Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/nullarray/mimir

OSINT Threat Intel Interface - CLI for HoneyDB
https://github.com/nullarray/mimir

cli honeydb honeypot information-retrieval intel interface ioc nmap osint scan-tool threatintel

Last synced: 29 days ago
JSON representation

OSINT Threat Intel Interface - CLI for HoneyDB

Host: GitHub
URL: https://github.com/nullarray/mimir
Owner: NullArray
License: gpl-3.0
Created: 2017-05-02T14:37:03.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2019-02-12T14:33:05.000Z (over 5 years ago)
Last Synced: 2023-10-20T22:08:21.747Z (about 1 year ago)
Topics: cli, honeydb, honeypot, information-retrieval, intel, interface, ioc, nmap, osint, scan-tool, threatintel
Language: Python
Homepage:
Size: 34.2 KB
Stars: 109
Watchers: 16
Forks: 58
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Mimir
OSINT Threat Intel Interface - Named after the old Norse God of knowledge.

Mimir functions as a CLI to [HoneyDB](https://riskdiscovery.com/honeydb/about) which in short is an OSINT aggregative threat intel pool. Starting the program brings you to a menu the options for which are as follows.

```
1. Fetch Threat Feed 5. Visualize Top Malicious Hosts in Browser
2. Fetch Bad Host List 6. Visualize Top Targeted Services in Browser
3. Perform WHOIS Lookup 7. Visualize Results for Single Host in Browser
4. Invoke Nmap Scan 8. Quit
```
The purpose of this tool is to make intelligence gathering easier by including functionality to save the Threat Feed and Bad Host lists, and invoke either an in-script WHOIS lookup or Nmap scan to learn more about the target hosts. Logs are saved in the current working directory for future reference and further processing.

HoneyDB provides a data visualization service, this can be accessed via Mimir by selecting their respective options. Selenium will
then employ the Geckodriver to open the pages.

## Dependencies

```
pycurl
selenium
blessings
ipwhois
```

[Nmap](https://nmap.org/) and the Mozilla [Geckodriver](https://github.com/mozilla/geckodriver/releases)

To install the Python2.7 modules Mimir depends on please feel free to use the requirements file i have made for this project like so.

`pip install -r requirements.txt`

## Update

Some versions of PyCurl work better with some versions of SSL than others. This is important because HoneyDB makes use of OpenSSL and having a version that does not support it makes Mimir incompatible with HoneyDB. To that end I have added some logic that lets Mimir detect your version of PyCurl and automatically rebuild it from source to a version that does support OpenSSL. It does so by invoking the `rebuild.sh` shell script that is included in this repo.