IOC Enrichment CLI
A command-line tool that enriches indicators across four threat-intel sources and keeps a local history so you never look the same one up twice.
- Python
- VirusTotal
- Shodan
- AbuseIPDB
- SQLite
01 / Gap Four tabs for one indicator
Checking an indicator means hitting VirusTotal, Shodan, AbuseIPDB, and WHOIS separately and holding the results in your head. The CLI collapses that into one command, normalizes the answers, and caches everything to SQLite so repeat lookups are instant and you build a local record of what you’ve seen.
Full writeup in progress.