ThreatIntelChecker: a cross-platform Python and PowerShell tool that checks IPs, domains, URLs, and SHA256 hashes across VirusTotal, AbuseIPDB, Shodan InternetDB, GreyNoise, CIRCL hashlookup, URLScan, and OS-level DNS and WHOIS enrichment.

eddietorial@infosec.exchange

ThreatIntelChecker: a cross-platform Python and PowerShell tool that checks IPs, domains, URLs, and SHA256 hashes across VirusTotal, AbuseIPDB, Shodan InternetDB, GreyNoise, CIRCL hashlookup, URLScan, and OS-level DNS and WHOIS enrichment.

The output is Splunk-compatible key=value pairs, one event per line, piped directly to stdout. Designed for SOC triage, IR enrichment, and SOAR playbook integration. No paid APIs required.

GitHub - eddietorial/ThreatIntelChecker

Contribute to eddietorial/ThreatIntelChecker development by creating an account on GitHub.

GitHub (github.com)

#SOC #ThreatIntelligence #BlueTeam #SIEM #Splunk #Python #PowerShell #CyberSecurity