The SOCIT2ME Multitool is a Python script built for SOC (Security Operations Center) Analysts, providing seamless threat intelligence lookup and QR code decoding capabilities. This tool is designed to assist cybersecurity professionals in gathering insights from various sources and efficiently extracting information from QR codes, all within a single application.
- Perform threat intelligence lookups for IP addresses, URLs/domains, and hash values.
- Decode QR codes from image files and retrieve embedded information.
- Access threat intelligence data from multiple sources including VirusTotal, URLScan, AbuseIPDB, IPQualityScore, and more.
- Launch sandboxes for URLs/domains using Browserling API to capture screenshots.
- Add mass lookup capabilities via CSV files
- Add email scanning via IPQS and haveibeenpwned API's
- Add additional Threat Intel functions for MalwareBazaar and more
-
Clone this repository to your local machine:
git clone https://github.com/chadhardcastle/SOCIT2ME
-
Navigate to the project directory:
cd SOCIT2ME -
Install the required Python packages:
pip install -r requirements.txt
-
Create a
.envfile in the project directory and add your API keys:API_KEY_VIRUSTOTAL=your_virustotal_api_key API_KEY_URLSCAN=your_urlscan_api_key API_KEY_IPQUALITYSCORE=your_ipqualityscore_api_key API_KEY_ABUSEIPDB=your_abuseipdb_api_key API_KEY_BROWSERLING=your_browserling_api_key
Run the script socit2me.py and follow the prompts to enter the desired input:
python socit2me.py- Enter an IP address, URL/domain, hash value, or provide a file path for QR code decoding.
- Type
exitto exit the tool. - Type
helpto display the help message.
Enter an IP address, URL/domain, hash value, or provide a file path for QR code decoding: 8.8.8.8Contributions are welcome! Please open an issue or submit a pull request with any improvements or suggestions.
https://github.com/chadhardcastle/SOCIT2ME/blob/main/LICENSE