Cédric Renzi
A generalist Engineer who collected various experience from various industries and domains.
Engaged now on DevSecOps topics at Fondation Restena,
Session
At OpenSourceLux 2025, we introduced url-checker-tools, a Python CLI toolkit for URL threat assessment through multi-source intelligence gathering, optional YARA-based local inspection, and configurable security scoring.
At BSides Luxembourg 2026, we present the next step: url-checker, a Python Flask web platform exposing a REST API that allows external services to submit URLs for automated verification before publication: initially built to prevent malicious URLs from reaching Fondation Restena's edu.lu shortener users. The platform orchestrates synchronous validation checks alongside asynchronous security assessments delegated to url-checker-tools via job queues, persists results in MariaDB, and includes a MISP integration proof-of-concept for community threat intelligence sharing.
We share our approach for the general Restena Use Case, overall design, production hardening lessons, and our roadmap toward an open, composable, self-hosted URL security infrastructure for the CSIRT community the NetCarapace concept (https://github.com/organizations/NetCarapace).