Categories: Kali Linux

Watcher : Open Source Cybersecurity Threat Hunting Platform

Watcher is a Django & React JS automated platform for discovering new potentially cybersecurity threats targeting your organization.

It should be used on webservers and available on Docker.

Watcher Capabilities

Detect emerging vulnerability, malware using social network & other RSS sources (www.cert.ssi.gouv.fr, www.cert.europa.eu, www.us-cert.gov, www.cyber.gov.au…).
Detect Keywords in pastebin & in other IT content exchange websites (stackoverflow, github, gitlab, bitbucket, apkmirror, npm…).
Monitor malicious domain names (IPs, mail/MX records, web pages using TLSH).
Detect suspicious domain names targeting your organisation, using dnstwist.

Useful as a bundle regrouping threat hunting/intelligence automated features.

Additional Features

Create cases on TheHive and events on MISP.
Integrated IOCs export to TheHive and MISP.
LDAP & Local Authentication.
Email notifications.
Ticketing system feeding.
Admin interface.
Advance users permissions & groups.

Involved Dependencies

Screenshots

Watcher provides a powerful user interface for data visualization and analysis. This interface can also be used to manage Watcher usage and to monitor its status.

Threats detection

Keywords detection

Malicious domain names monitoring

IOCs export to TheHive & MISP

Potentially malicious domain names detection

Django provides a ready-to-use user interface for administrative activities. We all know how an admin interface is important for a web project: Users management, user group management, Watcher configuration, usage logs…

Admin interface

Installation

Create a new Watcher instance in ten minutes using Docker (see Installation Guide).

Platform Architecture

Get Involved

There are many ways to getting involved with Watcher:

Report bugs by opening Issues on GitHub.
Request new features or suggest ideas (via Issues).
Make pull-requests.
Discuss bugs, features, ideas or issues.
Share Watcher to your community (Twitter, Facebook…).

Related

CVE Half-Day Watcher

November 17, 2023

In "Cyber security"

C2IntelFeeds: Real-Time C2 Infrastructure Tracking for Threat Intelligence

March 14, 2025

In "Cyber security"

MITRE ATT&CK Evaluations And Must-Have Intelligence For Security Leaders

November 25, 2024

In "Cyber security"

R K

Next Parrot 4.10 Released To Make Distribution More Reliable & Secure. Download Now !! »

Previous « Sploit : Go Package That Aids In Binary Analysis And Exploitation

Share

Published by

R K

Tags: cybersecurityOpen SourceThreat HuntingWatcher

6 years ago

Recent Posts

Tutorials

Best OSINT Tools for Journalists 2026: Verify Sources, Images and Claims

Journalists use OSINT to verify public information before publishing. In 2026, misinformation, AI-generated images, fake…

3 hours ago

How To

Install Docker on Ubuntu 20.04: Complete Step-by-Step Guide

Docker is an open-source platform that lets you package and run applications inside containers. Each container…

14 hours ago

How To

Install PostgreSQL on Ubuntu: Database Setup and Admin Guide

PostgreSQL (often called Postgres) is an open-source relational database system. It supports advanced features like JSON…

15 hours ago

How To

Install Xrdp Remote Desktop on Ubuntu: Setup and Connect

Xrdp is an open-source server that lets you connect to your Ubuntu machine from another computer…

15 hours ago

How To

Tomcat 9 on Ubuntu 20.04: Install, Configure, and Start

Apache Tomcat is an open-source web server and Java servlet container. It is one of the…

15 hours ago

How To

Automatic Updates on Ubuntu: Set Up unattended-upgrades

Keeping your Ubuntu system updated is one of the best ways to protect it. Security…

16 hours ago

L