Simple security lookups via CLI
Project description
seclook
seclook is a security lookup CLI tool that allows you to query various security services on the fly. It is essentially a wrapper over the requests library that removes the need to manually search within Web UIs or write your own requests in Postman or cURL to query these services.
You can look up information using commands like seclook [service] [value], where the service can be virustotal, shodan, emailrep, and so on. The value is the information you're querying for and varies by service.
Installation
pip install seclook- Copy config.ini.sample from this directory and place it in
~/.seclook/config.ini - Open
~/.seclook/config.iniand add in your own API keys for the services you want to use.
Some services (e.g., GreyNoise, ThreatFox) don't require API keys, but may be rate-limited more quickly without one or have other limitations. Others (e.g., YARAify) do not need an API key at all and will not be referenced in the config file.
Usage
Basic usage of seclook is as follows:
seclook [service] [value]
For example, to look up IP 1.1.1.1 on AbuseIPDB, you'd run:
seclook abuseipdb 1.1.1.1
You can send the JSON response to OpenAI GPT-4 for summarization:
seclook virustotal 44d88612fea8a8f36de82e1278abb02f --gpt4
You can pipe the output to fx or jq for further processing:
seclook emailrep andrew@akatz.org | fx
You can grep the output for known keys to get specific information:
seclook virustotal 44d88612fea8a8f36de82e1278abb02f | grep malicious
Options
--export – Use this flag to export the results to a JSON file on your Desktop.
--gpt4 – Use this flag to summarize the JSON response from a service in GPT4.
Supported services
You can also view supported services by passing list as the service name:
seclook list
Upgrading
To upgrade seclook to the latest version:
pip install --upgrade seclook
Contributing
If you'd like to contribute to seclook, please feel free to fork the repository, create a feature branch, and then submit a Pull Request.
License
MIT License
Contact
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file seclook-0.7.2.tar.gz.
File metadata
- Download URL: seclook-0.7.2.tar.gz
- Upload date:
- Size: 7.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/5.1.0 CPython/3.12.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | f94961c0a22f25399a4a307b77865e05cae1b89d0bb7e42ac5368b08b0136a3e |
|
| MD5 | 426c5eb6ed66e310f4fd80936483be58 |
|
| BLAKE2b-256 | 4e309e04358dda4dd427e5ad669d3015e2956da9cae3e9366747b584c9a4c22e |
File details
Details for the file seclook-0.7.2-py3-none-any.whl.
File metadata
- Download URL: seclook-0.7.2-py3-none-any.whl
- Upload date:
- Size: 12.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/5.1.0 CPython/3.12.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | ef8a87b9cd4e9f7d8992918e7fbcec98bdb8508c73cd98c3ea77b7c2b16afd01 |
|
| MD5 | 05a77158e7556aa4b27894155c68f5f7 |
|
| BLAKE2b-256 | 2fdb99f5ebb6bb9c5c3ee317d319ace7c584eada91fbd696ccc8e21b918774d8 |
