Python API for Threat Intelligence
Project description
PyOTI - Python Open Threat Intelligence
PyOTI is an API framework to easily query threat intel APIs to get fast, accurate and consistent enrichment data to provide added context to your indicators of compromise. Built as a modular framework to make it easy to use any of the available APIs without needing to be an experienced coder. If a service or tool you use isn’t already in PyOTI it is simple to add a new enrichment module or you may open an issue for a feature request and we can work to get it added into the project.
| Indicator Types | APIs |
|---|---|
| Domains | CheckDMARC, CIRCLPDNS, IrisInvestigate |
| Email Addresses | DisposableEmails, EmailRepIO |
| Hashes | CIRCLHashLookup, MalwareBazaar, MalwareHashRegistry |
| IP Addresses | AbuseIPDB, GreyNoise, SpamhausIntel |
| URLs | GoogleSafeBrowsing, LinkPreview, Phishtank, ProofpointURLDecoder |
| Multis | BinaryEdge, CIRCLPSSL, CiscoUmbrellaInvestigate, DNSBlockList, FileScanIO, HybridAnalysis, IP2Location/IP2WHOIS, JoeSandbox, MaltiverseIOC, MetaDefenderCloudV4, MISP, Onyphe, OTX, Pulsedive, Stairwell, ThreatFox, Triage, URLhaus, URLscan, VirusTotalV3, WhoisXML, XForceExchange |
Installing via pip
It is advised to use a virtual environment.
python3 -m pip install pyoti
If you want to also use the Jupyter Notebook please install additional dependencies.
python3 -m pip install pyoti[jupyter_notebook]
Installing/Updating from source
Windows instructions can be found in the docs directory here.
Linux instructions can be found in the docs directory here.
Tutorial
For a quick tutorial on the ease and benefit of using PyOTI you can view the Phishing URL Triage Jupyter Notebook here.
License
Copyright © 2021-2025, RH-ISAC
This work is free software. You may redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at your option, any later version.
This work is distributed in the hope that it will be useful, but is made available WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
Please review the GNU General Public License at https://www.gnu.org/licenses/ for additional information.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file pyoti-0.4.0.tar.gz.
File metadata
- Download URL: pyoti-0.4.0.tar.gz
- Upload date:
- Size: 44.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 4eb260e266944b7a633fc0f322a0ccbf36b5e5808f3dcd0129f4052d47582862 |
|
| MD5 | 440a7b371256b2932d3e571315cbef44 |
|
| BLAKE2b-256 | de987a7d21f7b10dcbdeeaf614c674b7b5bf77d3242719e54e5c1b44677058fc |
File details
Details for the file pyoti-0.4.0-py3-none-any.whl.
File metadata
- Download URL: pyoti-0.4.0-py3-none-any.whl
- Upload date:
- Size: 62.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 867d1f5bc5d19b8c50184e5be9f3e4705ac8bb05136ed94e83bf0ca77c3f153a |
|
| MD5 | 165367d7e0cd86b77025eaf0d2256f84 |
|
| BLAKE2b-256 | eac128b775561a9983631017492fcdf01cd73e87c1fdb377ea18c80c43e394c5 |
