URL Reputation Checker
A Python-based tool to check URL reputation using multiple threat intelligence APIs including VirusTotal, Google Safe Browsing, and URLScan.io.
PythonVirusTotal APIGoogle Safe BrowsingURLScan.io
Problem
Analysts often need to verify the reputation of a URL quickly across multiple threat intelligence sources. Manually checking each service individually is time-consuming and prone to oversight during incident response.
Approach
I built a Python-based utility that aggregates reputation data from multiple different engines simultaneously. The tool:
- Queries VirusTotal, Google Safe Browsing, and URLScan.io APIs.
- Outputs color-coded terminal results for easy readability.
- Provides detailed threat analysis and domain/IP information lookups.
- Includes built-in API error handling.
Installation & Setup
To run this tool locally, you need to configure your environment with API keys for the respective services:
git clone https://github.com/aibhuyan/url-reputation-checker.git
cd url-reputation-checker
pip install -r requirements.txt
You'll need a .env file with your keys:
VIRUSTOTAL_API_KEY="your_virustotal_api_key"
GOOGLE_SAFEBROWSING_API_KEY="your_google_api_key"
URLSCAN_API_KEY="your_urlscan_api_key"
Then run it:
python src/checker.py
What I Learned
- API Aggregation: Managing multiple async or synchronous requests to external APIs and dealing with their distinct response formatting.
- Error Handling: Implementing robust fallback and error logic when a third-party API is down or rate-limited.
- Terminal UX: Using color-coding effectively to draw attention to malicious detections immediately.