Skip to content
Spotlightmuseum of hackathon work
← Back to the catalogueWing: HTV

Exhibit entry

HostReveal

HostReveal is a next-gen SaaS cybersecurity platform built to unmask hidden hosting infrastructure behind CDNs like Cloudflare, Incapsula, and Akamai, empowering security teams to...

  • SaaS
  • AI / Machine Learning Models:
  • RandomForest: Used for classifying risky hosts.
  • DBSCAN: Used for clustering infrastructure based on features.
  • Prophet: Time-series forecasting of traffic patterns.
  • Deep Learning (TensorFlow): Anomaly detection in network behavior.
  • Python Libraries:
  • scikit-learn: ML algorithms and utilities.
  • TensorFlow: Deep learning-based models.
  • Prophet: Time-series analysis.
  • pandas
  • numpy
  • matplotlib
  • networkx: Data handling
  • math
  • and graph analysis.
  • plotly
  • folium: Visualization and geolocation mapping.
  • Networking & DNS:
  • dnspython
  • python-whois: DNS and WHOIS record resolution.
  • scapy
  • socket: Network communication and packet-level manipulation.
  • python-nmap
  • masscan
  • zmap: Network scanning tools.
  • SSL & Certificate Inspection:
  • pyOpenSSL
  • ssl
  • http.client: For parsing and verifying SSL certificates.
  • crt.sh: Used for certificate transparency logs.
  • Packet Capture & Analysis:
  • pyshark: PCAP parsing using TShark.
  • Zeek: Network traffic analysis.
  • Suricata: Intrusion detection and traffic parsing.
  • tcpflow: Captures TCP flows for reconstruction.
  • Threat Intelligence APIs:
  • Shodan API: Device fingerprinting and IP scanning.
  • AlienVault OTX SDK: Threat intelligence feed.
  • MISP (Malware Information Sharing Platform): Threat correlation.
  • Censys API: Internet-facing device metadata.
  • Frontend / Dashboard:
  • Streamlit: Interactive web dashboard with multi-page support and dark mode.
  • folium: Risk graphs
  • map visualizations
  • and ML output plots.
  • Reporting:
  • Output formats: JSON and CSV reports.
  • Planned: PDF and HTML reporting features.

0085

Accession mark

Status on file: Submitted (Gallery/Visible)

Curator’s notes

HostReveal is a next-gen SaaS cybersecurity platform built to unmask hidden hosting infrastructure behind CDNs like Cloudflare, Incapsula, and Akamai, empowering security teams to trace the real servers behind malicious domains. Designed for SOC analysts, law enforcement, and threat researchers, HostReveal combines machine learning, network forensics, and threat intelligence APIs into a unified, user-friendly investigation environment. What HostReveal Offers Hosting Attribution Made Simple Identify real server IPs hidden behind proxy/CDN layers Perform deep SSL certificate analysis and DNS traversal Map server infrastructure using traceroute, BGP, and passive DNS ML-Powered Threat Intelligence Cluster malicious infrastructures using DBSCAN Classify risky hosts with RandomForest Detect anomalies via deep learning and time-series modeling (Prophet) Deep Packet Forensics Auto-parse PCAP files using Zeek, Suricata, TCPFlow Analyze protocol behaviors, flags, and communication patterns Fingerprint encrypted and obfuscated traffic Integrated Threat Intelligence API-based correlation with Shodan, AlienVault OTX, MISP, Censys Real-time risk scoring for IPs and domains Blacklist enrichment and malicious infra detection Streamlit-Based SaaS Dashboard No install required — cloud-hosted, login-based access Visual risk graphs, geolocation maps, ML insights One-click export of findings (CSV, JSON, and PDF/HTML – coming soon) What Makes HostReveal Unique as a SaaS All-in-one Investigation Platform: Combines network scanning, packet capture, SSL analysis, and ML modeling in one UI. Plug-and-Play Experience: No setup or toolchain installation—ready-to-use from browser. Human + Machine Intelligence: ML doesn't replace analysts; it amplifies them by highlighting anomalies and correlations. Forensics-Ready Reports: Automatically generates structured reports for regulatory and legal workflows. API-First Model: Ideal for integration into existing SIEM, XDR, or internal tools. Ideal For: Cybersecurity teams at enterprises, MSSPs, and SOCs Government and law enforcement involved in cybercrime investigations OSINT researchers and pentesters who need to correlate domains, IPs, and infrastructure Impact HostReveal empowers teams to see through the smokescreens used by threat actors, bringing transparency to masked infrastructure, improving response times, and bridging the gap between data and decisions in cybersecurity operations.