TheresAFewConors / Sooty

The SOC Analysts all-in-one CLI tool to automate and speed up workflow.

GNU General Public License v3.0

1.31k stars 205 forks source link

Add Phish Tank Capability #8

Closed euanbirch closed 4 years ago

euanbirch commented 5 years ago

api_info.php - Verify if a URL has been used in a phishing attack

euanbirch commented 5 years ago

7 https://github.com/AlienVault-OTX/ApiV2 - Add Threat Crowd functionality

TheresAFewConors commented 5 years ago

I will take a look into PhishTank - I'm currently working on a phishing specific module for the 1.2 release so it could be a great addition to the module.
AlienVault is already in the works for the rep checker - the more checks that are done against reliable sites the better the info imo.

tldr; PhishTank - Most Likely AlientVault - Definitely

Thanks for the submission - I'll keep this ticket open as a reminder and close it when they've been added. It might be a week or two though just so you're aware

Gurulhu commented 5 years ago

@TheresAFewConors if you don't mind, I kinda got too entertained and added PhishTank verification to my fork. I could PR this one.

TheresAFewConors commented 5 years ago

@Gurulhu yeah if you want to open a PR that'd be extremely helpful - I'll review it this afternoon and we can try get it merged

Gurulhu commented 5 years ago

@Gurulhu yeah if you want to open a PR that'd be extremely helpful - I'll review it this afternoon and we can try get it merged

Sorry, I wasn't able to PR sooner. Up to review already.

TheresAFewConors commented 5 years ago

No worries at all. There's no rush. Just reviewed and left a comment.

TheresAFewConors commented 4 years ago

Closed due to inactivity