Introduction

Sentra is a Memory Forensics - Digital Forensics and Incident Response (DIFR) platform that allows users to securely scan their memory dump (offline dump) and get the analysis report checking for anomalous behavior.

Architecture

1. Client Layer (Frontend)

• Interface: HTML/CSS/JavaScript .
• Role: Handles user authentication, file selection, analysis mode selection (Quick/Standard/Deep), and displays real-time analysis status.
• Security: JWT/Session token storage in localStorage.

2. Backend Layer (Orchestration)

• Core: Python Flask API (app.py).
• Responsibilities:
  • Validates input (file types, sizes).
  • Manages user sessions (Google OAuth / Standard Auth).
  • Orchestrates the analysis by spawning sandboxed subprocesses.
• Security: Acts as the gatekeeper; direct access to the analysis engine or database is blocked.

3. Data Layer (Storage)

• PostgreSQL: Stores structured relational data (Users, Scan History, Threat Scores).
• File Storage: A local secure directory (/uploads) where raw memory dumps are temporarily stored for analysis.

4. Analysis Engine (The Core)

• Engine: Volatility 3 Framework (CLI-based).