---
title: "[bojemoi] borodino/bm12: add OSINT enrichment after host fingerprinting"
date: 2026-02-25T18:42:57+01:00
draft: false
tags: ["commit", "bojemoi", "main"]
categories: ["Git Activity"]
summary: "Commit f0d9fc1 par Betty dans bojemoi"
author: "Betty"
---

## Commit `f0d9fc1`

| | |
|---|---|
| **Repository** | bojemoi |
| **Branch** | `main` |
| **Author** | Betty |
| **Hash** | `f0d9fc1897d7ae9732249c3a353ae671e392c09d` |


### Description

- Add osint_lookup.py: synchronous OSINT module (ip-api, AlienVault OTX,
  ThreatCrowd + optional AbuseIPDB/VirusTotal/Shodan via env vars)
- Integrate into thearm_bm12: OSINT runs after nmap scan, results merged
  into hosts.scan_details JSON and hosts.info flagged for malicious IPs
- Dockerfile: copy osint_lookup.py to /usr/bin/
- Stack: expose ABUSEIPDB_API_KEY, VIRUSTOTAL_API_KEY, SHODAN_API_KEY env vars

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

### Files Changed

```
M	borodino/Dockerfile.borodino
A	borodino/osint_lookup.py
M	borodino/thearm_bm12
M	stack/40-service-borodino.yml
```

### Diff Summary

```
 borodino/Dockerfile.borodino  |   1 +
 borodino/osint_lookup.py      | 213 ++++++++++++++++++++++++++++++++++++++++++
 borodino/thearm_bm12          |  83 +++++++++++-----
 stack/40-service-borodino.yml |   3 +
 4 files changed, 279 insertions(+), 21 deletions(-)
```