From d25a25e75b96ca21f4e5a2fcc74c512e07eecd2d Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 4 Mar 2015 10:50:19 +0100 Subject: [PATCH 1/2] Basic documentation added --- README.md | 60 +++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 58 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c6ca593..aa3b876 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,61 @@ -Add a new module -================ +#URL Abuse + +URL Abuse is a versatile free software for URL review, analysis and black-list reporting. URL Abuse is composed of a web interface where requests are submitted asynchronously and a back-end system to process the URLs into features modules. + +## Features + + - HTTP redirects analysis and follows + - [Google Safe-Browsing](https://developers.google.com/safe-browsing/) lookup + - [Phishtank](http://www.phishtank.com/api_info.php) lookup + - [VirusTotal](https://www.virustotal.com/en/documentation/public-api/) lookup and submission + - [URL query](https://github.com/CIRCL/urlquery_python_api/) lookup + - [CIRCL Passive DNS](http://www.circl.lu/services/passive-dns/) lookup + - [CIRCL Passive SSL](http://www.circl.lu/services/passive-ssl/) lookup + - Sphinx search interface to RT/RTIR ticketing systems. The functionality is disabled by default but this can be used to display information about existing report of malicious URLs. + +Please note that some of the API services will require an API key. The API keys should be located in the root of the URL Abuse directory. + +## Demo + +[CIRCL URL Abuse](https://www.circl.lu/urlabuse/) is online. + +## Install + +Install the requirements + +~~~ +pip install -r requirements.txt +~~~ + +Copy and review the configuration: + +~~~ +cp config.ini.sample config.ini +~~~ + +Install Redis and update the configuration. + +Start the Redis back-end + +~~~ +./run_redis.sh +~~~ + +Start the workers (at least 10) + +~~~ +parallel -j 10 worker.py +~~~ + +Start the web interface + +~~~ +python runapp.py +~~~ + +## Contributing + +### Add a new module Look at the existings functions/modules. The changes will have to be made in the following files: From 31b4d5f9aab2a12e32ee1d2ba0137c55e00f780d Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 4 Mar 2015 11:05:03 +0100 Subject: [PATCH 2/2] Fixes --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index aa3b876..7abf8d3 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ URL Abuse is a versatile free software for URL review, analysis and black-list r - [URL query](https://github.com/CIRCL/urlquery_python_api/) lookup - [CIRCL Passive DNS](http://www.circl.lu/services/passive-dns/) lookup - [CIRCL Passive SSL](http://www.circl.lu/services/passive-ssl/) lookup - - Sphinx search interface to RT/RTIR ticketing systems. The functionality is disabled by default but this can be used to display information about existing report of malicious URLs. + - Sphinx search interface to RT/RTIR ticketing systems. The functionality is disabled by default but can be used to display information about existing report of malicious URLs. Please note that some of the API services will require an API key. The API keys should be located in the root of the URL Abuse directory. @@ -55,6 +55,8 @@ python runapp.py ## Contributing +We welcome pull requests for new extensions, bug fixes. + ### Add a new module Look at the existings functions/modules. The changes will have to be made in the following files: