Back to Projects

URL Reputation Checker

A CLI tool and API wrapper to check URL reputation against VirusTotal and other threat intelligence sources.

View Source
PythonVirusTotal APIClickDocker

Problem

SOC analysts often need to quickly check a URL's reputation without leaving their terminal or navigating through a web UI.

Approach

I built a Python CLI tool that:

  1. Accepts a URL or file of URLs.
  2. Queries the VirusTotal v3 API.
  3. Parses the JSON response to extract the malicious vote count and vendor flags.
  4. Outputs a color-coded summary to the terminal.

Tools

  • Python: Language of choice.
  • Click: For building beautiful CLI interfaces.
  • VirusTotal API: The intelligence source.
  • Docker: Containerized for easy distribution.

Output & Impact

  • Used by the internal team for quick triage.
  • Integrated into a larger Slack bot for self-service checks.

What I Learned

  • Building intuitive CLI interfaces requires careful thought about arguments and flags.
  • Rate limiting handling is essential when working with public APIs.