QRadio ~ Best Threat Intelligence Radio ~ Tune In!
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
lib
stations
tramatego
.gitignore
LICENSE
README.md
cli_qradio.py
requirements.txt

README.md

     ________                                   \\   ||   //
    /   __   \                                   \\  ||  //
   |   /  \   |    ______      _____     ______      __     _____
   |  |  _ |  |   |   _  \    /  _  \   |   _  \    |__|   /  _  \
   |  | / \|  |   |  |_)  )  |  / \  |  |  | \  \    __   |  / \  |
   |  | \  |  |   |      /   |  |_|  |  |  |  )  )  |  |  | (   ) |
   |   \_\    |   |  |\  \   |   _   |  |  |_/  /   |  |  |  \_/  |
    \_______  \   |__| \__\  |__| |__|  |______/    |__|   \_____/
            \__\
                                            ~ Tune In

QRadio

QRadio is a tool/framework designed to consolidate cyber threats intelligence sources. The goal of the project is to establish a robust modular framework for extraction of intelligence data from vetted sources.

It uses multiple threat intelligence sources for searching supplied data. Currently we crawl the following:

You can search by the following data types:

  • Domain
  • IPv4
  • Hash
  • Imphash
  • Mutex
Threat Info databases:
Sandboxes:
Blacklists:
Other:

Credentials for sources

  • /lib/config.py

Usage

python cli_qradio.py

Options

Output verbosity:

Return CSV if not specified

-v,   --verbose             - Show verbose output 

From Domain

-100, --sonar_domain        - SONAR <domain> to IPv4, Hash, Score, URL, Blacklist
-102, --domain_to_ipv4      - Resolve IPv4 to <domain>
-103, --domain_to_hash      - Search Hash for <domain>
-104, --domain_to_score     - Detection score for <domain>
-105, --domain_to_url       - URL to analysis for <domain>
-106, --domain_to_blacklist - Search <domain> in blacklists

From IPv4

-200, --sonar_ipv4          - SONAR <IPv4> to Domain, Hash, Score, Blacklist
-201, --ipv4_to_domain      - Resolve Domain to <IPv4>
-203, --ipv4_to_hash        - Search Hash for <IPv4>
-204, --ipv4_to_score       - Detection score for <IPv4>
-206, --ipv4_to_blacklist   - Search <IPv4> in blacklists

From Hash

-300, --sonar_hash          - SONAR <hash> to Domain, IPv4, Score, URL, Imphash
-301, --hash_to_domain      - Search Domain for <hash>
-302, --hash_to_ipv4        - Search IP for <hash>
-304, --hash_to_score       - Detection score for <hash>
-305, --hash_to_url         - URL to analysis for <hash>
-307, --hash_to_imphash     - Search Imphash for <hash>

Miscellaneous

-401, --imphash_to_hash     - Search Hash with <imphash>
-402, --mutex_to_hash       - Search Hash with <mutex>