26 lines
1.7 KiB
Markdown
26 lines
1.7 KiB
Markdown
+++
|
|
title = "Flask SOC site"
|
|
description = "A Python-powered Flask website to look up security information about domains, URLs and IP addresses. Built also as a CLI tool and a GUI application."
|
|
weight = 1
|
|
updated = 2024-09-12
|
|
[extra]
|
|
remote_image = "https://code.joostagterhoek.nl/joost/flask-soc-site/media/branch/main/screenshots/screenshot-flask-soc-site-2024-09-06.jpg"
|
|
# link_to = "https://code.joostagterhoek.nl/joost/flask-soc-site"
|
|
+++
|
|
|
|
This is a 🐍 Python project to build a one-page website that aims to help a security operations center (SOC) analyst. You will be able to enter a host (URL, IP address, email address) and look up security-relevant information. This includes:
|
|
|
|
- 🪳 [VirusTotal](https://virustotal.com) and [AbuseIPDB](https://abuseipdb.com) results on a URL, domain name or IP (v4 and v6) address (🔴 color-coded undetected, harmless and malicious results)
|
|
- 📧 DMARC and SPF information on domain names (also from URLs and email addresses).
|
|
- ✍️ Generic domain registration information.
|
|
|
|
This is done with (among others) the following Python-modules:
|
|
|
|
| module | purpose | usage |
|
|
|--------------|--------------------------------------------------------|----------------------------------------|
|
|
| `flask` | lightweight WSGI web application framework | development server |
|
|
| `Datatables` | JavaScript HTML table enhancing library | organizing and coloring lookup results |
|
|
| `requests` | HTTP library | query VirusTotal- and AbuseIPDB-APIs |
|
|
| `checkdmarc` | Python module for validating SPF and DMARC DNS records | look up SPF and DMARC records |
|
|
|