Ethical Hacking News Hubb
Advertisement Banner
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home News

Shodan Monitoring Integration For TheHive

admin by admin
November 8, 2022
in News




ShoMon is a Shodan alert feeder for TheHive written in GoLang. With version 2.0, it is more powerful than ever!

  • Can be used as Webhook OR Stream listener

    • Webhook listener opens a restful API endpoint for Shodan to send alerts. This means you need to make this endpoint available to public net
    • Stream listener connects to Shodan and fetches/parses the alert stream
  • Utilizes shadowscatcher/shodan (fantastic work) for Shodan interaction.

  • Console logs are in JSON format and can be ingested by any other further log management tools

  • CI/CD via Github Actions ensures that a proper Release with changelogs, artifacts, images on ghcr and dockerhub will be provided

  • Provides a working docker-compose file file for TheHive, dependencies

  • Super fast and Super mini in size

  • Complete code refactoring in v2.0 resulted in more modular, maintainable code

  • Via conf file or environment variables alert specifics including tags, type, alert-template can be dynamically adjusted. See config file.

  • Full banner can be included in Alert with direct link to Shodan Finding.

  • IP is added to observables

  • Parameters should be provided via conf.yaml or environment variables. Please see config file and docker-compose file

  • After conf or environment variables are set simply issue command:

    ./shomon

Notes

  • Alert reference is first 6 chars of md5(“ip:port”)
  • Only 1 mod can be active at a time. Webhook and Stream listener can not be activated together.

Get latest compiled binary from releases

  1. Check Releases section.

Compile from source code

  1. Make sure that you have a working Golang workspace.
  2. go build .
    • go build -ldflags="-s -w" . could be used to customize compilation and produce smaller binary.

Using Public Container Registries

  1. Thanks to new CI/CD integration, latest versions of built images are pushed to ghcr, DockerHub and can be utilized via:
    • docker pull ghcr.io/kaansk/shomon
    • docker pull kaansk/shomon
  1. Edit config file or provide environment variables to commands bellow
  2. docker build -t shomon .
  3. docker run -it shomon
  1. Edit environment variables and configurations in docker-compose file
  2. docker-compose run -d





Source link

Tags: cybersecurityethical hackinghack androidhack apphack wordpresshacker newshackinghacking tools for windowskeyloggerkitkitploitpassword brute forcepenetration testingpentestpentest androidpentest linuxpentest toolkitpentest toolsspy tool kitspywaretools
Previous Post

How to stream The Crown season 5 online from anywhere

Next Post

APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network

Next Post

APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network

Recommended

The Simple Way To Detect Heap Memory Pitfalls In C++ And C

2 months ago

Simple Hyper Service Transfer Protocol On Networks

6 months ago

© Ethical Hacking News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Ethical Hackers
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact

© 2022 Ethical Hacking News Hubb All rights reserved.