Wednesday, October 27, 2021

mihari: A framework for continuous OSINT based threat hunting

mihari

Mihari is a framework for continuous OSINT based threat hunting.

How it works

Mihari makes a query against Shodan, Censys, VirusTotal, SecurityTrails, etc. and extracts artifacts (IP addresses, domains, URLs or hashes).

Mihari checks whether the database (SQLite3, PostgreSQL or MySQL) contains the artifacts or not. If it doesn’t contain the artifacts: Mihari saves artifacts in the database. Mihari creates an alert on TheHive. Mihari sends a notification to Slack. Mihari creates an eve…

Read More

Latest news
Related news