25 lines
1.6 KiB
Markdown
25 lines
1.6 KiB
Markdown
+++
|
|
title = "CLI host lookup"
|
|
description = "A command-line interface tool to look up hosts (IP address, URL, domain and email address) and provide information relevant to security analysts (registrar information, SPF/DMARC records, VirusTotal and AbuseIPDB results). "
|
|
weight = 1
|
|
updated = 2024-09-02
|
|
[extra]
|
|
# You can also crop the image in the url by adjusting w=/h=
|
|
remote_image = "https://code.joostagterhoek.nl/joost/cli-lookup/media/branch/main/assets/imgs/README_2024-09-02_14-40-00.png"
|
|
+++
|
|
|
|
This is a 🐍 Python project to build a command-line interface application that aims to help a security operations center (SOC) analyst. You are able to enter a host (URL, IP address, email address) and look up security-relevant information. This includes:
|
|
|
|
- 📧 DMARC and SPF information on domain names (also from URLs and email addresses).
|
|
- ✍️ Generic domain registration information.
|
|
|
|
This is done with (among others) the following Python-modules:
|
|
|
|
| module | purpose | usage |
|
|
|--------------|--------------------------------------------------------|----------------------------------------|
|
|
| `rich` | library for writing rich text to the terminal | display and color lookup results |
|
|
| `tqdm` | wraps any iterable and displays a smart progress bar | display progress for multiple lookups |
|
|
| `requests` | HTTP library | query VirusTotal- and AbuseIPDB-APIs |
|
|
| `checkdmarc` | Python module for validating SPF and DMARC DNS records | look up SPF and DMARC records |
|
|
|