post: commit f0d9fc1 in bojemoi

content/posts/commits/2026-02-25-commit-f0d9fc1.md

@@ -0,0 +1,49 @@
+---
+title: "[bojemoi] borodino/bm12: add OSINT enrichment after host fingerprinting"
+date: 2026-02-25T18:42:57+01:00
+draft: false
+tags: ["commit", "bojemoi", "main"]
+categories: ["Git Activity"]
+summary: "Commit f0d9fc1 par Betty dans bojemoi"
+author: "Betty"
+---
+
+## Commit `f0d9fc1`
+
+| | |
+|---|---|
+| **Repository** | bojemoi |
+| **Branch** | `main` |
+| **Author** | Betty |
+| **Hash** | `f0d9fc1897d7ae9732249c3a353ae671e392c09d` |
+
+
+### Description
+
+- Add osint_lookup.py: synchronous OSINT module (ip-api, AlienVault OTX,
+  ThreatCrowd + optional AbuseIPDB/VirusTotal/Shodan via env vars)
+- Integrate into thearm_bm12: OSINT runs after nmap scan, results merged
+  into hosts.scan_details JSON and hosts.info flagged for malicious IPs
+- Dockerfile: copy osint_lookup.py to /usr/bin/
+- Stack: expose ABUSEIPDB_API_KEY, VIRUSTOTAL_API_KEY, SHODAN_API_KEY env vars
+
+Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
+
+### Files Changed
+
+```
+M	borodino/Dockerfile.borodino
+A	borodino/osint_lookup.py
+M	borodino/thearm_bm12
+M	stack/40-service-borodino.yml
+```
+
+### Diff Summary
+
+```
+ borodino/Dockerfile.borodino  |   1 +
+ borodino/osint_lookup.py      | 213 ++++++++++++++++++++++++++++++++++++++++++
+ borodino/thearm_bm12          |  83 +++++++++++-----
+ stack/40-service-borodino.yml |   3 +
+ 4 files changed, 279 insertions(+), 21 deletions(-)
+```