🛡️ Threat Intel Chatbot Installer

A unified installer and threat intelligence enrichment tool for setting up a Threat Intelligence Chatbot with integrated support for:

• Dockerized Elasticsearch, Cerebrate, MISP
• VM-aware installations (VMware, KVM)
• Kali Linux GPG key fixes
• Live threat enrichment using OTX + VirusTotal
• CLI-ready Python enrichment tool

📦 Features

✅ Unified Bash installer with:

• GPG key fix for Kali
• Docker setup and cleanup
• Progress bar + timing
• Random password generation
• Virtualization detection and VM tools installer
• Logging to threat-chatbot-install.log

✅ Python module ThreatIntelGrok.py:

• Queries OTX + VirusTotal for IPs, domains, file hashes
• Uses .env API key file
• Logs lookups to ~/threat_intel.log

---

📁 Project Structure

threat-intel-chatbot/
├── install/
│   ├── Enhanced_Chatbot_Installer_with_Grok.sh
│   └── .env.template
├── src/
│   └── ThreatIntelGrok.py
├── docs/
│   └── README.md
├── .gitignore
└── LICENSE

---

🚀 Quick Start

1. Clone the repo

git clone https://github.com/itrimble/threat-intel-chatbot.git
cd threat-intel-chatbot/install

2. Configure your API keys

cp .env.template .env
nano .env  # Add your OTX_API_KEY and VT_API_KEY

3. Run the installer

chmod +x Enhanced_Chatbot_Installer_with_Grok.sh
./Enhanced_Chatbot_Installer_with_Grok.sh

---

🧪 How to Use the Grok CLI Tool

After installation:

threatgrok ip 8.8.8.8
threatgrok domain example.com
threatgrok filehash d41d8cd98f00b204e9800998ecf8427e

Make sure .env with your keys is available in your home directory or same folder.

---

🔐 API Key Setup

You must register at:

• AlienVault OTX
• VirusTotal

Then paste your keys into .env like:

OTX_API_KEY=your-key-here
VT_API_KEY=your-key-here

---

📜 License

MIT License — see LICENSE file.

---

🤝 Contributing

PRs and suggestions are welcome! Feel free to fork and enhance the chatbot with additional integrations (e.g., AbuseIPDB, IBM X-Force, etc).

Maintained by @itrimble