Flask SOC site.
Table of Contents
Screenshot of a lookup result page from 2024-09-06
Description
This is a 🐍 Python project to build a one-page website that aims to help a security operations center (SOC) analyst. You will be able to enter a host (URL, IP address, email address) and look up security-relevant information. This includes:
- 🪳 VirusTotal and AbuseIPDB results on a URL, domain name or IP (v4 and v6) address (🔴 color-coded undetected, harmless and malicious results)
- 📧 DMARC and SPF information on domain names (also from URLs and email addresses).
- ✍️ Generic domain registration information.
Technologies used
This is done with (among others) the following Python-modules:
module | purpose | usage |
---|---|---|
flask | lightweight WSGI web application framework | development server |
Datatables | JavaScript HTML table enhancing library | organizing and coloring lookup results |
requests | HTTP library | query VirusTotal- and AbuseIPDB-APIs |
checkdmarc | Python module for validating SPF and DMARC DNS records | look up SPF and DMARC records |