theWatcher is a threat intelligence tool. It retrieves data from multiple sources, applies AI-based classification and summarization when possible, and generates concise reports.
- Collect vulnerabilities from:
- Full Disclosure
- Exploit-DB
- NIST
- Summarize vulnerabilities using AI, grouping them by technology and highlighting trends
- Filter vulnerabilities by severity
- Limit the number of items collected from each source
- Python 3.7+
- An optional Google Generative AI API key (placed in a .env file as GEMINI_API_KEY) for AI-based classification and summarization.
- You can request access to the API here. The tool does not need the paid version of the API; the free tier is sufficient and does not require a credit card.
- Clone the repository.
git clone https://github.com/Rafael-BD/theWatcher
cd theWatcher/src- Install dependencies:
pip install -r requirements.txt- (Optional) Create a .env file in the project root with the following content:
GEMINI_API_KEY=YOUR_KEY_HERE
Run the main script from the command line: python main.py [options]
Some useful options:
- -c, --collect
Collect vulnerabilities from the specified sources. - -s, --summarize
Generate a summary report from collected vulnerabilities. - -F, --full-scan
Collect from all sources (including NIST) over the last 30 days (implies --collect and --summarize). - -Q, --quick-scan
Collect from all sources over the last 7 days, limiting each source to 50 items (implies --collect and --summarize). - -m, --max-items
Maximum number of vulnerabilities to retrieve per source. - -t, --type [all|sources|nist]
Overall scope (all sources or just NIST or custom sources). - -S, --sources [fulldisclosure exploitdb nist]
Specify which sources to query. - -N, --no-ai
Disable AI-based classification and summarization. - -o, --output-dir
Select output directory for saved JSON and report files.
Here’s a quick command to collect data from all sources for the last 15 days and generate a report:
python main.py -c -s -d 15 --type all --max-items 50# Collect vulnerabilities from multiple sources without AI
python main.py --collect --sources fulldisclosure exploitdb --no-ai
# Run a comprehensive scan and summarization in headless mode
python main.py -F --output-dir ./reports-
Full scan of all sources, storing 100 items per source: python main.py --full-scan
-
Quick scan: python main.py --quick-scan
-
Custom scan (only Full Disclosure and Exploit-DB for the last 15 days without AI): python main.py -c -d 15 -S fulldisclosure exploitdb --no-ai
Here is an example of a generated report:
Feel free to open a pull request or submit an issue if you find any bugs or want to request new features.
This tool is under active development. New sources, AI APIs, and features will be added continuously.
This project is licensed under the MIT License.