Cybersecurity-Projects/PROJECTS/advanced/monitor-the-situation-dashb...
dependabot[bot] b326ad00e5
chore(deps): bump golang.org/x/net
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.52.0 to 0.55.0.
- [Commits](https://github.com/golang/net/compare/v0.52.0...v0.55.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.55.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-03 16:26:38 +00:00
..
backend chore(deps): bump golang.org/x/net 2026-07-03 16:26:38 +00:00
conf fix: resolve CI lint failures across frontend and Go projects 2026-05-08 05:40:04 -04:00
frontend chore(deps): bump axios 2026-06-01 16:48:39 +00:00
learn add learn folder to IM MONITORING THE SITUATION DASHBOARD project 2026-05-08 04:43:29 -04:00
.env.example I'm being gangstalked by the CIA, they put a chip in my brain 2026-05-04 18:53:54 -04:00
.env.example.dev I'm being gangstalked by the CIA, they put a chip in my brain 2026-05-04 18:53:54 -04:00
.env.example.prod I'm being gangstalked by the CIA, they put a chip in my brain 2026-05-04 18:53:54 -04:00
.gitignore I'm being gangstalked by the CIA, they put a chip in my brain 2026-05-04 18:53:54 -04:00
Justfile i count the tiles every morning. today there's one more. there's always one more. 2026-06-18 19:28:21 -04:00
LICENSE I'm being gangstalked by the CIA, they put a chip in my brain 2026-05-04 18:53:54 -04:00
README.md Update README.md 2026-06-02 15:20:45 -04:00
cloudflared.compose.yml feat(monitor/infra): three compose files, Makefile, .env.example 2026-05-01 06:17:28 -04:00
compose.yml I'm being gangstalked by the CIA, they put a chip in my brain 2026-05-04 18:53:54 -04:00
dev.compose.yml I'm being gangstalked by the CIA, they put a chip in my brain 2026-05-04 18:53:54 -04:00

README.md

 ██████╗██╗ █████╗
██╔════╝██║██╔══██╗
██║     ██║███████║
██║     ██║██╔══██║
╚██████╗██║██║  ██║
 ╚═════╝╚═╝╚═╝  ╚═╝

Cybersecurity Projects Go React License: AGPLv3 Live Demo Docker

Operator-grade real-time situational awareness dashboard. Eleven live feeds across cyber, world, and finance — fused into a single 3D-globe SOC view with WebSocket delivery and configurable alerting.

Watch on YouTube

Video Thumbnail

The Learn docs are here: learn modules.

The phrase "monitoring the situation" is a Twitter/X meme from June 2025. This is the version that actually monitors the situation.

What It Does

  • Aggregates 11 high-signal data feeds (DShield, Cloudflare Radar, NVD/EPSS, CISA KEV, ransomware.live, Coinbase WS, USGS, NOAA SWPC, Wikipedia ITN, GDELT, ISS) with per-source cadences from sub-second to daily
  • WebSocket fan-out from a single Go binary — collectors run as errgroup goroutines, events flow through an in-process bus to all connected clients
  • 3D MapLibre globe centerpiece with country-level outage shading, BGP hijack regions, mass-scan source ASN dots, ransomware victim markers, earthquake epicenters, and live ISS orbital track
  • CVE velocity timeline with EPSS-weighted prioritization and CISA KEV diff alerts
  • Configurable alerts (toast / banner / chime / Telegram / Discord) with AES-256 encryption of webhook secrets at rest
  • BRIN-indexed Postgres time-series storage tuned for append-mostly event streams
  • JWT auth with auto-rotating Ed25519 keys, public read-only mode, multi-device session management

Quick Start

just dev-up

Visit http://localhost:8432 or the live demo at iminthewalls.com

[!TIP] This project uses just as a command runner. Type just to see all available commands.

Install: curl -sSf https://just.systems/install.sh | bash -s -- --to ~/.local/bin

Stack

Backend: Go 1.25, chi v5, coder/websocket, pgx + pgxpool, goose migrations, errgroup-driven collectors, Argon2id, JWT (Ed25519)

Frontend: React 19, TypeScript, Vite, TanStack Query v5, Zustand, MapLibre GL, D3, SCSS Modules

Data: PostgreSQL 16 (BRIN time-series indexes), Redis 7

Infrastructure: Docker Compose, nginx reverse proxy, Cloudflare Tunnel (prod), multi-stage builds, air for live reload

Data Sources

Panel Source Cadence Auth
Mass-scan firehose DShield (SANS ISC) 1h none
Internet outages + BGP hijacks Cloudflare Radar 5m CF_RADAR_TOKEN
CVE velocity + EPSS NVD CVE 2.0 + FIRST EPSS 2h NVD_API_KEY (optional)
CISA KEV (in-the-wild) CISA KEV catalog 1h none
Ransomware victims ransomware.live 15m none
BTC + ETH live ticks Coinbase Advanced Trade WS persistent none
Earthquakes (M2.5+) USGS GeoJSON 1m none
Space weather (Kp / Bz / X-flux) NOAA SWPC 1m / 3h none
World events Wikipedia ITN + GDELT v2 5m / 15m none
ISS position + passes wheretheiss.at + CelesTrak 10s / 24h none
IP enrichment (BGP) AbuseIPDB on-demand ABUSEIPDB_API_KEY (optional)

Production (Cloudflare Tunnel)

cp .env.example .env
just prod-redeploy
just migrate

Tests

cd backend && go test -race ./...

Learn

This project includes step-by-step learning materials covering security theory, architecture, and implementation.

Module Topic
00 - Overview Prerequisites and quick start
01 - Concepts Threat intel feeds, BGP hijacks, EPSS, KEV, situational awareness theory
02 - Architecture Single-binary collector pipeline, in-process event bus, WebSocket fan-out
03 - Implementation Code walkthrough across collectors, snapshot, ws, alerts
04 - Challenges Extension ideas (additional feeds, custom alerts, deployment)

License

AGPL 3.0