INTLog - A Flask app to Track Interesting Artifacts during an Investigation

Admin

INTLog is a simple Flask app designed to keep track of potentially interesting artifacts during an investigation.

INTLog HomePage

This application was designed to keep track of artifacts that you may stumble across during an investigation. 

This project is in an EXTREMELY early stage.

Setup

Setup env:

INTLog » python3 -m venv env
INTLog » source env/bin/activate

Install requirements: pip3 install -r requirements.txt

Setup SQLite

This script will automatically create the SQLite file and necessary entries upon the first run.

Exporting Data

INTLog allows you to export all artifacts within an investigation to a CSV file. This allows for importing into other tools or making a backup of artifacts.

JSON Output

Each investigation features an "Export Artifacts (JSON)" button for easy JSON Export. Example output:

[
  {
    "artifact": "t0psecr3t.co.uk", 
    "artifact_description": "Found this artifact in article: https://awesomeinfosecblog.com", 
    "artifact_type": "Domain", 
    "date_added": "2021-01-02T00:33:43", 
    "flagged": 1, 
    "id": 12
  }, 
 ...snip... 
  {
    "artifact": "200.105.28.4", 
    "artifact_description": "Points to t0psecr3t.co.uk", 
    "artifact_type": "IP", 
    "date_added": "2021-01-02T00:41:50", 
    "flagged": null, 
    "id": 16
  }
 ]



Disclaimer

This project is not meant to be a replacement for commercial or even open-source intel tools. Rather, it is meant purely as an assistive tool for artifact management. As previously stated, the idea is to keep track of interesting artifacts in a simple note per investigation.

Credit

This project is designed by Synfinner. If you like the project and wish to contribute, just submit a pull request. 

INTLog