Skip to content
/ threat-intel-fetcher Public

The Threat Intelligence Fetching Script is a versatile Python tool designed to effortlessly retrieve threat intelligence feeds from specified URLs while ensuring security and flexibility. With real-time progress tracking, dynamic handling of various threat feed formats (e.g., CSV, JSON), and robust features such as IP filtering and URL validation,

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

shreyash2002/threat-intel-fetcher

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
threat sources.txt
threat sources.txt
 
 
threat_intel_fetch.py
threat_intel_fetch.py
 
 

Repository files navigation

Threat Intelligence Fetch Script

Overview

This Python script fetches threat intelligence data from specified URLs, filters out private IPs, and processes the data based on the content type. It supports CSV and JSON threat feed formats and provides real-time progress logging.

Features

  • URL Validation: Ensures that the provided URL has a valid scheme (http, https) and a valid network location.

  • Retry Mechanism: Implements a retry mechanism using the retry library for fetching threat feeds, providing resilience against transient failures.

  • File Format Handling: Dynamically determines the threat feed file format based on the content type in the response headers and parses the data accordingly.

  • Private IP Filtering: Filters out private IP addresses from the threat data to enhance security.

  • Error Handling: Catches and logs exceptions during the execution of critical functions, providing insights into potential issues.

  • Extensibility: Designed to be extensible for adding additional threat feed formats or custom validation logic.

Prerequisites

  • Python 3.x
  • Required Python packages: requests, pandas, retry

Install required packages using:

pip install -r requirements.txt

Usage

  1. Clone the repository:

    git clone https://github.com/shreyash2002/threat-intel-fetcher.git
cd threat-intel-fetcher

  2. Install dependencies

    pip install -r requirements.txt

  3. Run the script with predefined threat feed URLs

    python threat_intel_fetch.py

    Edit the predefined_threat_feed_urls list in the script for your specific use case.

  4. Check the console output for the processed threat data.

Configuration

The script can be configured by modifying the predefined threat feed URLs, output file name, and other parameters directly in the script.

Contributing

If you'd like to contribute to the development of this script, please follow these steps:

Fork the repository. Create a new branch for your feature or bug fix: git checkout -b feature/new-feature. Commit your changes: git commit -m 'Add new feature'. Push to the branch: git push origin feature/new-feature. Submit a pull request.

License

This project is licensed under the MIT License - see the LICENSE file for details.

About

The Threat Intelligence Fetching Script is a versatile Python tool designed to effortlessly retrieve threat intelligence feeds from specified URLs while ensuring security and flexibility. With real-time progress tracking, dynamic handling of various threat feed formats (e.g., CSV, JSON), and robust features such as IP filtering and URL validation,

Topics

python scripts cybersecurity threat-intelligence scripts-python

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages