The following talk is mainly focused in the researcher's point of view, getting statistics and finding new attacks, but I understand that this tool is extremely useful for the defenders because it may help us to spot and study the attackers as well.
Its key features are:
- Dynamically generate dorks in order to attract the attacker
- Pattern matching engine.
- Extensible with modules to detect and react to new attacks.
- Custom reporting. We can write our own report module that could feed our alerting system.