Skip to content

jackby03/threatradar

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
threatradar
threatradar
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

threatradar

Threat Intelligence pipeline with semantic search, deduplication, and automated generation of security bulletins and technical reports.

Author: jackby03 · License: AGPL-3.0
NLP engine: nlpti

What it does

threatradar pulls alerts from multiple threat intelligence sources, processes them with NLP, and produces two distinct output types:

Output Purpose Audience
Boletín Periodic multi-alert digest Management, broad distribution
Reporte Deep analysis of one specific alert SOC, analysts, CISO

Pipeline

Sources ──► Ingest ──► Classify ──► Deduplicate ──► Semantic Index
(CNSD, THN,                                               │
 NVD, ...)                                    ┌───────────┴───────────┐
                                           boletin              reporte
                                         (multi-alert)       (single CVE)

Install

# Clone
git clone https://github.com/jackby03/threatradar
cd threatradar

# Install nlpti first
pip install ../nlpti   # or: pip install nlpti (when published)

# Install threatradar
pip install -e .

Usage

CLI

# Full pipeline from a local CNSD PDF + The Hacker News
threatradar run --cnsd alert.pdf --thn --output ./output

# Boletín only
threatradar boletin --cnsd alert.pdf --output ./output/boletin.html

# Technical report for a specific CVE
threatradar reporte --cnsd alert.pdf --cve CVE-2026-3298 --output ./output/reporte.md

# Semantic search
threatradar search --cnsd alert.pdf --query "vulnerabilidad critica python windows"

Python API

from threatradar import Pipeline, generate_boletin, generate_reporte
from threatradar.ingest import CNSDFetcher, THNFetcher

# Build and run pipeline
pipeline = Pipeline(fetchers=[
    CNSDFetcher(pdf_path="alert.pdf"),
    THNFetcher(),
])
pipeline.run()

# Semantic search
for r in pipeline.search("ransomware banca peru", top_k=5):
    print(f"[{r.score:.2f}] {r.alert.title}")

# Generate outputs
generate_boletin(pipeline.alerts, "output/boletin.html")

alert = pipeline.by_cve("CVE-2026-3298")[0]
generate_reporte(alert, "output/reporte.md")

Sources supported

Source Class Mode
CNSD (Perú) CNSDFetcher Local PDF or live scraping
The Hacker News THNFetcher RSS feed
NVD / NIST NVDFetcher REST API v2.0

Custom sources: subclass BaseFetcher and implement fetch() -> list[Alert].

License

GNU Affero General Public License v3.0 — see LICENSE.
For commercial licensing: jackby03@protonmail.com

About

No description, website, or topics provided.

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages