Fushin

Gem Version Build Status Coverage Status Codacy Badge

A malicious blog posts monitoring tool.

Features & ToDo

  • [x] Subscribe a malicious blog posts feed (by @catnap707)
  • [x] Extract IoCs(BTC, URL) from a blog post
  • [x] Post extracted IoCs to Slack (or STDOUT) with enrichment
  • [x] Attachment handling
    • Scan a URL on Hybrid Analysis

Supported blog types

  • jugem.jp
  • kikey.net
  • sblo.jp
  • seesaa.net
  • shinobi.jp
  • teacup.com

Install

gem install fushin

Configuration

Please set the following environment variables:

  • SLACK_WEBHOOK_URL: Slack Webhook URL
  • SLACK_CHANNEL: Slack channel name
  • HA_API_KEY: Hybrid Analysis API key

Usage

fushin