Skip to content
/ Unknown-Reputation-Check Public

Using this tool we can check the reputation of IPAddress, Domains, Urls, Hashes and FileScan from the famous and well known Threat Intelligence websites

7 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

srinivas946/Unknown-Reputation-Check

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
Sources
Sources
 
 
Config.py
Config.py
 
 
Config.txt
Config.txt
 
 
Main.py
Main.py
 
 
README.md
README.md
 
 

Repository files navigation

Unknown-Reputation-Check

Using this tool we can check the reputation of IPAddress, Domains, Urls, Hashes and FileScan from the famous and well known Threat Intelligence websites. This tool provides Command Line Interface (CLI) to user. Famous Threat Intelligence websites are used in this tool (IBM X Force, IPVoid, VirusTotal, CiscoTalos, IPLocation)

Script Execution:

Open command prompt and run the file using the command python Main.py --parameter parametervalue -websitename Take an overview of commands available for this tool
--help, -h           show the list of all commands (show help message and exit)
--ip                    Choose IPAddress as Parameter
--domain           Choose Domain as Parameter
--url                   Choose Url as Parameter
--hash               Choose Hash as Parameter
--filescan          Choose FileScan as Parameter
-ibm                  Choose IBM X Force to check the Malicoius data for IPAddress, Domain, Url and Hash
-ipvoid              Choose IPVoid to check IPAddress Reputation
-talos                Choose Cisco Talos to Check the Reputation of IPAddress, Domain, Url
-virustotal         Choose VirusTotal to get the Complete report of Url, Hash and FileScan
-csv                   Upload csv file for bulk check
-location           Check the location of the IPAddress
-view                 Choose a view in google maps where exact the location of IPAddress
-all                    Check the Reputation of IPAddress, Domain, Url and Hash from all the websites

Examples:

IPAddress Reputation Check

  • python   Main.py   --ip   xx.xx.xx.xx(IPAddress)  -ibm
  • python   Main.py   --ip     -ibm   -csv  csvfilepath
  • python   Main.py   --ip   xx.xx.xx.xx(IPAddress)  -ipvoid
  • python   Main.py   --ip     -ipvoid   -csv  csvfilepath
  • python   Main.py   --ip   xx.xx.xx.xx(IPAddress)  -talos
  • python   Main.py   --ip     -talos   -csv  csvfilepath
  • python   Main.py   --ip   xx.xx.xx.xx(IPAddress)  -location
  • python   Main.py   --ip     -location   -csv  csvfilepath
  • python   Main.py   --ip   xx.xx.xx.xx(IPAddress)  -location -view
  • python   Main.py   --ip   xx.xx.xx.xx(IPAddress)  -view

Domain Reputation Check

  • python   Main.py   --domain   domain name  -ibm
  • python   Main.py   --domain     -ibm   -csv  csvfilepath
  • python   Main.py   --domain   domain name  -talos
  • python   Main.py   --domain     -talos   -csv  csvfilepath

Url Reputation Check

  • python   Main.py   --url   url  -ibm
  • python   Main.py   --url    -ibm   -csv  csvfilepath
  • python   Main.py   --url   url  -talos
  • python   Main.py   --url    -talos   -csv  csvfilepath
  • python   Main.py   --url   url  -virustotal
  • python   Main.py   --url    -virustotal   -csv  csvfilepath

Hash Reputation Check

  • python   Main.py   --hash   hash(md5/sha256/sha1)  -ibm
  • python   Main.py   --hash    -ibm   -csv  csvfilepath
  • python   Main.py   --hash   hash(md5/sha256/sha1)  -virustotal
  • python   Main.py   --hash    -virustotal   -csv  csvfilepath

FileScan

  • python   Main.py   --filescan   filename  -virustotal

Requirements

IBM X Force : IBM X Force Provides an API to get the Reputation details of IPAddress, Domains, Urls and Hashes.

  • Public API:
    • Login to IBM X Force and get the API KEY and API PASSWORD
    • Add API KEY and API PASSWORD to Config text file
    • Public API provides limit of 5000 API Calls per month
  • Private API:
    • If you are interested to buy an API Key Login to IBM X Force and Contact the experts to know the Price and Limit of API KEY

VirusTotal : VirusTotal Provides an API to get the Reputation details of Urls, Hashes and FileScan.

  • Public API:
    • Login to VirusTotal and get the API KEY
    • Add API KEY to Config text file
    • Public API provides 4 API Calls per minute
  • Private API:
    • If you are interested to buy an API KEY Login to VirusTotal and Contact the experts to know the price and Limit of API

CISCO Talos : CISCO Talos doesn't provide any APIs but we can do we scrapping using Beautifulsoup.

  • Selenium:
    • Selenium is used for Automation testing. In our case we it is used to extract the webpage content (page source code)
    • After getting page source code we will filter the required data
    • download the selenium webdriver(only chrome drivers are supported) from google and give the path in Config.txt file

About

Using this tool we can check the reputation of IPAddress, Domains, Urls, Hashes and FileScan from the famous and well known Threat Intelligence websites

Resources

Readme
Activity

Stars

7 stars

Watchers

0 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages