threatdeck

threatdeck is a terminal threat intelligence monitor for tracking security feeds with matching keywords, and generating alerts in the terminal.

It pulls data from many source formats like RSS, Atom feeds, APIs, website scraped sources, and even .onion sources via Tor. It does this to create an aggregated feed to manage all sources for text or regex keyword matching, criticality levels, deduplicated alerts, snippet extraction, and cached article reading.

Alerts can be set automatically and you can categorize their severity (Low, Medium, High, and Critical) based on the keywords being monitored. In the TUI dashboard, it shows seven day trend views, recent alerts, feed health monitoring, and a criticality distribution which shows the number of matched security threats that are from Low to Critical.

This tool is handy for those who are security researchers, threat analysts, solo researchers or anyone who is interested in monitoring threat feeds in their job. Combined with the ability to send alerts via email, webhooks, or discord makes threatdeck useful.