From c6b9a8e408f3f7da0d57ac4fdf4f43bb66032197 Mon Sep 17 00:00:00 2001 From: Betty Date: Wed, 25 Feb 2026 18:42:57 +0100 Subject: [PATCH] post: commit f0d9fc1 in bojemoi --- .../commits/2026-02-25-commit-f0d9fc1.md | 49 +++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 content/posts/commits/2026-02-25-commit-f0d9fc1.md diff --git a/content/posts/commits/2026-02-25-commit-f0d9fc1.md b/content/posts/commits/2026-02-25-commit-f0d9fc1.md new file mode 100644 index 0000000..3c8127b --- /dev/null +++ b/content/posts/commits/2026-02-25-commit-f0d9fc1.md @@ -0,0 +1,49 @@ +--- +title: "[bojemoi] borodino/bm12: add OSINT enrichment after host fingerprinting" +date: 2026-02-25T18:42:57+01:00 +draft: false +tags: ["commit", "bojemoi", "main"] +categories: ["Git Activity"] +summary: "Commit f0d9fc1 par Betty dans bojemoi" +author: "Betty" +--- + +## Commit `f0d9fc1` + +| | | +|---|---| +| **Repository** | bojemoi | +| **Branch** | `main` | +| **Author** | Betty | +| **Hash** | `f0d9fc1897d7ae9732249c3a353ae671e392c09d` | + + +### Description + +- Add osint_lookup.py: synchronous OSINT module (ip-api, AlienVault OTX, + ThreatCrowd + optional AbuseIPDB/VirusTotal/Shodan via env vars) +- Integrate into thearm_bm12: OSINT runs after nmap scan, results merged + into hosts.scan_details JSON and hosts.info flagged for malicious IPs +- Dockerfile: copy osint_lookup.py to /usr/bin/ +- Stack: expose ABUSEIPDB_API_KEY, VIRUSTOTAL_API_KEY, SHODAN_API_KEY env vars + +Co-Authored-By: Claude Sonnet 4.6 + +### Files Changed + +``` +M borodino/Dockerfile.borodino +A borodino/osint_lookup.py +M borodino/thearm_bm12 +M stack/40-service-borodino.yml +``` + +### Diff Summary + +``` + borodino/Dockerfile.borodino | 1 + + borodino/osint_lookup.py | 213 ++++++++++++++++++++++++++++++++++++++++++ + borodino/thearm_bm12 | 83 +++++++++++----- + stack/40-service-borodino.yml | 3 + + 4 files changed, 279 insertions(+), 21 deletions(-) +```