Skip to content

ackatz/seclook

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

41 Commits
Releases
Releases
 
 
images
images
 
 
seclook.xcodeproj
seclook.xcodeproj
 
 
seclook
seclook
 
 
seclookUITests
seclookUITests
 
 
website
website
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
seclook.xctestplan
seclook.xctestplan
 
 

Repository files navigation

seclook

Automatic security lookups from your clipboard

seclook is a macOS/Swift app that sits in the background and monitors your clipboard, sending any IP, SHA2/MD5 hash, or domain to services like AbuseIPDB, VirusTotal, GreyNoise, and more. If any scanned item has a bad reputation score, you get a notification!

seclook UI

Features

  • Automatically scan your clipboard for the following string types:
    • IP addresses
    • SHA2 hashes
    • MD5 hashes
    • Domains
  • A confirmation alert window will always show before sending SHA2 and MD5 hashes
  • Receive notifications through macOS Notification Center when a scanned item has a bad reputation score
  • Send scanned items to the following security lookup services:
    • VirusTotal
    • AbuseIPDB
    • ThreatFox
    • GreyNoise
  • Add known-good items to an Ignore List
  • Toggle scanning on/off:
    • Universally using menu bar icon
    • By string type
    • By integration/lookup service

Installation

Download the latest Mac release here.

To start the app automatically at start up, add it to the "Open at Login" list in Settings > Login Items

Contributions

I'm happy to merge contributions that fit my vision for the app (simple, background app). Bug fixes and more tests are always welcome.

FAQ

Are you planning to release seclook for any other platforms?

No, at the moment this is out of scope, sorry.

What does seclook send from my clipboard to lookup services?

seclook only sends the regex'ed string that was found (e.g., a single IP address such as 1.1.1.1). No other data from the clipboard ever leaves your computer.

What does seclook do if I copy a password?

To protect against sending passwords to lookup services, seclook will always ask you before sending SHA2 and MD5 hashes to lookup services.

confirmation

A note on Password Managers

Autofill

seclook does not detect username/password combinations that are input from auto fill functions.

Desktop Apps + Manual Copy

If you manually copy any value from a password manager desktop app that sets org.nspasteboard.ConcealedType (see NSPasteboard) for copied data (i.e., 1Password Desktop app), seclook will ignore the clipboard value.

Browser Extensions + Manual Copy

If you manually copy from a password manager browser extension, there is not currently a way to detect org.nspasteboard.ConcealedType in this case. seclook will still prompt you to confirm before sending any regex'ed hash values to lookup services.

Thanks

About

Automatic security lookups from your clipboard

seclook.app

Topics

api security cybersecurity swiftui

Resources

Readme

License

MIT license
Activity

Stars

22 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases 3

v1.5.2 Latest
May 23, 2024
+ 2 releases

Languages