[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"similar-thalesgroup-cert--Watcher":3,"tool-thalesgroup-cert--Watcher":62},[4,18,26,36,46,54],{"id":5,"name":6,"github_repo":7,"description_zh":8,"stars":9,"difficulty_score":10,"last_commit_at":11,"category_tags":12,"status":17},4358,"openclaw","openclaw\u002Fopenclaw","OpenClaw 是一款专为个人打造的本地化 AI 助手，旨在让你在自己的设备上拥有完全可控的智能伙伴。它打破了传统 AI 助手局限于特定网页或应用的束缚，能够直接接入你日常使用的各类通讯渠道，包括微信、WhatsApp、Telegram、Discord、iMessage 等数十种平台。无论你在哪个聊天软件中发送消息，OpenClaw 都能即时响应，甚至支持在 macOS、iOS 和 Android 设备上进行语音交互，并提供实时的画布渲染功能供你操控。\n\n这款工具主要解决了用户对数据隐私、响应速度以及“始终在线”体验的需求。通过将 AI 部署在本地，用户无需依赖云端服务即可享受快速、私密的智能辅助，真正实现了“你的数据，你做主”。其独特的技术亮点在于强大的网关架构，将控制平面与核心助手分离，确保跨平台通信的流畅性与扩展性。\n\nOpenClaw 非常适合希望构建个性化工作流的技术爱好者、开发者，以及注重隐私保护且不愿被单一生态绑定的普通用户。只要具备基础的终端操作能力（支持 macOS、Linux 及 Windows WSL2），即可通过简单的命令行引导完成部署。如果你渴望拥有一个懂你",349277,3,"2026-04-06T06:32:30",[13,14,15,16],"Agent","开发框架","图像","数据工具","ready",{"id":19,"name":20,"github_repo":21,"description_zh":22,"stars":23,"difficulty_score":10,"last_commit_at":24,"category_tags":25,"status":17},3808,"stable-diffusion-webui","AUTOMATIC1111\u002Fstable-diffusion-webui","stable-diffusion-webui 是一个基于 Gradio 构建的网页版操作界面，旨在让用户能够轻松地在本地运行和使用强大的 Stable Diffusion 图像生成模型。它解决了原始模型依赖命令行、操作门槛高且功能分散的痛点，将复杂的 AI 绘图流程整合进一个直观易用的图形化平台。\n\n无论是希望快速上手的普通创作者、需要精细控制画面细节的设计师，还是想要深入探索模型潜力的开发者与研究人员，都能从中获益。其核心亮点在于极高的功能丰富度：不仅支持文生图、图生图、局部重绘（Inpainting）和外绘（Outpainting）等基础模式，还独创了注意力机制调整、提示词矩阵、负向提示词以及“高清修复”等高级功能。此外，它内置了 GFPGAN 和 CodeFormer 等人脸修复工具，支持多种神经网络放大算法，并允许用户通过插件系统无限扩展能力。即使是显存有限的设备，stable-diffusion-webui 也提供了相应的优化选项，让高质量的 AI 艺术创作变得触手可及。",162132,"2026-04-05T11:01:52",[14,15,13],{"id":27,"name":28,"github_repo":29,"description_zh":30,"stars":31,"difficulty_score":32,"last_commit_at":33,"category_tags":34,"status":17},1381,"everything-claude-code","affaan-m\u002Feverything-claude-code","everything-claude-code 是一套专为 AI 编程助手（如 Claude Code、Codex、Cursor 等）打造的高性能优化系统。它不仅仅是一组配置文件，而是一个经过长期实战打磨的完整框架，旨在解决 AI 代理在实际开发中面临的效率低下、记忆丢失、安全隐患及缺乏持续学习能力等核心痛点。\n\n通过引入技能模块化、直觉增强、记忆持久化机制以及内置的安全扫描功能，everything-claude-code 能显著提升 AI 在复杂任务中的表现，帮助开发者构建更稳定、更智能的生产级 AI 代理。其独特的“研究优先”开发理念和针对 Token 消耗的优化策略，使得模型响应更快、成本更低，同时有效防御潜在的攻击向量。\n\n这套工具特别适合软件开发者、AI 研究人员以及希望深度定制 AI 工作流的技术团队使用。无论您是在构建大型代码库，还是需要 AI 协助进行安全审计与自动化测试，everything-claude-code 都能提供强大的底层支持。作为一个曾荣获 Anthropic 黑客大奖的开源项目，它融合了多语言支持与丰富的实战钩子（hooks），让 AI 真正成长为懂上",160784,2,"2026-04-19T11:32:54",[14,13,35],"语言模型",{"id":37,"name":38,"github_repo":39,"description_zh":40,"stars":41,"difficulty_score":42,"last_commit_at":43,"category_tags":44,"status":17},8272,"opencode","anomalyco\u002Fopencode","OpenCode 是一款开源的 AI 编程助手（Coding Agent），旨在像一位智能搭档一样融入您的开发流程。它不仅仅是一个代码补全插件，而是一个能够理解项目上下文、自主规划任务并执行复杂编码操作的智能体。无论是生成全新功能、重构现有代码，还是排查难以定位的 Bug，OpenCode 都能通过自然语言交互高效完成，显著减少开发者在重复性劳动和上下文切换上的时间消耗。\n\n这款工具专为软件开发者、工程师及技术研究人员设计，特别适合希望利用大模型能力来提升编码效率、加速原型开发或处理遗留代码维护的专业人群。其核心亮点在于完全开源的架构，这意味着用户可以审查代码逻辑、自定义行为策略，甚至私有化部署以保障数据安全，彻底打破了传统闭源 AI 助手的“黑盒”限制。\n\n在技术体验上，OpenCode 提供了灵活的终端界面（Terminal UI）和正在测试中的桌面应用程序，支持 macOS、Windows 及 Linux 全平台。它兼容多种包管理工具，安装便捷，并能无缝集成到现有的开发环境中。无论您是追求极致控制权的资深极客，还是渴望提升产出的独立开发者，OpenCode 都提供了一个透明、可信",144296,1,"2026-04-16T14:50:03",[13,45],"插件",{"id":47,"name":48,"github_repo":49,"description_zh":50,"stars":51,"difficulty_score":32,"last_commit_at":52,"category_tags":53,"status":17},2271,"ComfyUI","Comfy-Org\u002FComfyUI","ComfyUI 是一款功能强大且高度模块化的视觉 AI 引擎，专为设计和执行复杂的 Stable Diffusion 图像生成流程而打造。它摒弃了传统的代码编写模式，采用直观的节点式流程图界面，让用户通过连接不同的功能模块即可构建个性化的生成管线。\n\n这一设计巧妙解决了高级 AI 绘图工作流配置复杂、灵活性不足的痛点。用户无需具备编程背景，也能自由组合模型、调整参数并实时预览效果，轻松实现从基础文生图到多步骤高清修复等各类复杂任务。ComfyUI 拥有极佳的兼容性，不仅支持 Windows、macOS 和 Linux 全平台，还广泛适配 NVIDIA、AMD、Intel 及苹果 Silicon 等多种硬件架构，并率先支持 SDXL、Flux、SD3 等前沿模型。\n\n无论是希望深入探索算法潜力的研究人员和开发者，还是追求极致创作自由度的设计师与资深 AI 绘画爱好者，ComfyUI 都能提供强大的支持。其独特的模块化架构允许社区不断扩展新功能，使其成为当前最灵活、生态最丰富的开源扩散模型工具之一，帮助用户将创意高效转化为现实。",109154,"2026-04-18T11:18:24",[14,15,13],{"id":55,"name":56,"github_repo":57,"description_zh":58,"stars":59,"difficulty_score":32,"last_commit_at":60,"category_tags":61,"status":17},6121,"gemini-cli","google-gemini\u002Fgemini-cli","gemini-cli 是一款由谷歌推出的开源 AI 命令行工具，它将强大的 Gemini 大模型能力直接集成到用户的终端环境中。对于习惯在命令行工作的开发者而言，它提供了一条从输入提示词到获取模型响应的最短路径，无需切换窗口即可享受智能辅助。\n\n这款工具主要解决了开发过程中频繁上下文切换的痛点，让用户能在熟悉的终端界面内直接完成代码理解、生成、调试以及自动化运维任务。无论是查询大型代码库、根据草图生成应用，还是执行复杂的 Git 操作，gemini-cli 都能通过自然语言指令高效处理。\n\n它特别适合广大软件工程师、DevOps 人员及技术研究人员使用。其核心亮点包括支持高达 100 万 token 的超长上下文窗口，具备出色的逻辑推理能力；内置 Google 搜索、文件操作及 Shell 命令执行等实用工具；更独特的是，它支持 MCP（模型上下文协议），允许用户灵活扩展自定义集成，连接如图像生成等外部能力。此外，个人谷歌账号即可享受免费的额度支持，且项目基于 Apache 2.0 协议完全开源，是提升终端工作效率的理想助手。",100752,"2026-04-10T01:20:03",[45,13,15,14],{"id":63,"github_repo":64,"name":65,"description_en":66,"description_zh":67,"ai_summary_zh":68,"readme_en":69,"readme_zh":70,"quickstart_zh":71,"use_case_zh":72,"hero_image_url":73,"owner_login":74,"owner_name":75,"owner_avatar_url":76,"owner_bio":77,"owner_company":78,"owner_location":78,"owner_email":78,"owner_twitter":79,"owner_website":80,"owner_url":81,"languages":82,"stars":114,"forks":115,"last_commit_at":116,"license":117,"difficulty_score":10,"env_os":118,"env_gpu":119,"env_ram":120,"env_deps":121,"category_tags":135,"github_topics":136,"view_count":32,"oss_zip_url":78,"oss_zip_packed_at":78,"status":17,"created_at":156,"updated_at":157,"faqs":158,"releases":194},9851,"thalesgroup-cert\u002FWatcher","Watcher","Watcher - Open Source AI-powered Cyber Threat Intelligence & Hunting Platform. Developed with Django & React JS.","Watcher 是一款由 Thales 集团开发的开源人工智能网络安全威胁情报与狩猎平台，旨在帮助安全团队主动发现并监控新兴的网络威胁。它基于 Django 和 React JS 构建，既支持传统服务器部署，也能通过 Docker 快速启动。\n\n在网络安全领域，海量碎片化的威胁数据往往让分析人员难以招架。Watcher 利用 AI 技术将原始数据转化为可执行的情报，自动汇总每周热门安全话题、实时推送突发威胁警报，并能按需生成包含 CVE 漏洞和攻击者细节的深度报告。它能持续监控全球多家权威 CERT 机构的动态，追踪恶意域名变更、检测信息泄露（如代码库中的密钥），甚至通过域名生成算法（DGA）和证书透明度监测，提前识别针对组织的仿冒或可疑域名。此外，Watcher 还能与 TheHive 平台无缝同步，实现告警自动化和案例管理。\n\n这款工具特别适合企业安全运营中心（SOC）分析师、威胁情报研究人员以及负责基础设施防护的开发运维人员使用。其独特的技术亮点在于集成了 TLSH 模糊哈希技术以感知网页内容微调，并结合 dnstwist 和 certstream 实现了对域名欺骗和新注册恶意域","Watcher 是一款由 Thales 集团开发的开源人工智能网络安全威胁情报与狩猎平台，旨在帮助安全团队主动发现并监控新兴的网络威胁。它基于 Django 和 React JS 构建，既支持传统服务器部署，也能通过 Docker 快速启动。\n\n在网络安全领域，海量碎片化的威胁数据往往让分析人员难以招架。Watcher 利用 AI 技术将原始数据转化为可执行的情报，自动汇总每周热门安全话题、实时推送突发威胁警报，并能按需生成包含 CVE 漏洞和攻击者细节的深度报告。它能持续监控全球多家权威 CERT 机构的动态，追踪恶意域名变更、检测信息泄露（如代码库中的密钥），甚至通过域名生成算法（DGA）和证书透明度监测，提前识别针对组织的仿冒或可疑域名。此外，Watcher 还能与 TheHive 平台无缝同步，实现告警自动化和案例管理。\n\n这款工具特别适合企业安全运营中心（SOC）分析师、威胁情报研究人员以及负责基础设施防护的开发运维人员使用。其独特的技术亮点在于集成了 TLSH 模糊哈希技术以感知网页内容微调，并结合 dnstwist 和 certstream 实现了对域名欺骗和新注册恶意域名的实时捕捉，为组织构筑了一道智能化的主动防御防线。","\u003Cp align=\"center\">\n    \u003Cimg alt=\"Watcher Logo\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_c384116d8bb6.png\" height=\"270\" width=\"270\">\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n    \u003Cstrong>AI-Powered Automated Cybersecurity Threat Detection Platform\u003C\u002Fstrong>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n    \u003Ca href=\"https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html\">\n        \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FInstall-Guide-informational?style=for-the-badge&logo=docker\" alt=\"Install\">\n    \u003C\u002Fa>\n    \u003Ca href=\"https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002F\">\n        \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDocumentation-Read-informational?style=for-the-badge&logo=readthedocs\" alt=\"Documentation\">\n    \u003C\u002Fa>\n    \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\">\n        \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fstars\u002Fthalesgroup-cert\u002FWatcher?style=for-the-badge&logo=github\" alt=\"Stars\">\n    \u003C\u002Fa>\n    \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fissues?q=is%3Aissue+is%3Aclosed\">\n        \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fissues-closed-raw\u002Fthalesgroup-cert\u002FWatcher?style=for-the-badge&logo=github\" alt=\"Closed Issues\">\n    \u003C\u002Fa>\n    \u003Ca href=\".\u002FLICENSE\">\n        \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flicense\u002Fthalesgroup-cert\u002FWatcher?style=for-the-badge&logo=opensourceinitiative&logoColor=white\" alt=\"License\">\n    \u003C\u002Fa>\n    \u003Ca href=\"https:\u002F\u002Fhub.docker.com\u002Fr\u002Ffelix83000\u002Fwatcher\u002Ftags\">\n        \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fdocker\u002Fpulls\u002Ffelix83000\u002Fwatcher?style=for-the-badge&logo=docker\" alt=\"Docker Pulls\">\n    \u003C\u002Fa>\n\u003C\u002Fp>\n\nWatcher is a Django & React JS platform designed to discover and monitor emerging cybersecurity threats with **AI-powered threat intelligence analysis**. It can be deployed on webservers or quickly run via Docker.\n\n## Watcher Capabilities\n\nWatcher empowers your security operations with comprehensive threat detection and monitoring:\n\n- **AI-Driven Threat Intelligence** — Transform raw threat data into actionable intelligence with automated weekly digests of top-5 trending cybersecurity topics, real-time breaking news alerts when threats emerge, on-demand summaries for any security keyword including related CVE and threat actor details.\n\n- **Emerging Threat Detection** — Monitor cybersecurity trends via RSS feeds from CERT-FR (www.cert.ssi.gouv.fr), CERT-EU (www.cert.europa.eu), US-CERT (www.us-cert.gov), Australian Cyber Security Centre (www.cyber.gov.au), and more. Track new vulnerabilities, malware campaigns, and threat advisories as they appear.\n\n- **Legitimate Domain Management** — Centralized approved domains with expiry, repurchase status, registrar info, and contacts. Easily convert monitored malicious domains into legitimate ones.\n\n- **Information Leak Monitoring** — Detect sensitive data exposure across the webs including Pastebin, StackOverflow, GitHub, GitLab, Bitbucket, APKMirror, npm registries, and other platforms. Catch leaked credentials, API keys, and confidential information early.\n\n- **Malicious Domain Surveillance** — Monitor malicious domains for changes in IP addresses, mail\u002FMX records, and web content. Use [TLSH](https:\u002F\u002Fgithub.com\u002Ftrendmicro\u002Ftlsh) fuzzy hashing to detect modifications. Automatic RDAP\u002FWHOIS checks with registrar and expiry alerts.\n\n- **Suspicious Domain Detection** — Identify potentially malicious domains targeting your organisation via:\n  - **Domain Generation Algorithm Detection** using [dnstwist](https:\u002F\u002Fgithub.com\u002Felceef\u002Fdnstwist) to find typosquatting, homograph attacks, and similar domain variants\n  - **Certificate Transparency Monitoring** via [certstream](https:\u002F\u002Fgithub.com\u002FCaliDog\u002Fcertstream-python) to catch newly registered suspicious domains in real-time\n\n## Additional Features\n\nExtend Watcher's capabilities with powerful integrations and management tools:\n\n- **TheHive Full Synchronization** — Integration with [TheHive](https:\u002F\u002Fthehive-project.org\u002F) featuring automated alert creation, smart case management, IOC enrichment, and ready-to-use Cortex Analyzers & Responders. Detailed configuration are provided in the documentation [here.](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#thehive-export)\n- **MISP Integration** — Seamlessly export Indicators of Compromise (IOCs) to [MISP](https:\u002F\u002Fwww.misp-project.org\u002F) with smart UUID tracking, automatic object creation, and manual attribute updates for collaborative threat intelligence sharing\n- **Flexible Authentication** — Support for both LDAP and local authentication systems\n- **Smart Notifications** — Receive email, Slack, or Citadel alerts for critical findings and threshold violations\n- **Ticketing System Integration** — Automatically feed your ticketing system with security findings\n- **Comprehensive Admin Interface** — Manage all aspects of Watcher through Django's powerful admin panel\n- **Advanced Access Control** — Granular user permissions and group management for team collaboration\n- **Modern UI Experience** — A modern interface with customizable themes, resizable dashboard panels, advanced filtering with saved filter sets, and persistent user preferences\n\n## Involved dependencies\n\nWatcher leverages open source tools and libraries:\n- [**Hugging Face Transformers**](https:\u002F\u002Fhuggingface.co\u002Fdocs\u002Ftransformers) — AI\u002FML framework powering threat intelligence summarization and entity extraction\n- [**google\u002Fflan-t5-base**](https:\u002F\u002Fhuggingface.co\u002Fgoogle\u002Fflan-t5-base) — Text-to-text generation model for AI-powered threat summaries\n- [**dslim\u002Fbert-base-NER**](https:\u002F\u002Fhuggingface.co\u002Fdslim\u002Fbert-base-NER) — Named Entity Recognition for automatic IOC extraction\n- [**certstream**](https:\u002F\u002Fgithub.com\u002FCaliDog\u002Fcertstream-python) — Certificate Transparency monitoring\n- [**dnstwist**](https:\u002F\u002Fgithub.com\u002Felceef\u002Fdnstwist) — Domain name permutation engine\n- [**SearxNG**](https:\u002F\u002Fgithub.com\u002Fsearxng\u002Fsearxng) — Privacy-respecting metasearch engine\n- [**PyMISP**](https:\u002F\u002Fgithub.com\u002FMISP\u002FPyMISP) — MISP threat intelligence platform integration\n- [**TLSH**](https:\u002F\u002Fgithub.com\u002Ftrendmicro\u002Ftlsh) — Fuzzy hashing for content similarity detection\n- [**shadow-useragent**](https:\u002F\u002Fgithub.com\u002Flobstrio\u002Fshadow-useragent) — User-Agent rotation library\n- [**NLTK**](https:\u002F\u002Fwww.nltk.org\u002F) — Natural Language Toolkit for text processing\n\n## App Preview\n\n### Threat Detection\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"Threats Watcher\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_f0cb1314d7b3.gif\" width=\"90%\">\n\u003C\u002Fp>\n\n### AI-Powered Weekly Summary & Breaking News\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"Weekly Summary & Breaking News\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_cbd5cb43935c.gif\" width=\"90%\">\n\u003C\u002Fp>\n\n### Suspicious domain names detection\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"Suspicious domain names detection\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_56ca39634b69.gif\" width=\"90%\">\n\u003C\u002Fp>\n\n### Legitimate Domain List\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"Legitimate Domain\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_fea57e8613c3.gif\" width=\"90%\">\n\u003C\u002Fp>\n\n### Data Leak Detection\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"Data Leak Detection\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_7e2902923e51.gif\" width=\"90%\">\n\u003C\u002Fp>\n\n### Suspicious domain names monitoring\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"Suspicious domain names monitoring\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_ef10d346e5bc.gif\" width=\"90%\">\n\u003C\u002Fp>\n\n### Theme Previews\n\n\u003Cp align=\"center\">\n  \u003Cimg alt=\"Theme Preference 1\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_9e94ecd50c8e.gif\" width=\"45%\">\n  \u003Cimg alt=\"Theme Preference 2\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_95e2b72f67ae.gif\" width=\"45%\">\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Cimg alt=\"Theme Preference 3\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_4de378f33dd4.gif\" width=\"45%\">\n  \u003Cimg alt=\"Theme Preference 4\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_0ec5b0b2a652.gif\" width=\"45%\">\n\u003C\u002Fp>\n\nWatcher offers multiple visual themes to match your preferences and working environment. \n\n### Admin Interface\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"Admin Interface\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_bf5846ee5135.gif\" width=\"90%\">\n\u003C\u002Fp>\n\nDjango provides a ready-to-use user interface for administrative activities. We all know how an admin interface is important for a web project: Users management, user group management, Watcher configuration, usage logs...\n\n## Installation\n\n```bash\n# 1. Clone the repo\ngit clone https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002Fwatcher.git\ncd watcher\u002Fdeployment\n\n# 2. Initialize environment, configs & directory structure\nmake init\n\n# 3. Start the stack\nmake up\n\n# 4. On first run: run database migrations + create superuser\nmake migrate\nmake superuser\nmake populate-db\n\n# 5. Open the web UI\n#    http:\u002F\u002Flocalhost:9002  (or your configured domain\u002Fport)\n```\n\nGet Watcher up and running in just **10 minutes** using Docker. **Detailed instructions available in our [Installation Guide](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html)**\n\n## Platform Architecture\n\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"Platform Architecture\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_f9b6afafda99.png\">\n\u003C\u002Fp>\n\nWatcher's modular architecture ensures scalability, reliability, and easy integration with your existing security stack.\n\n## Contributing\n\nWe welcome contributions from the security community!\n\nTo report bugs, request features, or submit code, please read our full [Contributing Guide](CONTRIBUTING.md).\n\n## Pastebin Compliance\n\nIn order to use Watcher pastebin API feature, you need to subscribe to a pastebin pro account and whitelist Watcher public IP (see https:\u002F\u002Fpastebin.com\u002Fdoc_scraping_api).\n\n","\u003Cp align=\"center\">\n    \u003Cimg alt=\"Watcher Logo\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_c384116d8bb6.png\" height=\"270\" width=\"270\">\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n    \u003Cstrong>基于人工智能的自动化网络安全威胁检测平台\u003C\u002Fstrong>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n    \u003Ca href=\"https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html\">\n        \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FInstall-Guide-informational?style=for-the-badge&logo=docker\" alt=\"安装指南\">\n    \u003C\u002Fa>\n    \u003Ca href=\"https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002F\">\n        \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDocumentation-Read-informational?style=for-the-badge&logo=readthedocs\" alt=\"文档\">\n    \u003C\u002Fa>\n    \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\">\n        \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fstars\u002Fthalesgroup-cert\u002FWatcher?style=for-the-badge&logo=github\" alt=\"星标数\">\n    \u003C\u002Fa>\n    \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fissues?q=is%3Aissue+is%3Aclosed\">\n        \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fissues-closed-raw\u002Fthalesgroup-cert\u002FWatcher?style=for-the-badge&logo=github\" alt=\"已关闭的问题\">\n    \u003C\u002Fa>\n    \u003Ca href=\".\u002FLICENSE\">\n        \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flicense\u002Fthalesgroup-cert\u002FWatcher?style=for-the-badge&logo=opensourceinitiative&logoColor=white\" alt=\"许可证\">\n    \u003C\u002Fa>\n    \u003Ca href=\"https:\u002F\u002Fhub.docker.com\u002Fr\u002Ffelix83000\u002Fwatcher\u002Ftags\">\n        \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fdocker\u002Fpulls\u002Ffelix83000\u002Fwatcher?style=for-the-badge&logo=docker\" alt=\"Docker 拉取次数\">\n    \u003C\u002Fa>\n\u003C\u002Fp>\n\nWatcher 是一个基于 Django 和 React JS 的平台，旨在通过 **人工智能驱动的威胁情报分析** 来发现并监控新兴的网络安全威胁。它可以部署在 Web 服务器上，也可以通过 Docker 快速运行。\n\n## Watcher 的功能\n\nWatcher 通过全面的威胁检测与监控能力，助力您的安全运营：\n\n- **AI 驱动的威胁情报** — 将原始威胁数据转化为可操作的情报，提供每周自动汇总的前 5 大热门网络安全话题、威胁出现时的实时突发新闻提醒，以及针对任何安全关键词的按需摘要，包括相关的 CVE 和威胁行为者详情。\n  \n- **新兴威胁检测** — 通过来自 CERT-FR (www.cert.ssi.gouv.fr)、CERT-EU (www.cert.europa.eu)、US-CERT (www.us-cert.gov)、澳大利亚网络安全中心 (www.cyber.gov.au) 等机构的 RSS 订阅源，监控网络安全趋势。跟踪新出现的漏洞、恶意软件活动和威胁通告。\n\n- **合法域名管理** — 集中管理经批准的域名，包含到期日期、续费状态、注册商信息及联系人等。可轻松将监控到的恶意域名转为合法域名。\n\n- **信息泄露监控** — 在整个网络中检测敏感数据暴露情况，涵盖 Pastebin、StackOverflow、GitHub、GitLab、Bitbucket、APKMirror、npm 注册表等平台。及早发现泄露的凭据、API 密钥和机密信息。\n\n- **恶意域名监控** — 监控恶意域名的 IP 地址、邮件\u002FMX 记录和网页内容变化。使用 [TLSH](https:\u002F\u002Fgithub.com\u002Ftrendmicro\u002Ftlsh) 模糊哈希技术检测修改。自动进行 RDAP\u002FWHOIS 查询，并提供注册商和到期提醒。\n\n- **可疑域名检测** — 通过以下方式识别可能针对贵组织的恶意域名：\n  - 使用 [dnstwist](https:\u002F\u002Fgithub.com\u002Felceef\u002Fdnstwist) 进行域名生成算法检测，以发现拼写错误、同形异义攻击及类似域名变体；\n  - 通过 [certstream](https:\u002F\u002Fgithub.com\u002FCaliDog\u002Fcertstream-python) 监控证书透明度，实时捕捉新注册的可疑域名。\n\n## 其他功能\n\n借助强大的集成与管理工具，扩展 Watcher 的功能：\n\n- **TheHive 完全同步** — 与 [TheHive](https:\u002F\u002Fthehive-project.org\u002F) 集成，支持自动创建告警、智能案例管理、IOC 增强以及即用型 Cortex 分析器和响应器。详细配置请参见文档 [此处](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#thehive-export)。\n- **MISP 集成** — 无缝导出入侵指标 (IOCs) 至 [MISP](https:\u002F\u002Fwww.misp-project.org\u002F) 平台，具备智能 UUID 跟踪、自动对象创建及手动属性更新功能，便于协作式威胁情报共享。\n- **灵活的身份验证** — 支持 LDAP 和本地身份验证系统。\n- **智能通知** — 接收电子邮件、Slack 或 Citadel 告警，及时通知关键发现和阈值违规。\n- **工单系统集成** — 自动将安全发现结果录入您的工单系统。\n- **全面的管理界面** — 通过 Django 强大的管理面板，全面管理 Watcher 的各项功能。\n- **高级访问控制** — 提供细粒度的用户权限和组管理，便于团队协作。\n- **现代化 UI 体验** — 现代化界面，支持自定义主题、仪表盘面板大小调整、高级筛选及保存的筛选集，以及持久化的用户偏好设置。\n\n## 所依赖的开源组件\n\nWatcher 利用多种开源工具和库：\n- [**Hugging Face Transformers**](https:\u002F\u002Fhuggingface.co\u002Fdocs\u002Ftransformers) — 用于威胁情报摘要和实体提取的人工智能\u002F机器学习框架。\n- [**google\u002Fflan-t5-base**](https:\u002F\u002Fhuggingface.co\u002Fgoogle\u002Fflan-t5-base) — 用于 AI 驱动威胁摘要的文本生成模型。\n- [**dslim\u002Fbert-base-NER**](https:\u002F\u002Fhuggingface.co\u002Fdslim\u002Fbert-base-NER) — 用于自动提取 IOC 的命名实体识别模型。\n- [**certstream**](https:\u002F\u002Fgithub.com\u002FCaliDog\u002Fcertstream-python) — 用于证书透明度监控。\n- [**dnstwist**](https:\u002F\u002Fgithub.com\u002Felceef\u002Fdnstwist) — 域名排列引擎。\n- [**SearxNG**](https:\u002F\u002Fgithub.com\u002Fsearxng\u002Fsearxng) — 尊重隐私的元搜索引擎。\n- [**PyMISP**](https:\u002F\u002Fgithub.com\u002FMISP\u002FPyMISP) — 用于 MISP 威胁情报平台的集成。\n- [**TLSH**](https:\u002F\u002Fgithub.com\u002Ftrendmicro\u002Ftlsh) — 用于内容相似性检测的模糊哈希技术。\n- [**shadow-useragent**](https:\u002F\u002Fgithub.com\u002Flobstrio\u002Fshadow-useragent) — 用户代理轮换库。\n- [**NLTK**](https:\u002F\u002Fwww.nltk.org\u002F) — 用于文本处理的自然语言工具包。\n\n## 应用预览\n\n### 威胁检测\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"Threats Watcher\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_f0cb1314d7b3.gif\" width=\"90%\">\n\u003C\u002Fp>\n\n### AI 驱动的每周摘要与突发新闻\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"Weekly Summary & Breaking News\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_cbd5cb43935c.gif\" width=\"90%\">\n\u003C\u002Fp>\n\n### 可疑域名检测\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"Suspicious domain names detection\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_56ca39634b69.gif\" width=\"90%\">\n\u003C\u002Fp>\n\n### 合法域名列表\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"Legitimate Domain\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_fea57e8613c3.gif\" width=\"90%\">\n\u003C\u002Fp>\n\n### 数据泄露检测\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"Data Leak Detection\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_7e2902923e51.gif\" width=\"90%\">\n\u003C\u002Fp>\n\n### 威胁域名监控\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"威胁域名监控\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_ef10d346e5bc.gif\" width=\"90%\">\n\u003C\u002Fp>\n\n### 主题预览\n\n\u003Cp align=\"center\">\n  \u003Cimg alt=\"主题偏好 1\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_9e94ecd50c8e.gif\" width=\"45%\">\n  \u003Cimg alt=\"主题偏好 2\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_95e2b72f67ae.gif\" width=\"45%\">\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Cimg alt=\"主题偏好 3\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_4de378f33dd4.gif\" width=\"45%\">\n  \u003Cimg alt=\"主题偏好 4\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_0ec5b0b2a652.gif\" width=\"45%\">\n\u003C\u002Fp>\n\nWatcher 提供多种视觉主题，以满足您的个人偏好和工作环境需求。\n\n### 管理界面\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"管理界面\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_bf5846ee5135.gif\" width=\"90%\">\n\u003C\u002Fp>\n\nDjango 提供了一个开箱即用的管理后台界面。我们都知道，管理界面对于一个 Web 项目来说至关重要：用户管理、用户组管理、Watcher 配置、使用日志等。\n\n## 安装\n\n```bash\n# 1. 克隆仓库\ngit clone https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002Fwatcher.git\ncd watcher\u002Fdeployment\n\n# 2. 初始化环境、配置及目录结构\nmake init\n\n# 3. 启动服务栈\nmake up\n\n# 4. 首次运行时：执行数据库迁移并创建超级用户\nmake migrate\nmake superuser\nmake populate-db\n\n# 5. 打开 Web 界面\n#    http:\u002F\u002Flocalhost:9002  (或您配置的域名\u002F端口)\n```\n\n只需使用 Docker，您就可以在短短 **10 分钟** 内将 Watcher 搭建并运行起来。**详细步骤请参阅我们的[安装指南](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html)**\n\n## 平台架构\n\n\u003Cp align=\"center\">\n    \u003Cimg alt=\"平台架构\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_readme_f9b6afafda99.png\">\n\u003C\u002Fp>\n\nWatcher 的模块化架构确保了其可扩展性、可靠性，并能轻松与您现有的安全防护体系集成。\n\n## 贡献\n\n我们欢迎安全社区的贡献！\n\n如需报告漏洞、请求功能或提交代码，请阅读我们的完整[贡献指南](CONTRIBUTING.md)。\n\n## Pastebin 合规要求\n\n要使用 Watcher 的 Pastebin API 功能，您需要订阅 Pastebin Pro 账户，并将 Watcher 的公网 IP 地址加入白名单（详情请参阅 https:\u002F\u002Fpastebin.com\u002Fdoc_scraping_api）。","# Watcher 快速上手指南\n\nWatcher 是一个基于 Django 和 React JS 构建的开源平台，旨在利用 **AI 驱动的情报分析**来发现和监控新兴的网络安全威胁。它支持通过 Docker 快速部署，能够自动汇总威胁情报、检测数据泄露、监控恶意域名，并可与 TheHive 和 MISP 等安全工具无缝集成。\n\n## 环境准备\n\n在开始之前，请确保您的系统满足以下要求：\n\n*   **操作系统**: Linux (推荐 Ubuntu\u002FCentOS) 或 macOS。\n*   **核心依赖**:\n    *   [Docker](https:\u002F\u002Fdocs.docker.com\u002Fget-docker\u002F) (建议版本 20.10+)\n    *   [Docker Compose](https:\u002F\u002Fdocs.docker.com\u002Fcompose\u002Finstall\u002F) (建议版本 2.0+)\n    *   `git`\n    *   `make`\n*   **网络要求**: 服务器需能访问外网以拉取 Docker 镜像、克隆代码库以及抓取威胁情报源（如 CERT 公告、Pastebin 等）。\n    *   *注：若在国内网络环境下，建议配置 Docker 国内镜像加速器以加快镜像拉取速度。*\n*   **可选依赖**: 若需使用 Pastebin 数据泄露检测功能，需注册 Pastebin Pro 账号并将服务器公网 IP 加入白名单。\n\n## 安装步骤\n\nWatcher 提供了基于 Makefile 的自动化部署脚本，只需几分钟即可完成安装。\n\n1.  **克隆项目仓库**\n    ```bash\n    git clone https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002Fwatcher.git\n    cd watcher\u002Fdeployment\n    ```\n\n2.  **初始化环境与配置**\n    此步骤将创建必要的目录结构并生成默认配置文件。\n    ```bash\n    make init\n    ```\n\n3.  **启动服务栈**\n    使用 Docker Compose 启动所有必要组件（数据库、后端、前端、AI 模型等）。\n    ```bash\n    make up\n    ```\n\n4.  **数据库迁移与管理员创建**\n    首次运行时，需执行数据库迁移、创建超级用户并预填充基础数据。\n    ```bash\n    make migrate\n    make superuser\n    make populate-db\n    ```\n    *执行 `make superuser` 时，请按提示输入管理员用户名、邮箱和密码。*\n\n5.  **访问平台**\n    服务启动后，在浏览器中访问：\n    `http:\u002F\u002Flocalhost:9002`\n    *(如果您修改了配置文件中的端口或域名，请使用对应的地址)*\n\n## 基本使用\n\n安装完成后，您可以立即开始使用 Watcher 的核心功能。以下是最简单的使用流程示例：\n\n### 1. 登录系统\n使用上一步创建的超级用户账号登录 Web 界面。您可以根据偏好切换不同的视觉主题。\n\n### 2. 查看 AI 生成的威胁周报\nWatcher 会自动运行 AI 模型（基于 Hugging Face Transformers），每周生成热门网络安全话题摘要。\n*   **操作**: 进入仪表盘，查看 **\"AI-Powered Weekly Summary\"** 模块。\n*   **效果**: 系统将展示过去一周 Top 5 的安全趋势、突发新闻警报以及针对特定关键词的 CVE 和威胁组织详情。\n\n### 3. 监控可疑域名\n利用集成的 `dnstwist` 和 `certstream` 工具检测针对您组织的潜在攻击。\n*   **操作**: 导航至 **Suspicious Domain Detection** 页面。\n*   **示例**: 输入您的主域名（例如 `example.com`），系统将自动计算并列出可能的拼写错误域名（Typosquatting）、同形异义字攻击域名以及新注册的相似证书域名。\n\n### 4. 配置数据泄露监控\n监控敏感信息是否暴露在公共代码库或粘贴板上。\n*   **操作**: 进入 **Information Leak Monitoring** 设置页。\n*   **示例**: 添加需要监控的关键字（如公司名、特定项目代号、API Key 前缀）。系统将定期扫描 GitHub, GitLab, Pastebin 等平台，一旦发现匹配内容即刻通过邮件、Slack 或 Citadel 发送警报。\n\n### 5. 集成外部安全平台（可选）\n*   **TheHive**: 在设置中配置 TheHive API 密钥，Watcher 可将高危警报自动转化为 TheHive 中的案例（Case）。\n*   **MISP**: 配置 MISP 连接信息，将检测到的 IOC（入侵指标）一键导出至 MISP 进行共享。\n\n> **提示**: 更多高级配置（如 LDAP 认证、自定义 RSS 源、通知阈值）可通过 Django 自带的强大管理后台 (`\u002Fadmin`) 进行管理。","某金融科技公司安全运营团队正面临海量外部威胁情报难以实时消化，且内部域名资产与泄露风险缺乏统一监控的困境。\n\n### 没有 Watcher 时\n- 分析师需人工每日遍历 CERT-FR、US-CERT 等多个机构网站及 RSS 源，耗时数小时才能拼凑出零散的威胁简报，极易遗漏突发高危漏洞。\n- 针对公司域名的仿冒攻击（如 typosquatting）依赖被动举报发现，往往在钓鱼邮件已发送给员工后，才知晓存在恶意变体域名。\n- 敏感代码或 API 密钥泄露至 GitHub、Pastebin 等平台时缺乏自动感知，通常等到造成实际损失或通过第三方通知才介入处理。\n- 恶意域名监控依靠手工查询 WHOIS 和 IP 变更，无法利用模糊哈希技术识别网页内容的细微篡改，响应速度严重滞后。\n\n### 使用 Watcher 后\n- Watcher 利用 AI 自动生成每周 Top-5 威胁摘要及实时突发警报，将多源情报转化为可执行报告，让团队从信息搜集转向分析决策。\n- 集成 dnstwist 与证书透明度监控，主动识别并预警针对公司品牌的相似域名及新注册可疑域名，将防御战线前移至攻击发生前。\n- 7x24 小时自动扫描各大代码托管站及粘贴板，一旦捕获包含公司关键词的凭证泄露立即告警，大幅缩短数据暴露窗口期。\n- 对恶意域名实施自动化指纹监控，通过 TLSH 模糊哈希精准检测内容变更，并结合 RDAP 数据自动推送注册商与过期提醒，实现闭环管理。\n\nWatcher 将原本分散、滞后的被动防御转变为由 AI 驱动的主动情报狩猎体系，显著提升了威胁发现速度与响应效率。","https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fthalesgroup-cert_Watcher_c384116d.png","thalesgroup-cert","THA-CERT - Thales Group CERT","https:\u002F\u002Foss.gittoolsai.com\u002Favatars\u002Fthalesgroup-cert_bd4df73f.png","Computer Emergency Response Team",null,"thalesgroup","https:\u002F\u002Fwww.thalesgroup.com\u002Fen\u002Fcomputer-emergency-response-team","https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert",[83,87,91,95,99,103,107,111],{"name":84,"color":85,"percentage":86},"JavaScript","#f1e05a",52.7,{"name":88,"color":89,"percentage":90},"Python","#3572A5",39,{"name":92,"color":93,"percentage":94},"CSS","#663399",6.8,{"name":96,"color":97,"percentage":98},"Shell","#89e051",0.8,{"name":100,"color":101,"percentage":102},"Dockerfile","#384d54",0.3,{"name":104,"color":105,"percentage":106},"Makefile","#427819",0.2,{"name":108,"color":109,"percentage":110},"HTML","#e34c26",0.1,{"name":112,"color":113,"percentage":110},"Batchfile","#C1F12E",1268,184,"2026-04-18T17:53:31","AGPL-3.0","Linux, macOS, Windows","未说明 (基于 Hugging Face Transformers 和 BERT\u002FT5 模型，建议使用支持 CUDA 的 GPU 以加速推理，但 README 未明确强制要求)","未说明 (运行多个 AI 模型及爬虫服务，建议 8GB 以上)",{"notes":122,"python":123,"dependencies":124},"1. 推荐使用 Docker 进行部署（提供 docker-compose 配置），可避免复杂的环境依赖问题。\n2. 核心功能依赖 AI 模型（flan-t5-base, bert-base-NER），首次运行需下载模型文件。\n3. 若使用 Pastebin 数据泄露检测功能，必须订阅 Pastebin Pro 账户并将 Watcher 的公网 IP 加入白名单。\n4. 平台架构包含 Django 后端、React 前端、PostgreSQL 数据库、Redis 缓存以及 SearxNG 搜索引擎等多个组件。","未说明 (通过 Docker 部署，内部版本未直接在 README 中列出)",[125,126,127,128,129,130,131,132,133,134],"Hugging Face Transformers","google\u002Fflan-t5-base","dslim\u002Fbert-base-NER","certstream","dnstwist","SearxNG","PyMISP","TLSH","shadow-useragent","NLTK",[14,13,15],[137,138,139,140,141,142,143,144,145,146,147,148,128,149,150,151,152,153,154,155],"cybersecurity","threat-hunting","django","reactjs","misp","thehive","security","incident-response","threat-detection","threat-intelligence","watcher","certificate-transparency","osint","monitoring","phishing","ai","huggingface","ai-threat-intelligence","cyber-ai","2026-03-27T02:49:30.150509","2026-04-20T07:17:15.592474",[159,164,169,174,179,184,189],{"id":160,"question_zh":161,"answer_zh":162,"source_url":163},44236,"登录后为何仍频繁弹出身份验证窗口？","这通常是因为版本过旧导致的。请按照官方文档升级 Watcher 到最新版本：https:\u002F\u002Ffelix83000.github.io\u002FWatcher\u002FREADME.html#update-watcher。维护者已修复相关逻辑，升级后问题即可解决。","https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fissues\u002F10",{"id":165,"question_zh":166,"answer_zh":167,"source_url":168},44237,"“流行词”和“词云”功能不更新怎么办？","请检查以下两点：\n1. 确认添加的所有源 URL 都指向有效的 RSS 文件（支持 Atom 1.0, Atom 0.3, RSS 2.0 等格式）。\n2. 确保 `rssbridge\u002Frss-bridge` 的 Docker 镜像已更新到最新版。\n参考文档：https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#add-your-rss-source-to-threats-detection","https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fissues\u002F27",{"id":170,"question_zh":171,"answer_zh":172,"source_url":173},44238,"无法通过域名（FQDN）访问 Watcher，提示 Bad Request？","需要在配置中将你的域名添加到允许的主机列表中。有两种方法：\n1. （推荐）在环境变量 `ALLOWED_HOST` 中明确设置你的域名（不要使用通配符）。\n2. （不安全）设置 `ALLOWED_HOST=*` 以允许所有主机，但这会降低安全性。","https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fissues\u002F12",{"id":175,"question_zh":176,"answer_zh":177,"source_url":178},44239,"定义了关键词但“数据泄露”部分为空，如何排查？","如果在企业网络中使用全局 HTTP 代理运行 Watcher 和 Searx，必须将内部服务的主机名和 IP 地址添加到 `NO_PROXY` 环境变量中，以防止内部通信被代理拦截。\n\n解决方法：\n在 `.env` 文件和 `docker-compose.yml` 的环境变量中添加：\n`NO_PROXY=10.10.10.0\u002F24,...,[内部 IP],[searx 主机名]`\n例如：`NO_PROXY=10.10.10.3,searx`。","https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fissues\u002F235",{"id":180,"question_zh":181,"answer_zh":182,"source_url":183},44240,"抓取数据泄露时出现 SSL 错误（SSLEOFError）如何解决？","这是由于 Searx 镜像版本兼容性问题导致的。请按以下步骤操作：\n1. 停止容器并删除旧镜像：\n   ```bash\n   docker-compose down\n   docker rmi searx\u002Fsearx\n   ```\n2. 修改 `docker-compose.yml`，将 image 标签改为特定版本：\n   `image: searx\u002Fsearx:0.18.0-341-ae0b621e`\n3. 确保 `settings.yml` 配置文件与仓库中的版本一致。\n4. 重新启动：`docker-compose up`","https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fissues\u002F34",{"id":185,"question_zh":186,"answer_zh":187,"source_url":188},44241,"更新后出现数据库排序规则混合错误（Illegal mix of collations）？","这是 MySQL 字符集排序规则不一致导致的问题（utf8mb4 与 utf8 混用）。通常通过更新 Watcher 镜像并重新运行迁移脚本可解决：\n```bash\ndocker-compose rm watcher\ndocker pull felix83000\u002Fwatcher:latest\ndocker-compose run watcher bash\npython manage.py migrate\nexit\ndocker-compose up -d\n```\n如果问题依旧，可能需要手动调整数据库表的排序规则以统一为 `utf8mb4_0900_ai_ci`。","https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fissues\u002F74",{"id":190,"question_zh":191,"answer_zh":192,"source_url":193},44242,"首页显示内容与示例图片不符，需要等待多久？","Watcher 首次启动后需要时间抓取和处理数据。根据用户反馈，通常需要等待 24 到 48 小时，首页的统计数据和图表才会正常显示并更新。请耐心等待后台任务完成初始化。","https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fissues\u002F23",[195,200,205,210,215,220,225,230,235,240,245,250,255,260,265,270,275,280,285,290],{"id":196,"version":197,"summary_zh":198,"released_at":199},351825,"v2.4.1","# v2.4.1\n\n此版本修复了 Searx 端口不一致的问题 [#215](https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fissues\u002F215)，并提升了数据泄露模块的稳定性和可维护性。所有相关配置文件（Watcher\u002Fsettings.py、.env、docker-compose.yml 以及 Searx\u002Fsearx\u002Fsettings.yml）现在都统一使用端口 8080 来访问 Searx。\n\n这确保了 Watcher 能够正确地查询 Searx，而不会遇到连接错误。\n\n## 更新步骤\n\n请按照以下[流程](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#update-watcher)进行操作：\n\n1. 从仓库拉取最新的 Docker 镜像。\n2. 停止正在运行的容器：\n   ```bash\n   docker compose down\n   ```\n3. 更新您的 `.env` 文件：\n   - 检查 `DATA_LEAK_SEARX_URL`。\n4. 重新构建并启动容器：\n   ```bash\n   docker compose down\n   docker compose up\n   ```\n\n## 变更内容\n\n### Searx 端口标准化：\n- **修复了默认端口不一致的问题**（8080 对 8888）。Watcher 现在始终使用 http:\u002F\u002Fsearx:8080\u002F。\n- 如果设置了 `DATA_LEAK_SEARX_URL` 环境变量，Watcher 将会尊重该变量，从而支持自定义的 Searx 主机和端口。\n\n### 数据泄露模块\n- 修复了一些小 bug，并改进了通知处理机制。\n\n\n**完整变更日志**：https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv2.4...v2.4.1","2025-09-09T09:00:21",{"id":201,"version":202,"summary_zh":203,"released_at":204},351826,"v2.4","# v2.4\n\n本次发布对 **Threat Watcher** 模块进行了重大改进，包括全新的词语可靠性评分、最先进的命名实体识别（NER）功能、更少的误报、更智能的趋势算法，以及多项错误修复和优化。\n\n## Docker 更新步骤\n\n请按照此 [流程](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#update-watcher) 进行操作：\n\n**[警告] 手动删除步骤：**\n\n此操作将永久删除 Source、BannedWord 和 TrendyWord 表中的所有现有数据。  \n如果您有自定义来源、禁用词或其他关键数据，请务必在继续操作前将其备份或导出。\n\n\n首先，为避免冲突，请清理现有数据。请按以下顺序在 Django shell 中运行命令：\n   ```bash\n   python manage.py shell -c \"from threats_watcher.models import Source, BannedWord, TrendyWord; Source.objects.all().delete(); BannedWord.objects.all().delete(); TrendyWord.objects.all().delete()\"\n   ```\n\n然后继续执行更新步骤：\n\n1. 从仓库拉取最新的 Docker 镜像。\n\n2. **停止所有容器：**\n   ```bash\n   docker compose down\n   ```\n   \n3. **应用数据库迁移** 并 **使用新的黑名单和来源重新填充数据库**（新增字段）：\n   ```bash\n   docker compose run watcher bash\n   python manage.py migrate\n   python manage.py populate_db\n   ```\n   \n4. **重启容器**：\n    ```bash\n    docker compose up\n   ```\n   \n\u003Cdetails> \u003Csummary>\u003Cb>如果您不使用 Docker 运行 Watcher\u003C\u002Fb>\u003C\u002Fsummary> \n\n### 1. 安装所有系统依赖项\n   ```bash\n    sudo apt update && sudo apt install -y \\\n        build-essential \\\n        libsasl2-dev \\\n        libldap2-dev \\\n        libssl-dev \\\n        curl \\\n        git\n   ```\n### 2. 安装 Rust（用于 tokenizers\u002Ftransformers）\n   ```bash\n  curl https:\u002F\u002Fsh.rustup.rs -sSf | sh -s -- -y\n  source $HOME\u002F.cargo\u002Fenv\n   ```\n### 3. （重新）安装 Python 依赖项\n   ```bash\n  pip install --upgrade pip\n  pip install --no-cache-dir -r requirements.txt\n   ```\n### 4. 安装支持 CPU 的 torch、torchvision 和 torchaudio\n   ```bash\n  pip install --extra-index-url https:\u002F\u002Fdownload.pytorch.org\u002Fwhl\u002Fcpu torch==2.2.0 torchvision==0.17.0 torchaudio==2.2.0\n   ```\n### 5. 安装 NLTK 依赖项\n   ```bash\n  python .\u002Fnltk_dependencies.py\n   ```\n\u003C\u002Fdetails>\n\n## 变更内容\n\n### ThreatWatcher – 重大改进\n\n* **每个趋势词的可靠性评分：**\n  * `sources.csv` 中的每个来源现在都包含一个 `confident` 分数（1 = 100%，2 = 50%，3 = 20%）。\n  * 每个词的可靠性是其出现过的来源的平均置信度。\n  * UI 中新增字段（“可靠性 %”列）。\n\n* **实体提取现采用 BERT-base-NER：**\n  * 新闻标题中的词语\u002F实体检测能力得到提升。\n  * 所需的黑名单规模缩小了 10 倍；黑名单文件体积显著减小。\n  * 误报数量大幅减少。\n  * 更多信息…","2025-07-31T13:53:08",{"id":206,"version":207,"summary_zh":208,"released_at":209},351827,"v2.3","# v2.3\n\n此版本引入了**自动化测试覆盖率的重大提升**，从而提高了后端和前端的可靠性。目标是确保 Watcher 中的每一项新功能或修改都有强大的自动化单元测试作为支撑。此次更新直接增强了项目在各个模块中的稳定性和可维护性。\n\n## 更新流程\n\n本版本无需进行破坏性更改或配置调整。不过，贡献者必须遵循更新后的测试命令及规范，详情请参阅更新后的[文档](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#unit-testing)。\n\n## 变更内容\n\n### 测试覆盖率\n\n#### 单元测试（后端）\n\n* 覆盖主要后端模块的**99 个 Django 单元测试**：\n  * `common\u002Ftests.py`\n  * `watcher\u002Ftests.py`\n  * 各模块独立的 `tests.py` 文件\n\n#### 端到端测试（前端，使用 Cypress）\n\n* **4 套功能齐全的 Cypress 测试套件**，覆盖整个前端应用：\n  * `DataLeak.cy.js`：31 个测试\n  * `DnsFinder.cy.js`：32 个测试\n  * `SiteMonitoring.cy.js`：26 个测试\n  * `ThreatsWatcher.cy.js`：31 个测试\n* **总计 120 个 Cypress 测试均已成功通过**，无任何失败或待处理案例。\n\n### CI\u002FCD 集成\n\n* **所有测试均通过 GitHub Actions 在我们的 CI\u002FCD 流水线中自动执行**：\n  * 触发时机：推送、拉取请求以及手动触发工作流\n  * 执行情况：后端和前端测试均自动运行\n  * 覆盖范围：代码集成前会全面验证测试套件\n\nCI\u002FCD 工作流确保：\n* 不会有损坏的代码合并到主分支\n* 所有新功能都经过充分测试\n\n## 开发者注意事项\n\n所有测试命令现在都必须从 `Watcher\u002FWatcher` 目录下运行：\n\n```bash\ncd Watcher\u002FWatcher\n```\n\n### 后端测试\n\n运行所有 Django 单元测试：\n```bash\npython manage.py test\n```\n\n### 前端测试\n\n在运行前端测试之前，需要创建一个用于测试的超级用户：\n```bash\npython manage.py shell -c \"\nfrom django.contrib.auth.models import User\nUser.objects.create_superuser('Watcher', 'cypress@watcher.com', 'Watcher', first_name='Unit-Test Cypress', last_name='Watcher')\"\n```\n\n运行所有 Cypress 测试：\n```bash\nnpm run test:e2e\n```\n\n如需了解更多关于这些命令及其他说明，请参考[文档](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#unit-testing)。\n\n## 重要性\n\n本次更新为更加健壮且可扩展的 Watcher 生态系统奠定了基础。通过强制实施**测试驱动开发**和**自动化验证**，我们能够实现更快的发布速度、更少的回归问题，并为贡献者提供更整洁的开发体验。\n\n即日起：所有拉取请求必须包含针对新增功能的测试。若 PR 缺乏足够的测试覆盖，可能会被拒绝。\n\n**完整变更日志**：https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv2.2.0...v2.3","2025-07-23T14:18:25",{"id":211,"version":212,"summary_zh":213,"released_at":214},351828,"v2.2.0","# v2.2.0\r\n\r\nThis release focuses on a **complete overhaul of the MISP integration**, improved code modularity, and the resolution of **several front-end and dependency issues**. It also addresses important issues such as [#2](https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fissues\u002F2) (creating MISP objects instead of attributes) and [#206](https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fissues\u002F206) (HTTP 500 errors when exporting IOC), improving overall export reliability and functionality. These updates aim to increase stability, maintainability, and flexibility when using Watcher with MISP.\r\n\r\n## Update Procedure\r\n\r\nPlease follow this [process](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#update-watcher) : \r\n\r\n1. Pull the latest Docker image from the repository.\r\n2. Apply any migrations: \r\n    ```bash\r\n    docker compose down\r\n    docker compose run watcher bash\r\n    python manage.py migrate\r\n    ```\r\n3. Update your `.env` file:\r\n    - Check `MISP_URL`, `MISP_KEY`, and `MISP_VERIFY_SSL`.\r\n4. Rebuild and restart containers with : \r\n    ```bash\r\n    docker compose down\r\n    docker compose up\r\n    ```\r\n\r\n[WARNING] If you were using custom scripts for MISP export, you will need to adapt them to the new [`common.misp`](https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fblob\u002Fmaster\u002FWatcher\u002FWatcher\u002Fcommon\u002Fmisp.py) module.\r\n\r\n## What’s Changed\r\n\r\n### MISP Integration Redesign\r\n- **New centralized MISP logic**: The `common` module now handles all MISP-related interactions by @ygalnezri in [#207](https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F207)\r\n- **Shared MISP module** across all features (e.g. `dns_finder`, `website_monitoring`), avoiding code duplication.\r\n- Possibility to specify a **MISP Event UUID** when exporting IOCs:\r\n  - If the UUID exists, Watcher will detect and update the corresponding event.\r\n  - Full support for both **automatic** and **manual** updates.\r\n  - Enhanced export logic for MISP objects with support for object creation (e.g., domain, ip-port).\r\n\r\n    This redesign addresses key issues including [#2](https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fissues\u002F2) (creating MISP objects instead of attributes) and [#206](https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fissues\u002F206) (HTTP 500 error when exporting IOC in Twisted DNS finder).\r\n\r\nFor **more details on the new MISP integration**, the `MISP Export` section of the documentation has been fully updated: [`MISP Export`](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#misp-exporty)\r\n\r\n- Change your variable name based on the new .env format: the setting has been renamed from `ALLOWED_HOST` to `ALLOWED_HOSTS`. You must now explicitly define it in `.env` (e.g., `ALLOWED_HOSTS=localhost,127.0.0.1`) to match your environment's domain list. This update ensures proper host validation in `settings.py` and prevents runtime errors during container startup by @ygalnezri in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F185\r\n\r\n### Dependency and Security Updates\r\n- Fixed minor display issues detected during development\r\n- Bump @babel\u002Fruntime from 7.26.0 to 7.27.0 in \u002FWatcher by @dependabot [#189](https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F189)\r\n- Bump axios from 1.7.9 to 1.8.2 in \u002FWatcher by @dependabot [#190](https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F190)\r\n- Bump react-router and react-router-dom in \u002FWatcher by @dependabot [#191](https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F191)\r\n\r\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv2.1.4...v2.2.0","2025-07-02T12:07:27",{"id":216,"version":217,"summary_zh":218,"released_at":219},351829,"v2.1.4","# v2.1.4\r\n\r\nThis update focuses on improving stability in the site monitoring process and fixing environment configuration issues related to host validation.\r\n\r\n## Update Procedure\r\n\r\nPlease follow this [process](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#update-watcher).\r\n\r\n## What’s Changed\r\n\r\n- Change your variable name based on the new .env format: the setting has been renamed from `ALLOWED_HOST` to `ALLOWED_HOSTS`. You must now explicitly define it in `.env` (e.g., `ALLOWED_HOSTS=localhost,127.0.0.1`) to match your environment's domain list. This update ensures proper host validation in `settings.py` and prevents runtime errors during container startup by @ygalnezri in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F185\r\n- **Resolved an issue in `SiteSerializer` and `monitoring_init` function**, allowing for smooth execution of the site monitoring process without blocking subsequent domain additions by @ygalnezri in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F185  \r\n\r\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv2.1.3...v2.1.4","2025-04-09T12:56:16",{"id":221,"version":222,"summary_zh":223,"released_at":224},351830,"v2.1.3","# v2.1.3\r\n\r\nThis update improves domain name validation and fixes issues related to regex validation for Domain Name & Ticket ID. Additionally, a bug in the search functionality for the Alert model in the DNS Finder and Data Leak modules has been resolved.\r\n\r\n## Update Procedure  \r\n\r\nPlease follow this [process](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#update-watcher).\r\n\r\n## What’s Changed  \r\n\r\n- **Fixed regex validation for Domain Name & Ticket ID on the front-end**, ensuring accurate input validation by @ygalnezri  \r\n- **Improved domain name validation with [tldextract](https:\u002F\u002Fpypi.org\u002Fproject\u002Ftldextract\u002F)**, enhancing reliability in domain handling by @ygalnezri  \r\n- **Fixed a bug in search functionality for the Alert model**, resolving issues in the DNS Finder and Data Leak modules on the admin interface by @ygalnezri\r\n- **Refactored the site creation method** in Site Monitoring module by @radomir-mijovic\r\n\r\n## New Contributors\r\n* @radomir-mijovic made their first contribution in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F179\r\n\r\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv2.1.2...v2.1.3","2025-04-02T14:34:03",{"id":226,"version":227,"summary_zh":228,"released_at":229},351818,"v3.3.0","# v3.3.0\n\n本次发布引入了部署基础设施、数据泄露监控能力以及 SSL 证书跟踪的重大增强。更新重点在于通过现代化的模块化部署系统提升运维灵活性，新增关键字的正则表达式匹配功能，迁移到积极维护的 SearxNG 项目，实现全面的 SSL 证书过期监控，并且**引入本地 CertStream 服务器以改进证书透明度监控**。\n\n## ⚠️ 重要提示 - 破坏性变更\n\n这是一次**重大基础设施更新**，需要手动进行配置更改：\n\n- ✅ 必须将**新的 CertStream 服务**添加到 `docker-compose.yml`\n- ✅ **SearxNG 迁移**：服务名称由 `searx` 改为 `searxng`\n- ✅ **环境变量**：需在 `.env` 文件中更新三个变量\n- ✅ **配置文件**：需要新建 `certstream-config.yaml`\n- ✅ **数据库迁移**：新增用于正则表达式关键字和 SSL 跟踪的字段\n\n## 更新步骤\n\n### 对于现有部署：\n\n**重要提示**：本版本包含显著的基础设施变更，请务必仔细按照以下步骤操作。\n\n#### 第一步：备份数据\n\n在继续操作之前，请确保已完整备份数据库和配置文件。\n\n#### 第二步：拉取最新版本\n\n```bash\ndocker compose pull\n```\n\n#### 第三步：停止正在运行的容器\n\n```bash\ndocker compose down\n```\n\n#### 第四步：更新 docker-compose.yml\n\n本版本引入了一个用于本地证书透明度监控的**CertStream**服务。请按以下更改更新您的 `docker-compose.yml` 文件：\n\n1. **添加 CertStream 服务**（在 `searxng` 服务之前添加此部分）：\n   ```yaml\n   certstream:\n     container_name: certstream\n     image: 0rickyy0\u002Fcertstream-server-go:latest\n     restart: always\n     networks:\n       default:\n         ipv4_address: 10.10.10.7\n     volumes:\n       - .\u002Fcertstream-config.yaml:\u002Fapp\u002Fconfig.yaml:ro\n     ports:\n       - \"8080:8080\"\n     healthcheck:\n       test: [\"CMD\", \"curl\", \"-f\", \"http:\u002F\u002Flocalhost:8080\u002F\"]\n       interval: 10s\n       timeout: 5s\n       retries: 5\n       start_period: 10s\n     environment:\n       - TZ=${TZ}\n   ```\n\n2. **将 Searx 服务重命名为 searxng**：\n   - 将 `container_name: searx` 更改为 `container_name: searxng`\n   - 将 `hostname: searx` 更改为 `hostname: searxng`\n   - 将镜像从 `searx\u002Fsearx:1.1.0-69-75b859d2` 更新为 `searxng\u002Fsearxng:latest`\n   - 将卷挂载路径从 `.\u002FSearx\u002Fsearx:\u002Fetc\u002Fsearx:rw` 更改为 `.\u002FSearx\u002Fsearx:\u002Fetc\u002Fsearxng:rw`\n   - 删除 `command: ${SEARX_COMMAND:-}` 行（不再需要）\n\n3. **更新 Watcher 服务的依赖关系**：\n   ```yaml\n   depends_on:\n     db_watcher:\n       condition: service_healthy\n     searxng:\n       condition: service_started\n     certstream:\n       condition: service_healthy\n   ```\n\n4. **为 db_watcher 添加健康检查**（如果尚未存在）","2026-02-18T16:39:06",{"id":231,"version":232,"summary_zh":233,"released_at":234},351819,"v3.2.2","# v3.2.2\n\n本次发布引入了一个**新的威胁情报源**，并重点改进了**Threats Watcher**模块，以更好地跟踪新兴的**网络安全威胁和行业动态**。同时，还进行了若干小的更新，以支持这一新源类型、提升数据采集的可靠性，并优化源分类。\n\n## 更新步骤\n\n本版本没有破坏性变更或配置要求。不过，贡献者需确保遵循更新后的测试命令和规范，详情请参阅更新后的[文档](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#update-watcher)。\n\n由于本次发布新增了源并更新了现有源，您应**重新填充数据库**，以纳入最新的黑名单和RSS源：\n```bash\ndocker compose down\ndocker compose run watcher bash\npython manage.py populate_db\n```\n\n## 变更内容\n\n### Threats Watcher 改进\n\n* 新增**[Bluesky](https:\u002F\u002Fbsky.app\u002F)**作为监控网络安全威胁与讨论的新源。\n* 优化了`fetch_last_posts`逻辑，以支持Bluesky特有的数据格式和行为。\n* 添加了自定义**User-Agent**，以提高外部源抓取的可靠性。\n* 对现有源进行了清理和规范化处理，以提升一致性和相关性。\n\n### 源管理更新\n\n* 更新了`sources.csv`文件，新增了专注于网络安全威胁与趋势的**Bluesky RSS订阅源**。\n* 引入并细化了**源可信度分类**，以更准确地反映其可靠性和信任水平。\n* 移除了过时或冗余的源，从而提升信噪比。\n\n**完整变更日志**：https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv3.2.0...v3.2.2","2025-12-19T16:13:53",{"id":236,"version":237,"summary_zh":238,"released_at":239},351820,"v3.2.1","# v3.2.1\n\n本次发布主要聚焦于 **数据泄露** 和 **DNS 查找器** 模块的稳定性和健壮性提升，并同步更新了文档。修复了与数据验证、渲染安全及边缘情况处理相关的若干小 bug，从而提升了整体可靠性，同时未引入任何破坏性变更。\n\n## 更新步骤\n\n本版本无需进行破坏性变更或配置调整。不过，贡献者需确保按照更新后的 [文档](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#update-watcher) 中所列的测试命令和规范执行操作。\n\n## 变更内容\n\n### Bug 修复与稳定性改进\n\n#### 数据泄露模块\n\n* 在处理缺失或不完整数据的告警时，整体稳定性得到提升。\n* 归档告警和活跃告警的过滤机制更加可靠。\n* 对 URL 的处理更加安全，避免显示问题和意外错误。\n* 从告警中提取域名时的容错能力进一步增强。\n\n#### DNS 查找器模块\n\n* 显示告警数据时的健壮性有所提高。\n* 对缺失或不完整域名信息的处理更加安全。\n* 告警列表和归档告警视图中出现 UI 错误的风险降低。\n* 当告警数据部分缺失时，行为更加一致。\n\n### 文档更新\n\n* 更新了 `README.md`，以反映近期的变更和改进。\n* 对整体文档进行了更新，以提升清晰度和一致性。\n\n**完整变更日志**：https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv3.1.0...v3.2.1","2025-12-17T12:02:59",{"id":241,"version":242,"summary_zh":243,"released_at":244},351821,"v3.2.0","# v3.2.0\n\n此版本在 Watcher 各模块的性能和数据完整性方面实现了重大提升。引入了完整的后端支持、增强的验证逻辑以及优化的用户体验。此次更新显著提高了应用程序的响应速度和可维护性，尤其适用于大型数据集。\n\n## 更新步骤\n\n本版本无破坏性变更，也不需要进行任何配置调整。不过，贡献者必须确保遵循更新后的测试命令及规范，具体说明请参阅更新后的[文档](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#update-watcher)。\n\n## 变更内容\n\n### 性能与分页\n\n#### 后端\n\n* 为4个模块新增了 API 分页功能。\n* 端点现支持以下参数：\n  ```\n  ?page=\u003C页码>&page_size=\u003C每页条数>\n  ```\n* 默认 `page_size`：**100**（可配置范围为 1 至 1000）。\n* 向后兼容现有客户端。\n* 性能显著提升：\n  * 大型数据集加载时间由约 15 秒缩短至约 1–2 秒。\n  * 大规模集合的内存占用降低约 60%。\n  * 使用 `select_related()` 优化查询性能。\n* 现已实现分页的模块包括：\n  * 数据泄露（关键词、告警）\n  * 网站监控（站点、告警）\n  * DNS 查找（已监控 DNS、已监控关键词、扭曲 DNS、告警）\n  * 合法域名\n\n* 渐进式后台加载：\n  * 前 100 条数据立即加载。\n  * 剩余数据以每 300 毫秒一批的方式在后台异步加载。\n\n### 数据验证与完整性\n\n* 跨模块重复检测：\n  * 防止将已存在于网站监控中的域名添加到合法域名模块，反之亦然。\n  * 提供清晰的冲突验证提示信息。\n\n* 域名验证改进：\n  * 通配符域名（如 `*.example.com`）现已正确清理并验证。\n  * 不合法的域名格式将被拒绝，并显示更友好的错误信息。\n\n### 用户体验优化\n\n* 认证导航：登录\u002F登出操作现会保留当前页面，而非跳转至首页。\n* 威胁观察器 – 文章分页：对于较长的列表，单词详情视图现已支持分页。\n* 合法域名：完整显示评论内容，并提供“显示更多”\u002F“显示更少”切换按钮。\n* 过滤器与状态持久化：日期范围及自定义过滤器将保存至 `localStorage`，并在页面重新加载时恢复。\n\n\n**完整变更日志**：https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv3.0.1...v3.2.0","2025-12-16T15:29:53",{"id":246,"version":247,"summary_zh":248,"released_at":249},351822,"v3.1.0","# v3.1.0\n\n此版本引入了对 **GitHub Container Registry (GHCR)** 的支持，作为主要的容器分发方式，同时保持与 Docker Hub 的向后兼容性。这一战略调整确保了与 GitHub 生态系统的更好集成，并提升了容器部署的可靠性。\n\n**重要提示：** Docker Hub 支持将于 **2026年2月28日** 停止。请在此日期之前迁移到 GitHub Container Registry。\n\n## 更新步骤\n\n请按照以下流程操作：\n\n### 对于使用 Docker Hub 的用户（当前方式）：\n\n```bash\ndocker compose pull\ndocker compose down\ndocker compose up -d\n```\n\n### 对于使用 GitHub Container Registry 的用户（必须操作）：\n\n1. 更新 `docker-compose.yml` 文件，使用新的 GHCR 镜像：\n\n```yaml\nservices:\n  watcher:\n    image: ghcr.io\u002Fthalesgroup-cert\u002Fwatcher:latest\n    # ...其余配置\n```\n\n2. 拉取镜像并重启：\n\n```bash\ndocker compose pull\ndocker compose down\ndocker compose up -d\n```\n\n## 变更内容\n\n### 基础设施与分发\n\n**GitHub Container Registry 集成**\n- 主要容器分发现已通过 `ghcr.io\u002Fthalesgroup-cert\u002Fwatcher` 进行\n- 与 GitHub 发布和标签原生集成\n- 结合 GitHub 的包安全扫描，安全性更高\n\n**Docker Hub 弃用**\n- Docker Hub 支持将持续至 **2026年2月28日**\n- 所有工作流现包含弃用警告\n- 在 Docker Hub 相关步骤中启用 `continue-on-error: true`，以防止构建失败\n- 过渡期内，两个注册表将接收完全相同的镜像\n\n**CI\u002FCD 改进**\n- 所有 GitHub Actions 工作流已更新至 v5 版本，用于 build-push-action\n- 使用 QEMU v3 提升多平台构建支持\n\n### 迁移时间线\n\n- **即日起至2026年2月28日：** 同时支持 Docker Hub 和 GHCR\n- **2026年2月28日：** Docker Hub 支持终止\n- **2026年2月28日之后：** 仅支持 GHCR\n\n### 可用镜像\n\n**GitHub Container Registry（推荐）：**\n- 最新版本：`ghcr.io\u002Fthalesgroup-cert\u002Fwatcher:latest`\n- 测试版本：`ghcr.io\u002Fthalesgroup-cert\u002Fwatcher:test`\n- 版本化：`ghcr.io\u002Fthalesgroup-cert\u002Fwatcher:v3.1.0`\n\n**Docker Hub（已弃用）：**\n- 最新版本：`felix83000\u002Fwatcher:latest`\n- 测试版本：`felix83000\u002Fwatcher:test`\n- 版本化：`felix83000\u002Fwatcher:v3.1.0`\n\n**完整变更日志**：https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv3.0.1...v3.1.0","2025-11-19T15:52:42",{"id":251,"version":252,"summary_zh":253,"released_at":254},351823,"v3.0.1","# v3.0.1\n\n本次更新在提升文档质量和用户体验的同时，通过升级依赖项确保了系统的安全性和稳定性。\n\n## 更新步骤\n\n请按照此[流程](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#update-watcher)进行操作。\n\n## 变更内容\n\n### 安全与依赖\n- **将 Django 从 5.2.7 升级至 5.2.8 版本** - 确保框架应用了最新的安全补丁和性能优化，由 @ygalnezri 实现。\n  \n### 文档与用户体验\n- **优化 README.md** - 新增章节，并将静态图片替换为动态 GIF 动画，以提供更加生动、吸引人的文档体验，由 @ygalnezri 完成。\n- **新增 CONTRIBUTING.md** - 制定了全面的贡献指南，旨在鼓励和方便社区成员参与 Watcher 项目的开发与维护，由 @ygalnezri 创建。\n\n**完整变更日志**: https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv3.0...v3.0.1","2025-11-12T14:52:35",{"id":256,"version":257,"summary_zh":258,"released_at":259},351824,"v3.0","# v3.0\n\nWatcher v3.0 标志着平台的一次重大演进，带来了全面现代化的基础设施、更强大的威胁情报能力以及显著提升的用户体验。本次发布引入了集中式数据管理、基于 AI 的威胁分析、高级域名追踪功能，以及全新设计的界面，使操作更加高效、直观。\n\n**重要提示**：此版本包含重大的数据库模式变更。请务必在升级前进行完整备份，以防止数据丢失。\n\n## 更新步骤\n\n请按照以下流程操作：\n\n1. 从仓库拉取最新的 Docker 镜像  \n   ```bash\n   docker compose pull\n   ```\n2. 执行数据库迁移：\n   ```bash\n   docker compose down\n   docker compose run watcher bash\n   python manage.py migrate\n   ```\n3. 更新 `.env` 文件，并检查新的每周摘要和突发新闻设置。默认配置如下：\n   ```env\n   WEEKLY_SUMMARY_DAY=Monday\n   WEEKLY_SUMMARY_HOUR=9:30\n   BREAKING_NEWS_THRESHOLD=15\n   ```\n   您可以根据自己的偏好调整这些时间安排和阈值。\n4. 重建并重启容器：\n   ```bash\n   docker compose down\n   docker compose up -d\n   ```\n\n## 新特性\n\n### 核心基础设施与数据库\n\n**合法域名模块**\n- 新增 `LegitimateDomain` 模块，用于跟踪企业批准的域名\n- 支持到期日期、续费状态及联系人信息\n- 提供专用 API，支持搜索、排序以及完整的 CRUD 操作\n\n**增强的域名追踪功能**\n- 在 `Website Monitoring` 模块中新增字段：`registrar`（注册商）、`legitimacy`（合法性）、`domain_expiry`（域名到期日）、`takedown_request`（删除请求）、`legal_team`（法务团队）和 `blocking_request`（封禁请求）\n- 支持 RDAP 告警，用于追踪注册信息变更\n\n**威胁 Watcher 摘要系统**\n- 新增 `Summary` 模型，支持每周摘要和突发新闻告警\n- 由 AI 生成内容，提取 CVE 编号、组织和威胁行为者信息\n\n**集中式日志系统**\n- 引入新的 `Logger` 依赖项，提供统一的应用级日志记录层\n- 所有模块的日志格式和路由保持一致\n- 提供上下文化的日志级别（调试、信息、警告、错误、严重），并在开发模式下支持彩色输出\n\n### RDAP 和 WHOIS 发现\n\n**全面的发现系统**\n- `RDAPDiscovery` 类具备自动 TLD 端点检测和回退机制；`WhoisDiscovery` 类则用于 RDAP 数据不可用的情况\n- 定期对缺少注册商信息的域名执行自动化查询\n\n**智能域名更新**\n- 当域名状态在“可用”、“已禁用”和“已注册”之间切换时，自动更新其“合法性”状态\n- 实时跟踪 RDAP\u002FWHOIS 告警，包括注册商变更和到期日通知\n\n### 通知系统增强\n\n**增强的平台支持**\n- 改进了 TheHive 集成，实现智能化的告警和案件创建\n- 新增专门的 Slack 和 Citadel 消息处理器，具有应用特定的","2025-11-03T15:01:33",{"id":261,"version":262,"summary_zh":263,"released_at":264},351831,"v2.1.2","# v2.1.2\r\n\r\nThis update fixes the handling of parent domain actions in DNS Finder, improving tagging accuracy in TheHive. It also enhances TheHive integration by resolving an issue that prevented the creation of grouped alerts for DNS Finder. Additionally, RSS sources have been updated, with obsolete sources removed and new, relevant cybersecurity sources added. Lastly, a time-based verification mechanism has been introduced in Website Monitoring to prevent duplicate alerts from being generated unnecessarily.\r\n## Update Procedure  \r\n\r\n[WARNING] **RSS Sources Update**:  \r\n\r\nWe have removed obsolete RSS sources and replaced them with new sources related to cybersecurity. To populate the new RSS sources, run the following command:\r\n\r\n```bash\r\npython manage.py populate_db\r\n```\r\n\r\nRefer to the updated documentation for details: [Update Watcher](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#populate-your-database).\r\n\r\n## What’s Changed  \r\n\r\n- **Fixed incorrect action handling for parent domains in DNS Finder**, improving tagging accuracy in TheHive by @ygalnezri  \r\n- **Resolved the issue preventing group alerts from being created in TheHive for DNS Finder** by @ygalnezri\r\n- **Updated RSS sources**, adding relevant ones and removing obsolete ones by @ygalnezri\r\n- **Fixed duplicate alerts in Website Monitoring**, adding a time interval check to prevent unnecessary duplicates by @ygalnezri\r\n- **Fixed domain identification logic in DNS Finder**, ensuring proper handling of TLDs with multiple segments (e.g., second-level TLDs) by @ygalnezri\r\n- v2.1.2 by @ygalnezri in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F171\r\n\r\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv2.1.1...v2.1.2","2025-03-06T16:07:50",{"id":266,"version":267,"summary_zh":268,"released_at":269},351832,"v2.1.1","# v2.1.1\r\n\r\nThis release improves TheHive integration, refining TLP, PAP, Severity, and observable tags, while enhancing alert and case management. The system now verifies existing entries before updating them with new observables, preventing duplicates. Additionally, Dockerfile optimizations enhance container performance and security.\r\n\r\nWatcher now has the ability to automatically feed cases and alerts by adding DNS Finder alerts linked to a monitored domain in Website Monitoring. Watcher will add subdomains to the case or alert of the parent domain and automatically update it.\r\n\r\n---\r\n\r\n## Update Procedure  \r\n\r\nPlease follow this [process](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#update-watcher).\r\n\r\n   - If you want, you can update the [`.env`](https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fblob\u002Fmaster\u002F.env) configuration to include credentials and endpoints for  TheHive and other notification channels. Refer to the updated documentation for details: [Update Watcher](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#subscribe-to-notifications). \r\n\r\n---\r\n\r\n## What’s Changed \r\n- This release enhances TheHive integration, ensuring alerts and cases are automatically updated with new observables for better incident tracking by @ygalnezri.\r\n   - Watcher now automatically feeds cases and alerts by adding DNS Finder alerts linked to a monitored domain in Website Monitoring. Subdomains are added to the case or alert of the parent domain, ensuring they are automatically updated.\r\n- Refined TLP, PAP, Severity, and observable tags, improving classification and response accuracy by @ygalnezri.\r\n- Optimized the `Dockerfile` following best practices, improving performance and security by @0xlildoudou in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F163\r\n- Bump django from 5.0.10 to 5.0.11 in \u002FWatcher by @dependabot in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F168\r\n\r\n---\r\n\r\n## New Contributors\r\n* @0xlildoudou made their first contribution in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F163\r\n\r\n---\r\n\r\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv2.1...v2.1.1","2025-02-12T10:07:15",{"id":271,"version":272,"summary_zh":273,"released_at":274},351833,"v2.1","# v2.1  \r\n\r\nThis release focuses on a major transformation of the notification system, introducing new integrations with TheHive, Citadel, and Slack, alongside an enhancement to email notifications. Users can now automate alert creation in TheHive, send notifications via Citadel's APIs, and streamline team communication through Slack. Additionally, email notifications have been upgraded to SMTPS for improved security. These updates aim to enhance communication, security, and collaboration across multiple platforms.\r\n\r\n\r\n## Update Procedure  \r\n\r\n**[MANDATORY] Update Watcher:**  \r\nThis version includes significant changes to the notification system. It is essential to follow these steps:  \r\n\r\n1. Pull the latest Docker image from the repository.  \r\n2. Update your `docker-compose.yml` file as per the latest version on GitHub.  \r\n3. Apply migrations for the newly created module:  \r\n   ```bash\r\n   python manage.py migrate\r\n   ```  \r\n4. Update configurations in the `.env` file to include credentials and endpoints for the new notification channels. Refer to the updated documentation for details: [Update Watcher](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#subscribe-to-notifications).  \r\n\r\n\r\n## New Features  \r\n\r\n* **Common Module Implementation:**  \r\n  A new Django app has been introduced to centralize generic functions shared by multiple modules. This update simplifies the codebase and enhances maintainability.  \r\n\r\n* **Notification System Creation:**  \r\n  * **Email Notifications via SMTPS:**  \r\n    Transitioned from SMTP to SMTPS for enhanced security. More details and information about this: [Configure your Email notifications](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#configure-your-email-notifications) by @ygalnezri.  \r\n  * **TheHive Integration:**  \r\n    Automatic alert creation in **TheHive** via APIs. More details and information about this: [Configure your TheHive notifications](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#configure-your-thehive-notifications) by @ygalnezri. \r\n  * **Citadel Integration:**  \r\n    Notifications are now supported through the enterprise application **Citadel** via APIs. More details and information about this: [Configure your Citadel notifications](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#configure-your-citadel-notifications) by @ygalnezri.\r\n  * **Slack Notifications:**  \r\n    Notifications can now be delivered directly through Slack via APIs for better team collaboration. More details and information about this: [Configure your Slack notifications](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#configure-your-slack-notifications) by @ygalnezri.\r\n\r\n## What’s Changed \r\n* Redesigned email templates for improved clarity and user experience by @ygalnezri.\r\n* Refactored the `docker-compose.yml` file to use env_file for better readability and reduced redundancy by @ygalnezri.\r\n* Updated the `Dockerfile` to align with the latest best practices for Django applications by @ygalnezri.\r\n* Revised documentation to provide detailed setup instructions for the new notification system and its integrations by @ygalnezri\r\n* v2.1 by @ygalnezri in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F166\r\n\r\n\r\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv2.0.2...v2.1","2025-01-09T13:08:29",{"id":276,"version":277,"summary_zh":278,"released_at":279},351834,"v2.0.2","## What's Changed\r\n* Bump path-to-regexp and react-router-dom in \u002FWatcher by @dependabot in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F156\r\n* Bump django from 5.0.8 to 5.0.9 in \u002FWatcher by @dependabot in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F158\r\n\r\n\r\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv2.0.1...v2.0.2","2024-11-07T09:20:56",{"id":281,"version":282,"summary_zh":283,"released_at":284},351835,"v2.0.1","## What's Changed\r\n* Bump django from 5.0.7 to 5.0.8 in \u002FWatcher by @dependabot in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F149\r\n* Bump webpack from 5.76.0 to 5.94.0 in \u002FWatcher by @dependabot in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F153\r\n* Bump axios from 1.7.2 to 1.7.4 in \u002FWatcher by @dependabot in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F154\r\n\r\n\r\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv2.0...v2.0.1","2024-09-09T14:42:41",{"id":286,"version":287,"summary_zh":288,"released_at":289},351836,"v2.0","This release aims to make the existing API easily usable, in order to facilitate communication with Watcher for other software. It also aims to correct several existing anomalies.\r\n\r\n## Update Procedure\r\n\r\n**[MANDATORY] Please follow this process:**  \r\nThis version includes breaking changes, so it is mandatory to follow this process: [Update Watcher](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#update-watcher)\r\n\r\n\r\n**[WARNING] RSS-Bridge Removal:**  \r\n[RSS-Bridge](https:\u002F\u002Fgithub.com\u002FRSS-Bridge\u002Frss-bridge) is not needed anymore. We used it to obtain RSS flow from X (Twitter). Due to changes in the pricing of the X API, this is no longer functional.  \r\nTherefore, we have removed the RSS-Bridge container and replaced it with 200+ new RSS sources related to cybersecurity. Make sure to populate the new RSS sources with the following command:  \r\n```bash\r\npython manage.py populate_db\r\n```  \r\nPlease remove the RSS-Bridge container from your [docker-compose.yml file](https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fblob\u002Fmaster\u002Fdocker-compose.yml) with the latest version available on GitHub.  \r\nYou can also delete all RSS sources associated with the old RSS-Bridge (They are not needed anymore). Here is an example of the formatting: http:\u002F\u002F10.10.10.7\u002F?action=display&bridge=Twitter&context=By+username&u...\r\n\r\n\r\n**[WARNING] MySQL Update:**  \r\nIf you have a version of MySQL >= 8.1.X, please keep your version as it is.  \r\nFor new installations, please use MySQL version 8.0.39 as specified in the latest version of the [docker-compose.yml file](https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fblob\u002Fmaster\u002Fdocker-compose.yml). This version is compatible, maintained, and stable.  \r\nMySQL does not authorize downgrades (MySQL 8.1.X -> MySQL 8.0.39).  \r\nAll versions >= 8.2.X are not compatible with Watcher and may impair its functionality.\r\n\r\n## New Feature\r\n\r\n* Added the ability for users to create one or more API keys (admin). (265e73d84eb1d7c4129b1ff32df5ab4b24400f80)  \r\n  - Added the ability for administrators to create one or more API keys per user to better manage access to API features. This update will allow for more granular permission management and enhance system security. More details and information about this: [API Key Creation & Management](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#api-key-creation-management) by @ygalnezri in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F113\r\n\r\n## What’s Changed\r\n\r\n* Added new relevant RSS sources, removed obsolete ones, and improved the \"banned words\" filters for optimized detection of cyber trends by @ygalnezri in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F107 \r\n* Fixed a bug related to creating or modifying a ticket with a free format, allowing for smoother integration and precise traceability by @ygalnezri in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F129\r\n* Fixed an issue generating false positives in the \"Website monitoring\" module by @ygalnezri in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F137\r\n* Removed the RSS-Bridge container and its related dependencies such as `react-twitter-widgets` by @ygalnezri in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F115\r\n* Fixed an issue allowing duplicate sources to be added in the \"threats_watcher\" section.\r\n* Updated the `docker-compose.yml` file to accommodate the new versions by @ygalnezri in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F112\r\n* Updated the `Dockerfile`, bump `python-nodejs:python3.9-nodejs18` to `python-nodejs:python3.11-nodejs18` by @ygalnezri.\r\n* Revise documentation to include Docker setup instructions, add explanatory notes for the API Key section in the admin section, update the Update Watcher tab, and address other minor corrections by @ygalnezri in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F138\r\n* v2.0 by @ygalnezri in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F144\r\n\r\n* Bump django from 4.1.4 to 4.1.7 in \u002FWatcher by @dependabot in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F93\r\n* Bump webpack from 5.75.0 to 5.76.0 in \u002FWatcher by @dependabot in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F94\r\n* Bump django from 4.1.7 to 4.1.10 in \u002FWatcher by @dependabot in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F98\r\n* Bump semver from 6.3.0 to 6.3.1 in \u002FWatcher by @dependabot in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F99\r\n\r\n## New Contributors\r\n\r\n* @ygalnezri made their first contribution in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F106\r\n* @PoloOctopus made their first contribution in https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fpull\u002F105\r\n\r\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv1.2.13...v2.0","2024-08-14T15:50:56",{"id":291,"version":292,"summary_zh":293,"released_at":294},351837,"v1.2.13","## Update procedure \r\nPlease follow this [process](https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#update-watcher).\r\n   - If you want to update your RSS sources -> https:\u002F\u002Fthalesgroup-cert.github.io\u002FWatcher\u002FREADME.html#populate-your-database \r\n\r\n## What's Changed\r\n* Fix bug in threats watcher core algorithm & Upgrade and replace obsolete dependencies & Rebuild documentation & Upgrade RSS Sources (2c5c195b7857626e6d06e8cdb82c52e4f76c5ec2)\r\n\r\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fthalesgroup-cert\u002FWatcher\u002Fcompare\u002Fv1.2.12...v1.2.13","2022-12-29T18:59:12"]