Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Watcher is a Django & React JS automated platform for discovering new potentially cybersecurity threats targeting your organisation.
It should be used on webservers and available on Docker.
Useful as a bundle regrouping threat hunting/intelligence automated features.
Watcher provides a powerful user interface for data visualization and analysis. This interface can also be used to manage Watcher usage and to monitor its status.
Threats detection
Data leaks
Malicious domain names monitoring
IOCs export to TheHive & MISP
Suspicious domain names detection
Django provides a ready-to-use user interface for administrative activities. We all know how an admin interface is important for a web project: Users management, user group management, Watcher configuration, usage logs...
Admin interface
Create a new Watcher instance in ten minutes using Docker (see Installation Guide).
There are many ways to getting involved with Watcher:
In order to use Watcher pastebin API feature, you need to subscribe to a pastebin pro account and whitelist Watcher public IP (see https://pastebin.com/doc_scraping_api).