{"id":29411617,"url":"https://github.com/vvv-keys/404-discobot","last_synced_at":"2025-07-11T08:13:59.976Z","repository":{"id":300420810,"uuid":"1006128578","full_name":"vVv-Keys/404-DiscoBOT","owner":"vVv-Keys","description":"AI-augmented, Discord-integrated, feed-fed, ML-driven, enterprise-grade cyber threat intelligence platform ","archived":false,"fork":false,"pushed_at":"2025-07-03T01:20:20.000Z","size":1726,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-07-11T06:51:10.467Z","etag":null,"topics":["cybersecurity","llm","machine-learning","machine-learning-algorithms","malware","siem","soar","threat-hunting","threat-intelligence"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vVv-Keys.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-06-21T14:59:39.000Z","updated_at":"2025-07-03T16:40:53.000Z","dependencies_parsed_at":"2025-07-04T04:56:30.726Z","dependency_job_id":"3e4225d8-6494-4945-99ce-ad2c3b86f259","html_url":"https://github.com/vVv-Keys/404-DiscoBOT","commit_stats":null,"previous_names":["vvv-keys/-ghostsec-advanced-threat-intelligence-platform","vvv-keys/ghostsec-advanced-threat-intelligence-platform","vvv-keys/ghostsec-cti-discord-bot","vvv-keys/ghostsec","vvv-keys/about-ghostsec","vvv-keys/404-discobot"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/vVv-Keys/404-DiscoBOT","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vVv-Keys%2F404-DiscoBOT","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vVv-Keys%2F404-DiscoBOT/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vVv-Keys%2F404-DiscoBOT/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vVv-Keys%2F404-DiscoBOT/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vVv-Keys","download_url":"https://codeload.github.com/vVv-Keys/404-DiscoBOT/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vVv-Keys%2F404-DiscoBOT/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264764036,"owners_count":23660321,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","llm","machine-learning","machine-learning-algorithms","malware","siem","soar","threat-hunting","threat-intelligence"],"created_at":"2025-07-11T08:13:57.984Z","updated_at":"2025-07-11T08:13:59.971Z","avatar_url":"https://github.com/vVv-Keys.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://github.com/vVv-Keys/GhostSEC-Advanced-Threat-Intelligence-Platform/blob/main/ghostbanner.png\" alt=\"GhostSEC Banner\" width=\"40%\" height=\"65%\" /\u003e\n\u003c/p\u003e\n\n# 👻 GhostSEC - Ultimate Cyber Threat Intelligence Bot\n\nEnterprise-grade Discord bot delivering real-time cyber threat intelligence with multi-source aggregation, automated analysis, and rich formatting. Monitor 10+ premium threat feeds with zero-duplicate alerts and intelligent categorization.\n\n![Status](https://img.shields.io/badge/status-active-brightgreen) ![Sources](https://img.shields.io/badge/sources-10+-blue) ![Discord](https://img.shields.io/badge/discord-ready-7289da)\n\n## Key Features\n\n### Intelligence Aggregation\n\n* **10+ Active Sources**: Government, research, commercial feeds\n* **Real-time Processing**: 15-minute update cycles\n* **Smart Categorization**: Malware, vulnerabilities, breaches, phishing, APT\n* **IOC Extraction**: Automatic detection of IPs, domains, hashes, URLs\n\n### Discord Integration\n\n* **Rich Embeds**: ML-enhanced threat cards with correlation data\n* **Channel Routing**: Category-specific threat channels\n* **Interactive Commands**: 15+ advanced management commands\n* **Real-time Alerts**: Instant notifications with priority scoring\n* **Web Dashboard**: Browser-based threat intelligence interface\n\n### Intelligence Processing\n\n* **Machine Learning**: AI-powered threat prioritization and scoring\n* **Advanced Correlation**: Real-time threat relationship mapping\n* **Duplicate Filtering**: Hash-based prevention of redundant alerts\n* **MISP Integration**: Automated threat intelligence sharing\n* **Performance Optimized**: Concurrent processing and caching\n\n### Sources Include\n\n* **Government**: US-CERT, NIST NVD\n* **Research**: SANS ISC, Cisco Talos, FireEye\n* **Commercial**: AlienVault OTX, VirusTotal, Shodan, IBM X-Force\n* **Security News**: Krebs on Security, industry blogs\n\n## Quick Start\n\n### 1. Discord Bot Setup\n\n1. Visit [https://discord.com/developers/applications](https://discord.com/developers/applications)\n2. Create new application and bot\n3. Copy the bot token\n4. Enable \"Message Content Intent\" in Bot settings\n5. Invite bot to your server with permissions: Send Messages, Embed Links, Read Message History\n\n### 2. Environment Setup\n\n```bash\n# Required\nDISCORD_TOKEN=your_discord_bot_token\n\n# Optional API Keys (enables premium sources)\nALIENVAULT_API_KEY=your_otx_api_key\nVIRUSTOTAL_API_KEY=your_vt_api_key  \nSHODAN_API_KEY=your_shodan_key\nXFORCE_API_KEY=your_xforce_key\n\n# MISP Integration\nMISP_URL=https://your-misp-instance.com\nMISP_API_KEY=your_misp_api_key\n\n# Enterprise Webhooks\nSPLUNK_WEBHOOK=https://your-splunk.com/webhook\nSLACK_WEBHOOK_URL=https://hooks.slack.com/your/webhook\nTEAMS_WEBHOOK_URL=https://your-teams-webhook-url\n\n# Alert Notifications\nSMTP_SERVER=smtp.gmail.com\nSMTP_USERNAME=your_email@gmail.com\nSMTP_PASSWORD=your_app_password\nALERT_TO_EMAILS=security@company.com,soc@company.com\n```\n\n### 3. Run the Bot\n\n```bash\npython start_ghostsec.py\n```\n\n### 4. Discord Commands\n\n```\n!ghost help        - Show all commands\n!ghost status      - Bot statistics and uptime\n!ghost sources     - List threat intelligence sources\n!ghost update      - Manual feed update\n!ghost test high   - Send test alert\n!ghost dashboard   - Web dashboard access\n!ghost correlate   - Search threat correlations\n!ghost ml          - Machine learning status\n!ghost webhooks    - Enterprise webhook status\n!ghost export      - Export threat data\n```\n\n## Configuration\n\n```bash\n# Update frequency (minutes)\nGHOSTSEC_UPDATE_INTERVAL=15\n\n# Cache retention (days)\nGHOSTSEC_MAX_CACHE_AGE_DAYS=7\n\n# Debug mode\nGHOSTSEC_DEBUG=false\nLOG_LEVEL=INFO\n```\n\n## Enterprise Features\n\n### Web Dashboard\n\nAccess the interactive threat intelligence dashboard at `http://localhost:5000` while the bot is running:\n\n* Real-time threat visualization with charts and graphs\n* IOC correlation network mapping\n* Advanced search and filtering capabilities\n* Threat export in JSON/CSV formats\n* ML-powered insights and analytics\n\n### Machine Learning Engine\n\n* Automatic threat priority scoring using Random Forest algorithms\n* Anomaly detection with Isolation Forest\n* Text similarity analysis for threat correlation\n* Continuous model training with historical data\n* Feature extraction from threat metadata and content\n\n### MISP Integration\n\n* Automatic IOC enrichment from MISP databases\n* Event creation for high-priority threats\n* Correlation with existing MISP events\n* Support for multiple MISP instances\n\n### Enterprise Webhooks\n\n* Splunk HEC integration for SIEM ingestion\n* Elasticsearch indexing for log management\n* IBM QRadar and Microsoft Sentinel support\n* Custom webhook endpoints with authentication\n* Automatic retry logic and delivery tracking\n\n### Advanced Correlation\n\n* IOC-based threat relationship mapping\n* Temporal clustering analysis\n* Campaign detection algorithms\n* Attack pattern recognition\n* TTPs (Tactics, Techniques, Procedures) correlation\n\n### Custom Alert System\n\n* Multi-channel notifications (Email, SMS, Slack, Teams)\n* Severity-based alert routing\n* Customizable notification rules and filters\n* Escalation workflows for critical threats\n* Rich HTML email formatting\n\n\n## 💀 Credits\n\nBuilt by GhostSec Labs. For defenders, red teams, and cyber intel professionals.\n\nThis project is consistently being updated into a single unified application for full production/enterprise developments. \nFor testing, demonstrations, contributions or general inquiries feel free to join the Discord Community here: [404👻INTEL](https://discord.gg/ep4dE6Rq5G)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvvv-keys%2F404-discobot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvvv-keys%2F404-discobot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvvv-keys%2F404-discobot/lists"}