This project builds an AI Agent to collect and enrich Indicators of Compromise (IOCs) from open sources (AlienVault OTX, VirusTotal, AbuseIPDB) and visualize them in a dashboard.
- Python 3.8 or higher
- API Keys: VirusTotal, AbuseIPDB, Twitter/X
- Install dependencies:
pip install -r requirements.txt - Install spaCy model:
python -m spacy download en_core_web_sm
-
Clone the repository:
git clone https://github.com/devlin9824/ThreatIntelAgent.gitcd ThreatIntelAgent -
Create a virtual environment:
python -m venv venv.\venv\Scripts\activate# Windows -
Install dependencies:
pip install -r requirements.txtpython -m spacy download en_core_web_sm -
Create a config.py file from config_template.py and add your API Keys:
VIRUSTOTAL_API_KEY = "your_virustotal_api_key"ABUSEIPDB_API_KEY = "your_abuseipdb_api_key"TWITTER_API_KEY = "your_twitter_api_key"TWITTER_API_SECRET = "your_twitter_api_secret"TWITTER_ACCESS_TOKEN = "your_twitter_access_token"TWITTER_ACCESS_TOKEN_SECRET = "your_twitter_access_token_secret" -
Run the main script:
python main.py
Free API Keys have limits (VirusTotal: 500/day, AbuseIPDB: 1000/day).