Discord is a platform that can be customized to provide cyber threat intelligence (CTI) professionals with personalized notifications and news updates. This guide will show you how to create a private Discord CTI "Dashboard" using various Discord bots. This server is designed for individual use and is not intended to be made public. It's a simple and effective way to stay informed and up-to-date on the latest developments in Offensive Security World
To create your Discord CTI Dashboard, start by setting up a private Discord server. If you're not familiar with how to set up a server, this guide can walk you through the process.
Once your server is set up, organize it into three main topics: Default Text Channels, Threat Intelligence Channels, and Tool Integration Channels.
The Default Text Channels section should include a few general channels, like a welcome channel, a reminder-bot channel, and an optional chat channel.
The Threat Intelligence Channels section is where you'll create channels for each of the threat intelligence feeds you want to monitor, such as Twitter, Github, YouTube, blogs, and CVE alerts. All alerts from the bots will be sent to these designated channels.
In the Tool Integration Channels section, create channels to receive alerts from various security tools, such as Cobalt Strike.
Here's an example of what your server structure might look like:
- Default Text Channels
- Welcome
- Reminder-bot
- ChatGPT (optional)
- Threat Intelligence Channels
- Twitter Feed
- Github Feed
- YouTube Feed
- Blogs Feeds
- CVE Alerts
- Tool Integration Channels
- Cobalt Strike Alerts
By organizing your server in this way, you can easily access your feeds and alerts, and customize each channel's permissions and roles.
To furnish these channels with alerts, an array of third-party bots can be leveraged. These bots have been specifically selected for their efficiency, adaptability, and dependability, and can be effortlessly integrated into your Discord server.
| BOT Name | Description | Limitation |
|---|---|---|
| TweetShift | Integrates Twitter account to Discord, filtering tweets to certain keywords, and enables tweeting to Twitter within Discord | .Limited to monitoring up to 40 Twitter accounts. |
| MonitoRSS | feed monitoring bot for any site that supports RSS we will use it to track Github accounts for specific activities such as repository commits and creations, and can be self-hosted if necessary. | Limited to monitoring up to 5 Github accounts. |
| readybot | Integrates Discord server with RSS feeds, YouTube, Reddit, and more, and allows filtering of articles to receive. | Limited to monitoring up to 20 websites. |
| YAGPDB | multipurpose bot that features fast Reddit and YouTube feeds, self-assignable roles, advanced automoderator, and custom commands. | No major limitations specified. |
| Reminder-Bot | A bot that sends messages at specified times to a designated channel. | No major limitations specified. |
| ProBot | A customizable multipurpose bot that includes welcome images, in-depth logs, social commands, music, moderation, and anti-raid protection. | No major limitations specified. |
There are several BOT that can be self-hosted on some VPS or something to get even more alerts and functionality
BOT Name: GPT3Discord
- API Nedded:
- OpenAI
- Discord BOT Token
- DeepL (Optinal)
A robust, all-in-one GPT3 interface for Discord. Chat just like ChatGPT right inside Discord! Generate beautiful AI art using DALL-E 2! Automatically moderate your server using AI! Upload documents, videos, and files to get AI-assisted insights! A thorough integration with permanent conversation memory, automatic request retry, fault tolerance and reliability for servers of any scale, and much more.
-
Requirements
- python3.9 (must be installed recomnded via virtual venv)
-
Installation
git clone https://github.com/Kav-K/GPT3Discord.git
cd GPT3Discord/
# Install system packages (python)
sudo apt-get update
sudo apt install software-properties-common
sudo add-apt-repository ppa:deadsnakes/ppa
sudo apt install python3.9
sudo apt install python3.9-distutils
# Install Pip for python3.9
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
python3.9 get-pip.py
# Install project dependencies
python3.9 -m pip install --ignore-installed PyYAML
python3.9 -m pip install torch==1.9.1+cpu torchvision==0.10.1+cpu -f https://download.pytorch.org/whl/torch_stable.html
python3.9 -m pip install -r requirements.txt
python3.9 -m pip install .
mv sample.env .env
https://discordpy.readthedocs.io/en/stable/discord.html
-
Create a new Bot on Discord Developer Portal:
- Applications -> New Application
-
Generate Token for the app (discord_bot_token)
- Select App (Bot) -> Bot -> Reset Token
-
Toogle PRESENCE INTENT:
- Select App (Bot) -> Bot -> PRESENCE INTENT, SERVER MEMBERS INTENT, MESSAGES INTENT, (basically turn on all intents)
-
Add Bot the the server.
- Select App (Bot) -> OAuth2 -> URL Generator -> Select Scope: Bot, application.commands
- Bot Permissions will appear, select the desired permissions
- Copy the link generated below and paste it on the browser
- On add to server select the desired server to add the bot
-
Make sure you have updated your .env file with valid values for
DEBUG_GUILD,DEBUG_CHANNELandALLOWED_GUILDS, otherwise the bot will not work. Guild IDs can be found by right clicking a server and clickingCopy ID, similarly, channel IDs can be found by right clicking a channel and clickingCopy ID. -
Edit the .env file whare all the configuration are stroed and changes them
-
Run the bot with
python3.9 gpt3discord.py -
More Info on Github Page
BOT Name: MonitoRSS
Repo to deploy the news-delivering bot MonitoRSS (formerly known as Discord.RSS)
-
API Nedded:
- Discord BOT Token
- Discord Application ID
- Discord Application Secret
-
Requirements
- MongoDB
- node
- redis
-
Installation
# mongodb install
wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc | sudo apt-key add -
echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/6.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.list
# reddis
curl -fsSL https://packages.redis.io/gpg | sudo gpg --dearmor -o /usr/share/keyrings/redis-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/redis-archive-keyring.gpg] https://packages.redis.io/deb $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/redis.list
sudo apt-get update
sudo apt-get install mongodb-org redis npm
sudo systemctl start mongod.service
sudo systemctl status mongod
sudo systemctl enable mongod
mongosh --eval 'db.runCommand({ connectionStatus: 1 })'
sudo systemctl start redis-server
sudo systemctl status redis-server
sudo systemctl enable redis-server
git clone https://github.com/synzen/MonitoRSS-Clone.git
cd MonitoRSS-Clone
npm install
- First Run and configuration
- Edit the necessary lines in config files
- Configs are set in the settings/config.web.json file. If none exist, then you must create one that follows the example at settings/config.web.example.json.
- Once it all set run with
node bot-web.js
| Config Value | Description | Example |
|---|---|---|
token* |
Bot token | Generate Token for the app (discord_bot_token) > Select App (Bot) -> Bot -> Reset Token |
redirectURI* |
Domain with /authorize appended after it. Make sure you add this exact URL to Redirects for your application at Discord Developers, in OAuth2. |
in case its run on local Set Both In the config and in the discord developers http://<YOURE IP>:<PORT>/authorize EX. http://192.168.1.124:8081/authorize Select App (Bot) -> OAuth2 and on the main page set the url in the Redirects section |
clientID* |
Application ID retrieved from Discord Developers. | Select App (Bot) -> OAuth2 then one the main page Copy CLIENT ID |
clientSecret* |
Application secret retrieved from Discord Developers. | Select App (Bot) -> OAuth2 then one the main page Click on Reset Secret and copy the output |
BOT Name: BeaconNotifier-Discord
Cobalt strike CNA script to notify you via Discord whenever there is a new beacon.
-
API Nedded:
- Discord WebHook
-
Requirements
- python3
-
Installation
- Create a Discord Webhook
- Paste the URL in request.py
- Edit the path of request.py in notify.cna
- Edit the message as you want (Optional)
- Load the cna script via cobaltstrike UI
- Wait For inital Connection =)
To start receiving alerts with these bots, you can use various news and event feeds as sources. You can find other RSS feeds by searching for the website you're interested in along with "RSS" or "Atom". Alternatively, some websites may have links to their RSS feeds in the footer or elsewhere on the page.
-
Blogs-feed
-
YouTube-feed
-
Github-Feed
-
Twitter-Feed
-
CVE-Alerts
-
threatintelctr: In the Tweetshift BOT dashborad add this twitter account and set the channel to
cve-alert
-
Spyo: Spyo is a cutting-edge bot designed specifically for professionals in the information technology (IT) sector. With a focus on Cybersecurity, InfoSec, and other tech fields, Spyo offers a range of powerful tools and commands, including OSINT, Cryptography, Forensics, and Recon capabilities. The bot also features CTF hacking challenges that can be played on your server, allowing you to earn certifications for each challenge you complete and join thousands of members on the leaderboard.
-
Telegram Channel Monitoring: Stay up-to-date with the latest news and information from your favorite Telegram channels using RSS feeds generated from public channels. Simply add the channel name to the URL
https://rsshub.app/telegram/channel/<CHANNEL NAME>to start receiving alerts. For example, to receive updates from the "cveNotify" channel, use the URLhttps://rsshub.app/telegram/channel/cveNotify. -
Discord C2 Since Discord is getting popular, why not use the platorm as a c2. That's what this project is about.
Feel free to contact me if you have any questions or need more information about this. I also welcome any suggestions or feedback to enhance this project
