A client that retrieves vulnerability observations from the The Shadowserver Foundation and pushes them to a Vulnerability-Lookup instance.

Navigation

Verified details

These details have been verified by PyPI
Project links
Owner
GitHub Statistics
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: GNU General Public License v3 or later (GPLv3+) (GPL-3.0-or-later)
  • Author: Cédric Bonhomme
  • Tags Vulnerability-Lookup , Vulnerability , CVE , Shadowserver
  • Requires: Python <4.0, >=3.10
Classifiers
Report project as malware

Project description

ShadowSight

A client to gather vulnerability-related information from the Shadowserver Foundation. The collected data is then sent to the Vulnerability-Lookup API as sightings.

Installation

pipx is an easy way to install and run Python applications in isolated environments. It's easy to install.

$ pipx install ShadowSight
$ export SHADOWSIGHT_CONFIG=~/.ShadowSight/conf.py

The configuration should be defined in a Python file (e.g., ~/.ShadowSight/conf.py). You must then set an environment variable (SHADOWSIGHT_CONFIG) with the full path to this file.

You can have a look at this example of configuration.

Usage

Publishing sightings to Vulnerability-Lookup

$ ShadowSight --help
usage: ShadowSight [-h] [--method {exploited,common}] [--since SINCE] [--limit LIMIT]

ShadowSight Query Script

options:
  -h, --help            show this help message and exit
  --method {exploited,common}
                        The set of vulnerabilities (honeypot/exploited-vulnerabilities or honeypot/common-vulnerabilities) from the honeypot group.
  --since SINCE         Query for exploited vulnerabilities from Shadow Server (back until) this date inclusive (yyyy-mm-dd), or specify an integer to represent days in the past.
  --limit LIMIT         Limit number of results.


$ ShadowSight --since 2025-01-21 --limit 10

$ ShadowSight --since 3d --limit 10

$ ShadowSight --since 30d --limit 10 --method common

Examples of collected sightings

Sets of sightings available on Vulnerability-Lookup thanks to the Shadowserver foundation:

License

ShadowSight is licensed under GNU General Public License version 3

Copyright (c) 2025 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (C) 2025 Cédric Bonhomme - https://github.com/cedricbonhomme

Project details

Verified details

These details have been verified by PyPI
Project links
Owner
GitHub Statistics
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: GNU General Public License v3 or later (GPLv3+) (GPL-3.0-or-later)
  • Author: Cédric Bonhomme
  • Tags Vulnerability-Lookup , Vulnerability , CVE , Shadowserver
  • Requires: Python <4.0, >=3.10
Classifiers

Release history Release notifications | RSS feed

This version

1.0.3

1.0.2

1.0.1

1.0.0

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

shadowsight-1.0.3.tar.gz (6.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

shadowsight-1.0.3-py3-none-any.whl (8.6 kB view details)

Uploaded Python 3

File details

Details for the file shadowsight-1.0.3.tar.gz.

File metadata

  • Download URL: shadowsight-1.0.3.tar.gz
  • Upload date:
  • Size: 6.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.8

File hashes

Hashes for shadowsight-1.0.3.tar.gz
Algorithm Hash digest
SHA256 112a1d57aaddac17a64cca18144ada8689b58c1159abe2a234dec34fa84ffeba
MD5 99784870a5d9a40642a7a9dcf1dbb91f
BLAKE2b-256 20f62e3addeba6644c26cc5bd4d39a03a12802a0d5734c0ab20c1d5af0ed3b8c

See more details on using hashes here.

Provenance

The following attestation bundles were made for shadowsight-1.0.3.tar.gz:

Publisher: release.yml on vulnerability-lookup/ShadowSight

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file shadowsight-1.0.3-py3-none-any.whl.

File metadata

  • Download URL: shadowsight-1.0.3-py3-none-any.whl
  • Upload date:
  • Size: 8.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.8

File hashes

Hashes for shadowsight-1.0.3-py3-none-any.whl
Algorithm Hash digest
SHA256 83f3cd9962406c2d1cbdeb9a78787ed634f7cbd99fd48d52dcb9a40b2093e93d
MD5 1f601ab48e4f90bb2334e1cdf2920a4a
BLAKE2b-256 025bc6708497d05b8a98bebe789668eefb5a2565095137c4e760e7719259a00a

See more details on using hashes here.

Provenance

The following attestation bundles were made for shadowsight-1.0.3-py3-none-any.whl:

Publisher: release.yml on vulnerability-lookup/ShadowSight

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page