Shomon – Shodan Monitoring Integration For TheHive
ShoMon is a Shodan alert feeder for TheHive written in GoLang. With version 2.0, it is more powerful than ever!
IP is added to observables
Usage
-
Parameters should be provided via
conf.yamlor environment variables. Please see config file and docker-compose file -
After conf or environment variables are set simply issue command:
./shomon
Notes
- Alert reference is first 6 chars of md5(“ip:port”)
- Only 1 mod can be active at a time. Webhook and Stream listener can not be activated together.
Setup & Compile Instructions
Get latest compiled binary from releases
- Check Releases section.
Compile from source code
- Make sure that you have a working Golang workspace.
go build .go build -ldflags="-s -w" .could be used to customize compilation and produce smaller binary.
Using Public Container Registries
- Thanks to new CI/CD integration, latest versions of built images are pushed to ghcr, DockerHub and can be utilized via:
docker pull ghcr.io/kaansk/shomondocker pull kaansk/shomon
Using Dockerfile
- Edit config file or provide environment variables to commands bellow
docker build -t shomon .docker run -it shomon
Using docker-compose file
- Edit environment variables and configurations in docker-compose file
docker-compose run -d
Credits
- Logo Made via LogoMakr.com
- shadowscatcher/shodan
- Dockerfile Reference
- Release management with GoReleaser
Download Shomon
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
