The ThreatIntelVisualizer is a cybersecurity engineering project built to demonstrate how real-world threat intelligence can be integrated into a working security tool.
It fetches, analyzes, and stores data on domains and IPs using multiple intelligence sources:
- AlienVault OTX
- VirusTotal
- AbuseIPDB
This project is part of my cybersecurity portfolio and highlights my ability to:
- Build and secure REST APIs
- Integrate multiple cybersecurity intelligence feeds
- Apply defensive coding, error handling, and environment variable security
- Follow professional software engineering practices with Git/GitHub
View screenshots:
- Flask – Python micro web framework
- AlienVault OTX API – Open Threat Exchange threat intel
- VirusTotal API – Domain & file reputation checks
- AbuseIPDB API – Community-driven IP reputation reports
- SQLite3 – Lightweight local database
- dotenv – Secure environment variable management
- Requests – Python HTTP library
✅ Query multiple APIs for domains & IP addresses
✅ Store structured threat intel in SQLite
✅ Defensive error handling & validation
✅ REST API endpoint for lookups
ThreatIntelVisualizer/ │-- app.py │-- requirements.txt │-- .env.example │-- /db │-- /images │-- /docs
- Cyber Threat Intelligence Integration
- Secure API Development
- Structured Data Storage & Retrieval
- Defensive Programming & Error Handling
- Professional Git/GitHub Workflow
- Add visualization dashboards (Plotly, Dash, or React frontend)
- Expand support for file hashes & URLs
- Enrich with additional threat intel feeds
- Implement alerting & correlation logic
MIT License © 2025 Brian Higareda