ptarrant/SneakyScope
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
70d29f9f95e080762b25ba92875d98d215d3ff32
SneakyScope/Readme.md
Phillip Tarrant 70d29f9f95 first commit
2025-08-20 21:22:28 +00:00

2.4 KiB
Raw Blame History

URL Sandbox

A lightweight web-based sandbox for analyzing websites and domains.
It performs WHOIS lookups, GeoIP enrichment, script/form inspection, and provides analyst-friendly output.

🚀 Features

  • Domain & IP Enrichment
    • WHOIS lookups with fallback to raw text when fields are missing
    • Explicit handling of privacy-protected WHOIS records (N/A or Possible Privacy)
    • GeoIP (City, Region, Country, Latitude/Longitude)
    • ASN, ISP, and network details
  • Flagged Content Analysis
    • Suspicious script detection
    • Suspicious form detection
    • Nested bullet-style reporting for clarity
  • Improved UX
    • Automatic addition of http://, https://, and www. if only a domain is provided
    • Modal spinner to indicate background analysis (Analyzing website…)
  • Resilient GeoLite2 Database Management
    • Downloads the MaxMind GeoLite2-City database on first startup
    • Checks file age and only re-downloads if older than 14 days (configurable via environment variable)

⚙️ Setup Instructions

1. Clone the Repository

git clone https://github.com/yourusername/url-sandbox.git
cd url-sandbox

2. Create a MaxMind Account & License Key

  1. Go to MaxMind GeoLite2
  2. Sign up for a free account
  3. Navigate to Account > Manage License Keys
  4. Generate a new license key

3. Configure Environment Variables

All environment variables are loaded from a .env file.

  1. Copy the sample file:
   cp .env.example .env
  1. Edit .env and set your values (see .env.example for available options).

Make sure to add your MaxMind License Key under MAXMIND_LICENSE_KEY.

4. Run with Docker Compose

docker-compose up --build

This will:

  • Build the app
  • Download the GeoLite2 database if not present or too old
  • Start the web interface

📝 Example Output

WHOIS Info

  • Registrar: MarkMonitor, Inc.
  • Organization: Possible Privacy
  • Creation: 1997-09-15
  • Expiration: 2028-09-14

GeoIP Info

  • IP: 172.66.159.20
    • City: N/A
    • Region: N/A
    • Country: United States
    • Coordinates: (37.751, -97.822)
    • ASN: 13335
    • ISP: Cloudflare, Inc.

📌 Roadmap

See Next Steps Checklist for planned features:

  • Improved UI templates
  • Artifact cleanup
  • Proxy support (optional)
Reference in New Issue View Git Blame Copy Permalink