Categories: Kali Linux

Watcher : Open Source Cybersecurity Threat Hunting Platform

Watcher is a Django & React JS automated platform for discovering new potentially cybersecurity threats targeting your organization.

It should be used on webservers and available on Docker.

Watcher Capabilities

  • Detect emerging vulnerability, malware using social network & other RSS sources (www.cert.ssi.gouv.fr, www.cert.europa.eu, www.us-cert.gov, www.cyber.gov.au…).
  • Detect Keywords in pastebin & in other IT content exchange websites (stackoverflow, github, gitlab, bitbucket, apkmirror, npm…).
  • Monitor malicious domain names (IPs, mail/MX records, web pages using TLSH).
  • Detect suspicious domain names targeting your organisation, using dnstwist.

Useful as a bundle regrouping threat hunting/intelligence automated features.

Additional Features

  • Create cases on TheHive and events on MISP.
  • Integrated IOCs export to TheHive and MISP.
  • LDAP & Local Authentication.
  • Email notifications.
  • Ticketing system feeding.
  • Admin interface.
  • Advance users permissions & groups.

Involved Dependencies

Screenshots

Watcher provides a powerful user interface for data visualization and analysis. This interface can also be used to manage Watcher usage and to monitor its status.

Threats detection

Keywords detection

Malicious domain names monitoring

IOCs export to TheHive & MISP

Potentially malicious domain names detection

Django provides a ready-to-use user interface for administrative activities. We all know how an admin interface is important for a web project: Users management, user group management, Watcher configuration, usage logs…

Admin interface

Installation

Create a new Watcher instance in ten minutes using Docker (see Installation Guide).

Platform Architecture

Get Involved

There are many ways to getting involved with Watcher:

  • Report bugs by opening Issues on GitHub.
  • Request new features or suggest ideas (via Issues).
  • Make pull-requests.
  • Discuss bugs, features, ideas or issues.
  • Share Watcher to your community (Twitter, Facebook…).
Download
R K

Share
Published by
R K
Tags: cybersecurityOpen SourceThreat HuntingWatcher
4 years ago

Recent Posts

Useful Bug Bounty And Security Related Write-ups : A Comprehensive Guide For Enthusiasts

This repo contains all variants of information security & Bug bounty & Penetration Testing write-up…

7 hours ago

Admin-Panel-Dorks : Mastering Google Dorks To Uncover Hidden Admin Panels

site:*/sign-in site:*/account/login site:*/forum/ucp.php?mode=login inurl:memberlist.php?mode=viewprofile intitle:"EdgeOS" intext:"Please login" inurl:user_login.php intitle:"Web Management Login" site:*/users/login_form site:*/access/unauthenticated site:account.*.*/login site:admin.*.com/signin/…

7 hours ago

Conduwuit : Pioneering A New Era In Matrix Homeservers

Matrix is an open network for secure and decentralized communication. Users from every Matrix homeserver…

7 hours ago

LSMS – Linux Security And Monitoring Scripts

Linux Security And Monitoring Scripts are a collection of security and monitoring scripts you can…

7 hours ago

Fiber – Using Fibers To Run In-Memory Code

A fiber is a unit of execution that must be manually scheduled by the application…

7 hours ago

XSS-Exploitation-Tool : A Penetration Testing Tool

XSS Exploitation Tool is a penetration testing tool that focuses on the exploit of Cross-Site…

7 hours ago