performing-ioc-enrichment-automation
CommunityAutomate IOC enrichment across intel sources.
AuthorYukiIto1999
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Automates the enrichment of IOCs by aggregating contextual intelligence from VirusTotal, AbuseIPDB, Shodan, MISP, and other sources to produce risk scores and disposition recommendations.
Core Features & Use Cases
- Multi-source IOC enrichment across VirusTotal, AbuseIPDB, Shodan, MISP, GreyNoise, and URLScan.io
- Composite risk scoring and actionable disposition guidance for IOCs (IP, domain, hash)
- Rate limiting, error handling, and optional SOAR integration for automated triage
- Use Case: Analysts auto-enrich IOCs during incident triage to prioritize containment actions
Quick Start
Provide a sample IOC and instruct the agent to enrich it across supported sources to generate a risk score.
Dependency Matrix
Required Modules
requests
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: performing-ioc-enrichment-automation Download link: https://github.com/YukiIto1999/ctf-sleuth/archive/main.zip#performing-ioc-enrichment-automation Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.