choice + + case $choice in + 1) run_module "security" "tail-apache-access.sh" ;; + 2) run_module "security" "tail-apache-error.sh" ;; + 3) run_module "security" "tail-mail-log.sh" ;; + 4) run_module "security" "tail-secure-log.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Security Actions Sub-Menu +show_security_actions_menu() { + show_banner + echo -e "${YELLOW}${BOLD}🔒 Security Actions${NC}" + echo "" + echo -e " ${YELLOW}1)${NC} 🔒 Enable cPHulk Protection - Brute force protection" + echo -e " ${YELLOW}2)${NC} ⚙️ Optimize CT_LIMIT - Connection tracking tuning" + echo -e " ${YELLOW}3)${NC} 🤖 Block Malicious Bots - User-Agent blocking (Apache)" + echo "" + echo -e " ${RED}0)${NC} Back to Security Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +handle_security_actions_menu() { + while true; do + show_security_actions_menu + read -r choice + + case $choice in + 1) run_module "security" "enable-cphulk.sh" ;; + 2) run_module "security" "optimize-ct-limit.sh" ;; + 3) run_module "security" "bot-blocker.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# System Diagnostics Sub-Menu +show_system_diagnostics_menu() { + show_banner + echo -e "${GREEN}${BOLD}🛠️ System Diagnostics${NC}" + echo "" + echo -e " ${GREEN}1)${NC} 🛡️ Historical Attack Analysis - Scan past logs (ET Open)" + echo "" + echo -e " ${RED}0)${NC} Back to Security Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +handle_system_diagnostics_menu() { + while true; do + show_system_diagnostics_menu + read -r choice + + case $choice in + 1) bash "$BASE_DIR/tools/analyze-historical-attacks.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +############################################################################# +# MAIN SECURITY MENU +############################################################################# + +show_security_menu() { + show_banner + echo -e "${GREEN}${BOLD}🛡️ Security & Monitoring${NC}" + echo "" + echo -e " ${CYAN}1)${NC} 📊 Threat Analysis → Analyze threats & reputation" + echo -e " ${MAGENTA}2)${NC} 🔴 Live Monitoring → Real-time attack detection" + echo -e " ${BLUE}3)${NC} 📋 Log Viewers → Tail system/security logs" + echo -e " ${YELLOW}4)${NC} 🔒 Security Actions → Hardening & protection" + echo -e " ${GREEN}5)${NC} 🛠️ System Diagnostics → Analyze past attacks" echo "" echo -e " ${RED}0)${NC} Back to Main Menu" echo "" @@ -158,23 +294,11 @@ handle_security_menu() { read -r choice case $choice in - 1) run_module "security" "bot-analyzer.sh" ;; - 2) run_module "security" "bot-analyzer.sh" -H 1 ;; - 3) run_module "security" "ip-reputation-manager.sh" ;; - 4) run_module "security" "malware-scanner.sh" ;; - 5) run_module "security" "live-attack-monitor.sh" ;; - 6) run_module "security" "ssh-attack-monitor.sh" ;; - 7) run_module "security" "web-traffic-monitor.sh" ;; - 8) run_module "security" "firewall-activity-monitor.sh" ;; - 9) run_module "security" "tail-apache-access.sh" ;; - 10) run_module "security" "tail-apache-error.sh" ;; - 11) run_module "security" "tail-mail-log.sh" ;; - 12) run_module "security" "tail-secure-log.sh" ;; - 13) run_module "security" "enable-cphulk.sh" ;; - 14) run_module "security" "optimize-ct-limit.sh" ;; - 15) bash "$BASE_DIR/tools/analyze-historical-attacks.sh" ;; - 16) run_module "security" "bot-blocker.sh" ;; - 17) run_module "security" "suspicious-login-monitor.sh" ;; + 1) handle_threat_analysis_menu ;; + 2) handle_live_monitoring_menu ;; + 3) handle_log_viewers_menu ;; + 4) handle_security_actions_menu ;; + 5) handle_system_diagnostics_menu ;; 0) return ;; *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; esac