Skip to content

pgmkcode/gossip-hive

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
T-Pot to IntelOwl
T-Pot to IntelOwl
 
 
T-Pot to MISP
T-Pot to MISP
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

gossip-hive

T-Pot as a source of Cyber Threat Intelligence

Requirements for MISP

  • MISP
  • Exposed ElasticSearch port from T-Pot
  • Debian 12 (tested)
  • Install Python dot-env and activate
  • Install requirements.txt
  • Assign environment variables (check .env file)

#How does Gossip Hive work for MISP? Gossip Hive collects attacks received by T-Pot at a set frequency. The ports where the attacks are received and the IP addresses to be excluded are established (it's recommended to exclude T-Pot's own address). When attacks are reported to MISP, an event is created with the corresponding taxonomies and galaxies, and certain objects of the received attacks are tagged.

Requirements for IntelOwl Analyzer

  • IntelOwl
  • Exposed ElasticSearch port from T-Pot

#How does Gossip Hive work for IntelOwl? Simply look for the last attack received for a given IP address.

About

T-Pot as a source of Cyber ​​Threat Intelligence

Topics

misp t-pot

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 2

Parameters added Latest
Aug 31, 2025
+ 1 release

Packages

No packages published

Languages