:: Updated on

Screenshot of 2024-09-06 Screenshot of a lookup result page from 2024-09-06

Description

This is a 🐍 Python project to build a one-page website that aims to help a security operations center (SOC) analyst. You will be able to enter a host (URL, IP address, email address) and look up security-relevant information. This includes:

  • 🪳 VirusTotal and AbuseIPDB results on a URL, domain name or IP (v4 and v6) address (🔴 color-coded undetected, harmless and malicious results)
  • 📧 DMARC and SPF information on domain names (also from URLs and email addresses).
  • ✍️ Generic domain registration information.

Technologies used

This is done with (among others) the following Python-modules:

modulepurposeusage
flasklightweight WSGI web application frameworkdevelopment server
DatatablesJavaScript HTML table enhancing libraryorganizing and coloring lookup results
requestsHTTP libraryquery VirusTotal- and AbuseIPDB-APIs
checkdmarcPython module for validating SPF and DMARC DNS recordslook up SPF and DMARC records