tim
tim
The frontend tries to load a file called `logo192.png` but it does not exist. Probably because of this line: https://github.com/intelowlproject/GreedyBear/blob/5ad7792b5be84cd746eee61f54355b3e4a769890/frontend/public/index.html#L12
# Description This PR introduces a complete rework of the extraction process. The idea is to improve testability, extensibility and maintainability by following some best practices: - repository pattern: repositories...
The process of extracting data from T-Pot and writing into our database is one of the most important parts of GreedyBear. However it has some problems: - it is not...
At the moment we allow to query IP addresses and command sequence hashes. It might be interesting to also allow querying for passwords. This might require changing how passwords are...
The `ExtractSensors` job only searches for Suricata events. If Suricata is not enabled, the job won't find any sensors. I would like to integrate the sensor extraction into the regular...
Currently we only support a fixed set of honeypots that are defined in a migration file. I suggest a different approach: Let's extract data from all honeypot types and define...
We track the ASN of each IoC. This allows us to group IoCs by ASN and aggregate statistics for that ASN, which may be useful information for some people.
In #407 the extraction process for cowrie and general honeypots was changed to be able to fill the new IOC model fields. This was not done for log4pot yet.
Currently we only take into account the login attempts that were captured by Heralding and Cowrie: https://github.com/intelowlproject/GreedyBear/blob/8f267f08ae714df8274c61285c77b1307fb1278b/greedybear/cronjobs/attacks.py#L86 https://github.com/intelowlproject/GreedyBear/blob/8f267f08ae714df8274c61285c77b1307fb1278b/greedybear/cronjobs/cowrie.py#L117 However, other honeypots also have records of login attempts that we should...
After #460 is finished, we should also consider to display some or all the scores in the fronted.