Lobo Guará is a platform geared toward cybersecurity professionals, with varied options centered on Cyber Risk Intelligence (CTI). It gives instruments that make it simpler to determine threats, monitor knowledge leaks, analyze suspicious domains and URLs, and way more.
Options
1. SSL Certificates Search
Permits figuring out domains and subdomains that will pose a menace to organizations. SSL certificates issued by trusted authorities are listed in real-time, and customers can search utilizing key phrases of 4 or extra characters.
Notice: The present database comprises certificates issued from September 5, 2024.
2. SSL Certificates Discovery
Permits the insertion of key phrases for monitoring. When a certificates is issued and the frequent title comprises the key phrase (minimal of 5 characters), it is going to be exhibited to the consumer.
3. Monitoring Hyperlink
Generates a hyperlink to seize machine data from attackers. Helpful when the safety skilled can contact the attacker indirectly.
4. Area Scan
Performs a scan on a site, displaying whois data and subdomains related to that area.
5. Net Path Scan
Permits performing a scan on a URL to determine URIs (net paths) associated to that URL.
6. URL Scan
Performs a scan on a URL, producing a screenshot and a mirror of the web page. The outcome may be made public to help in taking down malicious web sites.
7. URL Monitoring
Displays a URL with no lively utility till it returns an HTTP 200 code. At that second, it routinely initiates a URL scan, offering proof for actions towards malicious websites.
8. Information Leak
- Information Leak Alerts: Displays and presents virtually real-time knowledge leaks posted in hacker boards and web sites.
- URL+Person+Password: Permits looking by URL, username, or password, serving to determine leaked knowledge from shoppers or workers.
9. Risk Intelligence Feeds
Centralizes intelligence information from varied channels, preserving customers up to date on the newest threats.
Set up
The appliance set up has been accepted on Ubuntu 24.04 Server and Pink Hat 9.4 distributions, the hyperlinks for that are beneath:
Lobo Guará Implementation on Ubuntu 24.04
Lobo Guará Implementation on Pink Hat 9.4
There’s a Dockerfile and a docker-compose model of Lobo Guará too. Simply clone the repo and do:
docker compose up
Then, go to your net browser at localhost:7405.
Dependencies
Earlier than continuing with the set up, guarantee the next dependencies are put in:
- PostgreSQL
- Python 3.12
- ChromeDriver and Google Chrome (model 129.0.6668.89)
- FFUF (model 2.0.0)
- Subfinder (model 2.6.6)
Set up Directions
- Clone the repository:
git clone https://github.com/olivsec/loboguara.git
- Enter the undertaking listing:
cd loboguara/
- Edit the configuration file:
nano server/app/config.py
Fill within the required parameters within the config.py file:
class Config:
SECRET_KEY = 'YOUR_SECRET_KEY_HERE'
SQLALCHEMY_DATABASE_URI = 'postgresql://guarauser:YOUR_PASSWORD_HERE@localhost/guaradb?sslmode=disable'
SQLALCHEMY_TRACK_MODIFICATIONS = FalseMAIL_SERVER = 'smtp.instance.com'
MAIL_PORT = 587
MAIL_USE_TLS = True
MAIL_USERNAME = '[email protected]'
MAIL_PASSWORD = 'YOUR_SMTP_PASSWORD_HERE'
MAIL_DEFAULT_SENDER = '[email protected]'
ALLOWED_DOMAINS = ['yourdomain1.my.id', 'yourdomain2.com', 'yourdomain3.net']
API_ACCESS_TOKEN = 'YOUR_LOBOGUARA_API_TOKEN_HERE'
API_URL = 'https://loboguara.olivsec.com.br/api'
CHROME_DRIVER_PATH = '/choose/loboguara/bin/chromedriver'
GOOGLE_CHROME_PATH = '/choose/loboguara/bin/google-chrome'
FFUF_PATH = '/choose/loboguara/bin/ffuf'
SUBFINDER_PATH = '/choose/loboguara/bin/subfinder'
LOG_LEVEL = 'ERROR'
LOG_FILE = '/choose/loboguara/logs/loboguara.log'
- Make the set up script executable and run it:
sudo chmod +x ./set up.sh
sudo ./set up.sh
- Begin the service after set up:
sudo -u loboguara /choose/loboguara/begin.sh
Entry the URL beneath to register the Lobo Guará Tremendous Admin
http://your_address:7405/admin
On-line Platform
Entry the Lobo Guará platform on-line: https://loboguara.olivsec.com.br/
