As someone working in a Security Operations Center (SOC), I needed a quick way to look up IP addresses, emails, hashes, etc. using services like VirusTotal, Shodan, and Emailrep. So, I built a small CLI tool to do this called `seclook`.
You can quickly run commands like `seclook virustotal 1.1.1.1` and pipe it to a JSON processor for easy searching.
While some SOCs have security automation/orchestration to look up these values automatically for the analysts, many SOCs don't have the budget for hugely expensive API keys to perform these lookups on a massive scale. Many analysts' workflow involves context switching through many browser windows and using clunky web UIs to do lookups. This is why I made this project publicly available and submitted it to PyPI – hopefully someone out there will find it useful.
This is my first submission to PyPI, so I am excited about that and open to any feedback, criticism, or ideas.
https://github.com/ackatz/seclook
https://pypi.org/project/seclook/
