https://github.com/thatsinewave/url-analysis-tool

Python-based tool for analyzing URLs and detecting potential threats using various cybersecurity services.
https://github.com/thatsinewave/url-analysis-tool

analysis cyber-threat-intelligence cybersecurity good-first-contribution good-first-issue good-first-pr good-first-project malicious-domains malicious-url malicious-url-detection malware-analysis mit open-source phishing-attacks phishing-detection thatsinewave threat-intelligence url-analysis url-scan url-screenshot

Last synced: 3 days ago
JSON representation

Python-based tool for analyzing URLs and detecting potential threats using various cybersecurity services.

• Host: GitHub
• URL: https://github.com/thatsinewave/url-analysis-tool
• Owner: ThatSINEWAVE
• License: mit
• Created: 2024-04-07T11:05:49.000Z (8 months ago)
• Default Branch: main
• Last Pushed: 2024-04-24T07:57:53.000Z (7 months ago)
• Last Synced: 2024-04-24T13:53:47.318Z (7 months ago)
• Topics: analysis, cyber-threat-intelligence, cybersecurity, good-first-contribution, good-first-issue, good-first-pr, good-first-project, malicious-domains, malicious-url, malicious-url-detection, malware-analysis, mit, open-source, phishing-attacks, phishing-detection, thatsinewave, threat-intelligence, url-analysis, url-scan, url-screenshot
• Language: Python
• Homepage: https://github.com/Cybersight-Security/URL-Analysis-Tool
• Size: 23.4 KB
• Stars: 1
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • Funding: .github/FUNDING.yml
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md
  • Security: SECURITY.md

Awesome Lists containing this project

README

        


# URL Analysis Tool

This repository contains a Python-based tool for analyzing URLs and detecting potential threats using various cybersecurity services like VirusTotal and URLScan.io. The tool combines the scan results with WHOIS information and provides a user-friendly interface to tweet the analysis findings or custom messages.



## Features

- Scan URLs using VirusTotal and URLScan.io APIs

- Retrieve WHOIS information for the analyzed domains

- Save the combined analysis results to numbered output files

- Interact with the Twitter API to post tweets containing the analysis results or custom text

- User-friendly command-line interface



## ☕ [Support my work on Ko-Fi](https://ko-fi.com/thatsinewave)



## Repository Structure

- `controller.py`: The main entry point of the application, handling user input, coordinating the execution of various modules, and providing the user interface.

- `output_module.py`: Handles the formatting and saving of analysis results to output files in the `outputs` directory.

- `twitter_module.py`: Allows users to interact with the Twitter API to post tweets containing analysis results or custom text.

- `urlscan_module.py`: Interacts with the URLScan.io API to submit URLs for scanning and retrieve the scan results.

- `virustotal_module.py`: Interacts with the VirusTotal API to scan URLs and retrieve the analysis results.

- `whois_module.py`: Fetches WHOIS information for a given domain.

- `configs/`: Directory containing configuration files with API keys for VirusTotal, URLScan.io, and Twitter.

- `outputs/`: Directory where the analysis results are saved as numbered text files.



# [Join my discord server](https://discord.gg/2nHHHBWNDw)



## Usage

1. Clone the repository or download the source code.

2. Install the required Python packages by running `pip install -r requirements.txt`.

3. Obtain API keys for VirusTotal, URLScan.io, and Twitter, and create configuration files in the `configs` directory with the respective API keys.

4. Run the `controller.py` script.

5. Follow the prompts to enter a URL for scanning, tweet the results, or scan another URL.

## Configuration Files

The tool requires API keys for VirusTotal, URLScan.io, and Twitter. These keys should be stored in separate JSON files in the `configs` directory with the following structure:

- `virustotal_config.json`:

  ```json

  {

    "api_key": "your_virustotal_api_key"

  }

  ```

- `urlscan_config.json`:

  ```json

  {

    "api_key": "your_urlscan_api_key"

  }

  ```

- `twitter_config.json`:

  ```json

  {

    "consumer_key": "your_twitter_consumer_key",

    "consumer_secret": "your_twitter_consumer_secret",

    "access_token": "your_twitter_access_token",

    "access_token_secret": "your_twitter_access_token_secret"

  }

  ```

## Output Files

The analysis results are saved as numbered text files in the `outputs` directory. Each file contains the following information:

- Scanned URL

- Domain

- Registrar

- Creation and expiration dates

- Threat types

- IP addresses and countries associated with the URL

- Scan date

- Screenshot URL

- VirusTotal and URLScan.io report URLs

## Dependencies

This project requires the following Python libraries:

- `requests`

- `tweepy`

- `python-whois`

Install these dependencies by running `pip install -r requirements.txt` before running the application.

## Contributing

Contributions to this project are welcome! If you find any issues or have suggestions for improvements, please open an issue or submit a pull request. Follow the standard GitHub workflow for contributions.

## License

This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for more details.