Skip to content

Nishan8583/Threat-Intel

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits

.circleci

.circleci

 
 

LICENSE

LICENSE

 
 

README.MD

README.MD

 
 

_config.yml

_config.yml

 
 

apt.py

apt.py

 
 

botscout.py

botscout.py

 
 

check_who.py

check_who.py

 
 

config.txt

config.txt

 
 

cymon_intel.py

cymon_intel.py

 
 

get_key.py

get_key.py

 
 

hello.sh

hello.sh

 
 

hybrid.py

hybrid.py

 
 

intel.py

intel.py

 
 

malshare_query.py

malshare_query.py

 
 

requirements.txt

requirements.txt

 
 

shodan_intel.py

shodan_intel.py

 
 

threat_crowd.py

threat_crowd.py

 
 

urlhause.py

urlhause.py

 
 

Repository files navigation

Threat_Intel.py

This project is ongoing and has not been completed yet

This is an ongoing project, and will be divided into multiple phases. The goal of this project is to not just provide the analyst with status of either the IP/domain is malicious or not, rather I try to provide as much information as possible to build up contextual view of the threat

Phase - 1: Completed

In this phase I write scripts to only get infomration from sources. Sources Include:
1. whois (for meta information about IP address/domain) 2. threatminer (for APT notes)
3. botscout (Check if the IP has been associated with bot behaviour)
4. cymon (Check reputation, and threat activities through time)
5. hybrid (Check if the domain,IP or hash been associated with malware)
6. malshare (Check if the domain,IP has been used as delivery method for malware)
7. threatcrowd (check status)
8. shodan (Get information about hosts such as open ports, services etc. Also check if it has been associated with C2C)
9. urlhause (Check if the domain,IP has been attributed to malware distribution)

Phase - 2: Ongoing

Obtain meaningful, relevant and useful information from the data gathered, and present it in more understandable way.

Phase - 3: Planning

Focus on using the reports generated for various APTs and use it in this project

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

4 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages