Machinae v1.3.0 - Security Intelligence Collector.

Machinae v1.3.0 – Security Intelligence Collector.

Changelog Version 1.3.0 (2016-03-07):
+ New sites – Threat intel aggregator/tracker by eSentire
+ New features
– Support simple paginated responses
– Support url encoding ‘target’ in request URL
– Support url decoding values in results



Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes and SSL fingerprints. It was inspired by Automater, another excellent tool for collecting information. The Machinae project was born from wishing to improve Automater in 4 areas:
1. Codebase – Bring Automater to python3 compatibility while making the code more pythonic
2. Configuration – Use a more human readable configuration format (YAML)
3. Inputs – Support JSON parsing out-of-the-box without the need to write regular expressions, but still support regex scraping when needed
4. Outputs – Support additional output types, including JSON, while making extraneous output optionalmachinae

Machinae comes with out-of-the-box support for the following data sources:
– IPVoid
– URLVoid
– URL Unshortener (
– Malc0de
– Telize GeoIP
– Fortinet Category
– VirusTotal pDNS (via web scrape – commented out)
– VirusTotal pDNS (via JSON API)
– VirusTotal URL Report (via JSON API)
– VirusTotal File Report (via JSON API)
– Reputation Authority
– ThreatExpert
– VxVault
– ProjectHoneypot
– McAfee Threat Intelligence
– StopForumSpam
– Cymru MHR
– ICSI Certificate Notary
– TotalHash (disabled by default)
– DomainTools Parsed Whois (Requires API key)
– DomainTools Reverse Whois (Requires API key)
– DomainTools Reputation
– IP WHOIS (Using RIR REST interfaces)
With additional data sources on the way.


Source: | Our Post Before