Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/michael-yip/ThreatTracker
ThreatTracker is a Python script designed to monitor and generate alerts on given sets of indicators of compromise (IOCs) indexed by a set of Google Custom Search Engines.
https://github.com/michael-yip/ThreatTracker
Last synced: 2 months ago
JSON representation
ThreatTracker is a Python script designed to monitor and generate alerts on given sets of indicators of compromise (IOCs) indexed by a set of Google Custom Search Engines.
- Host: GitHub
- URL: https://github.com/michael-yip/ThreatTracker
- Owner: michael-yip
- Created: 2015-03-09T07:19:49.000Z (over 9 years ago)
- Default Branch: master
- Last Pushed: 2015-03-09T22:30:59.000Z (over 9 years ago)
- Last Synced: 2024-01-24T20:47:47.315Z (5 months ago)
- Language: Python
- Homepage:
- Size: 137 KB
- Stars: 62
- Watchers: 7
- Forks: 13
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Lists
- awesome-malware-analysis - ThreatTracker - A Python (Open Source Threat Intelligence / Tools)
- paralax-awesome-malware-analysis - ThreatTracker - A Python (Open Source Threat Intelligence / Tools)
- awesome-malware-analysis- - ThreatTracker - A Python (Open Source Threat Intelligence / Tools)
- awesome-malware-analysis - ThreatTracker - A Python (Open Source Threat Intelligence / Tools)
- awesome-malware-analysis - ThreatTracker - A Python (Open Source Threat Intelligence / Tools)
- awesome-malware-analysis - ThreatTracker - A Python (Open Source Threat Intelligence / Tools)
- awesome-malware-analysis - ThreatTracker - A Python (Open Source Threat Intelligence / Tools)
- awesome-malware-analysis - ThreatTracker - A Python (Open Source Threat Intelligence / Tools)
- awesome-malware-analysis - ThreatTracker - A Python (Open Source Threat Intelligence / Tools)
- awesome-malware-analysis - ThreatTracker - A Python (Open Source Threat Intelligence / Tools)
- fucking-awesome-malware-analysis - ThreatTracker - A Python (Open Source Threat Intelligence / Tools)
README
ThreatTracker is a IOC tracker written in Python.
The script queries 4 Google Custom Search Engines periodically to identify new:
1) AV definitions - https://www.google.co.uk/cse/publicurl?cx=003089153695915392663:3aeplrxqc1q
2) Malware sample submissions - https://www.google.co.uk/cse/publicurl?cx=003089153695915392663:yi7j3xmja0w
3) Malicious URLs and domains - https://www.google.co.uk/cse/publicurl?cx=003089153695915392663:8s9qiadkryk
4) Reverse WHOIS - https://www.google.co.uk/cse/publicurl?cx=003089153695915392663:5varpyppnfy
The script also monitors the status of domains using the Google Safe Browsing Lookup API and Google Safebrowsing Diagnosis Page.
Requirements:
1) Google APIs Client Library for Python -
https://developers.google.com/api-client-library/python/start/installation
2) 1 Gmail account (to act as sender)
3) Google API key(s)
4) To use the script, rules must be created in the /rules directory.
Note: A sample rule (for tracking Dridex) is created to highlight the fomart required.
This project is still in beta and so if you have found a bug, please do let me know :-)
Please feel free to email me should you have any questions. I am always on the look out for new data sources and new ideas!