dub icon indicating copy to clipboard operation
dub copied to clipboard

Published 20 hours ago verified publisher icon dubinc

Link Scaning: Domain + URL Scanning to Flag Suspicious / Malicious Links

Open snpranav opened this issue 11 months ago • 2 comments

In this PR, I've used the Pangea's URL and Domain Intel that scans malicious links using datasets from Crowdstrike and Domaintools.

Since detecting malicious URLs is hard to get 100% right with just one dataset, I first do a broad domain intel lookup to see if a domain is suspicious using the domain intel API powered by the Domaintools dataset. Then, if it is suspicious, I proceed to perform a URL intel lookup using the URL intel API powered by the CrowdStrike dataset. The best way to scan for malicious URLs is to use multiple dataset providers as implemented in this case.

To use the APIs, you will need to create an account on Pangea and enable URL Intel and Domain Intel services on the same PANGEA_TOKEN. Then paste the PANGEA_TOKEN and PANGEA_DOMAIN into the .env file.

@steven-tey Not sure if you wanted to keep the favicon URL lookup, so I removed it for now 😅

snpranav avatar Mar 21 '24 17:03 snpranav

@snpranav is attempting to deploy a commit to the Elegance Team on Vercel.

A member of the Team first needs to authorize it.

vercel[bot] avatar Mar 21 '24 17:03 vercel[bot]

CLA assistant check
All committers have signed the CLA.

CLAassistant avatar Mar 21 '24 17:03 CLAassistant

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
dub ✅ Ready (Inspect) Visit Preview 💬 Add feedback Apr 16, 2024 3:52pm

vercel[bot] avatar Apr 16 '24 12:04 vercel[bot]