Thoughts on dumpmon 2.0

[zuBux]

Hey there,

Big fan of dumpmon here! Lately I 've been thinking of contributing to the project and I was trying to think of new features to add. Since you 're planning 2.0 version here are my thoughts:

• More info needs to be logged. Author, titles, date (very important). The previous months I noticed occasional large leaks from govt. organisations. After a few weeks a huge compromise was announced. Keeping track of dates can be useful.
• Adding some optional limits to the mix. Regexes could be selected from command line options or a configuration file (e.x someone may not be interested in cisco dumps)
• Better dump parsing. Keywords, domains etc. Maybe ElasticSearch is better for that? Adding a Kibana (or a custom web) interface could also provide more dynamic filtering and easier monitoring. For example, an organization wants to monitor mail dumps concerning only their domains.

Cheers!

[zuBux]

Another thing that just came to mind. Dump type is limited to one attribute. I understand that this is necessary for twitter (140 chars). If dump type is logged in a DB/logfile it should be a list . A dump can contain multiple types of data (emails, ssh keys etc.).

Maybe a sorted list of tuples that holds the number of appearances of each type. The highest one gets published on twitter, the others are stored in the DB.

[jordan-wright]

Great ideas @zuBux! Let me see what I can I can do.

[zuBux]

I 'll see what I can do too :)