
QRadio
#Threat Defense#Threat Management
CINSscore.com provides Threat Intelligence database with accurate IP scores and collective defense through community and Sentinel IPS unit sourced data.
QRadio: A Framework for Consolidating Cyber Threat Intelligence
QRadio is a tool/framework that is specifically designed to bring together various sources of cyber threat intelligence.
The Objective of the Project
The objective of the project is to create a strong modular framework for the extraction of intelligence data from verified sources.
It uses multiple threat intelligence sources for data searching
It utilizes various threat intelligence sources to search the provided data. Currently, we crawl the following sources: You can search using the following data types: Domain, IPv4, Hash, Imphash, Mutex. The Threat Info databases include: ThreatCrowd, Virustotal, Cymon, IBM X-Force Exchange, Metadefender, #totalhash. The Sandboxes we use are: Malwr, Threatexpert. The Blacklists consist of: ASPROX Tracker, Feodot Tacker, Zeus Tracker, malc0de, McAfee. Other sources include: FortiGuard and hpHosts. Credentials for these sources can be found in /lib/config.py. To use the tool, run python cli_qradio.py with the following options: Output verbosity: By default, it returns CSV unless specified otherwise. Use -v or --verbose to show detailed output. To search from Domain, use -100 or --sonar_domain followed by SONAR to get results for IPv4, Hash, Score, URL, and Blacklist. Use -102 or --domain_to_ipv4 to convert Domain to its corresponding IPv4.