You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello, I'm Bipin Kumar. I am a full stack developer with expertise in MERN and APIs. I recently came through DICOMHawk project and the idea of making the attackers fall for their own baits intrigued me into exploring further. I cloned and successfully deployed DICOMHawk locally and explored the codebase and deployment stack. The project is well structured and promising.
I’ve previously worked with DICOM while experimenting with medical imaging parsers and basic PACS/DICOM networking, so the protocol flow and association handling weren’t completely new to me. While running the system and reviewing the logging flow I noticed logs are routed only into the ELK stack. I found this great for analytics but not ideal for fast operational responses. I want to add a lightweight, optional webhook system that sends structured JSON events to external dashboards/SIEMs (Slack, TheHive, Splunk, custom endpoints) whenever key triggers occur, like a honeytoken hit or a suspicious DICOM association. This will be configurable per event type and per endpoint so teams can be picky with the alerts and where they go.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hello, I'm Bipin Kumar. I am a full stack developer with expertise in MERN and APIs. I recently came through DICOMHawk project and the idea of making the attackers fall for their own baits intrigued me into exploring further. I cloned and successfully deployed DICOMHawk locally and explored the codebase and deployment stack. The project is well structured and promising.
I’ve previously worked with DICOM while experimenting with medical imaging parsers and basic PACS/DICOM networking, so the protocol flow and association handling weren’t completely new to me. While running the system and reviewing the logging flow I noticed logs are routed only into the ELK stack. I found this great for analytics but not ideal for fast operational responses. I want to add a lightweight, optional webhook system that sends structured JSON events to external dashboards/SIEMs (Slack, TheHive, Splunk, custom endpoints) whenever key triggers occur, like a honeytoken hit or a suspicious DICOM association. This will be configurable per event type and per endpoint so teams can be picky with the alerts and where they go.
Beta Was this translation helpful? Give feedback.
All reactions