{"id":19302798,"url":"https://github.com/matrixtm/spooffinder","last_synced_at":"2025-07-12T12:36:35.345Z","repository":{"id":109595838,"uuid":"474782097","full_name":"MatrixTM/SpoofFinder","owner":"MatrixTM","description":"🚨 Check the asn is able to use for ip header modification or no","archived":false,"fork":false,"pushed_at":"2025-01-28T05:17:16.000Z","size":27,"stargazers_count":42,"open_issues_count":0,"forks_count":12,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-04-22T11:41:09.655Z","etag":null,"topics":["amplification-attacks","checker","ip-header-modification","ip-spoof","ip-spoofing","iphm","iphm-checker","ipspoof","spoofing-attack"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MatrixTM.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-03-27T23:10:53.000Z","updated_at":"2025-03-30T16:55:06.000Z","dependencies_parsed_at":"2024-11-09T23:24:43.449Z","dependency_job_id":"e77862b6-d733-41ed-ac9c-93d26165bc6c","html_url":"https://github.com/MatrixTM/SpoofFinder","commit_stats":null,"previous_names":["matrixtm/spooffinder"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/MatrixTM/SpoofFinder","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatrixTM%2FSpoofFinder","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatrixTM%2FSpoofFinder/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatrixTM%2FSpoofFinder/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatrixTM%2FSpoofFinder/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MatrixTM","download_url":"https://codeload.github.com/MatrixTM/SpoofFinder/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatrixTM%2FSpoofFinder/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264991755,"owners_count":23694696,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["amplification-attacks","checker","ip-header-modification","ip-spoof","ip-spoofing","iphm","iphm-checker","ipspoof","spoofing-attack"],"created_at":"2024-11-09T23:23:50.063Z","updated_at":"2025-07-12T12:36:35.263Z","avatar_url":"https://github.com/MatrixTM.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🚨 SpoofFinder 🚨\n\n**SpoofFinder** is a tool designed to check whether a target ASN (Autonomous System Number) supports IP header modification, commonly referred to as IP spoofing. The tool fetches and analyzes data from multiple sources, providing a comprehensive report on the spoofing status of a given ASN, IP address, or CIDR range.\n\n## ⚡️ Features\n\n- 🛡️ **ASN Spoofing Check**: Determines whether an ASN allows IP header modification (IPHM), indicating whether the ASN supports spoofed packet routing.\n- 📊 **Detailed ASN Information**: Retrieves detailed information about an ASN, including country, number of routed IPs, and last spoofing check.\n- 📧 **Email and Phone Parsing**: Extracts contact details (email, phone) from public ASN databases.\n- 🔍 **Related Links Search**: Performs search engine queries for related server information based on the ASN.\n- 🌈 **Rich CLI Output**: Utilizes `rich` for visually appealing, colorful logs and outputs.\n\n## 🚀 Quick Run\n\nFollow these steps to quickly set up and run SpoofFinder:\n\n1. **Clone the repository**:\n ```bash\n git clone https://github.com/MatrixTM/SpoofFinder.git\n cd spoof-finder\n ```\n\n2. **Install dependencies**:\n Ensure you have Python 3.7+ installed. Then, run:\n ```bash\n pip install -r requirements.txt\n ```\n\n3. **Run the tool**:\n You can check the spoofing status of an ASN, IP, or CIDR range using the following command:\n ```bash\n python spoof_finder.py -t AS15169\n ```\n\n4. **Interactive Mode**:\n If you don't pass any arguments, SpoofFinder will prompt you to input a target interactively:\n ```bash\n python spoof_finder.py\n ```\n\n## 🛠️ Requirements\n\nSpoofFinder depends on the following Python libraries:\n\n```bash\npip install httpx netaddr rich aioconsole git+https://github.com/soxoj/async-search-scraper\n```\n\n## 🖥️ Usage\n\nSpoofFinder can be run from the command line, passing the target ASN, IP address, or CIDR range as an argument.\n\n### Example\n\nTo check if ASN 15169 (Google) supports IP header modification:\n\n```bash\npython spoof_finder.py -t AS15169\n```\n\nYou can also use an IP address or CIDR range to find the corresponding ASN and check its spoofing status:\n\n```bash\npython spoof_finder.py -t 8.8.8.8\n```\n\n### Input Types\n\n- **ASN**: Autonomous System Number (e.g., `AS15169` or just `15169`).\n- **IP Address**: Will resolve the IP to its corresponding ASN and check the spoofing status.\n- **CIDR Range**: Supports input of IP ranges in CIDR format (e.g., `8.8.8.0/24`).\n\n## 📄 Output Example\n\nHere is an example of the tool's output:\n\n```plaintext\n[21:23:25] 🔍 Fetching data for ASN: AS15169... \n[21:23:28] 🌍 ASN Name: GOOGLE \n 🔢 ASN Number: AS15169 \n 🌐 Site: google.com \n 🏆 ASN Rank: 1790 \n 🛡️ Spoofable: No \n 🌍 Country: USA \n 🌐 Client IPv4: 35.194.140.0/24 \n ⏱️ Last Checked: Dec 21 2017 08:40 AM \n 📧 Contact Email: network-abuse@google.com \n 📞 Contact Phone: +1-650-253-0000 \n[21:23:55] 🔗 Related Links: \n - https://cloud.google.com/ \n - https://console.cloud.google.com/ \n - https://cloud.google.com/gcp/ \n - https://cloud.google.com/compute/ \n - https://www.google.com/about/datacenters/ \n - https://cloud.google.com/products/calculator \n - https://cloud.google.com/hosting-options/ \n - https://www.google.com/about/datacenters/efficiency/ \n - https://www.google.com/about/datacenters/locations/ \n - https://en.wikipedia.org/wiki/Google_data_centers \n - https://cloud.google.com/serverless/ \n - https://cloud.google.com/compute/vm-instance-pricing \n - https://www.google.com/about/datacenters/gallery/ \n - https://blog.google/products/google-cloud/introducing-google-cloud/ \n - https://www.google.com/ \n - https://support.google.com/?hl=en \n - https://accounts.google.com/ \n - https://about.google/intl/ALL_us/ \n - https://www.google.com/advanced_search \n - https://maps.google.com/ \n - https://en.wikipedia.org/wiki/Google \n - https://www.google.de/ \n - https://www.google.es/ \n - https://www.google.com.br/ \n - https://www.google.ie/intl/en/ \n - https://www.google.com.mx/ \n - https://www.google.dk/index.html \n - https://www.google.com.tw/\n```\n\n## 📝 About Data Sources\nSpoofFinder gathers ASN and IP spoofing data from multiple sources, including:\n\n- [caida.org](https://caida.org): For information on ASN spoofing status.\n- [arin.net](https://arin.net): For obtaining contact information (email, phone) associated with ASNs.\n- [ipapi.co](https://ipapi.co): For IP geolocation and ASN details based on the target IP.\n\n\n## 📁 File Structure\n\n- `spoof_finder.py`: The main script that handles checking ASN spoofing status and gathering additional information.\n- `README.md`: This file, providing project documentation.\n- `requirements.txt`: A list of Python libraries and their versions required to run the tool.\n- `LICENSE`: The license information for the project.\n\n## 📝 License\n\nThis project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.\n\n## 🤝 Contributing\n\nWe welcome contributions! Feel free to open issues or submit pull requests. Please follow the repository's guidelines for code style and contributions.\n\n## 🚧 Future Enhancements\n\n- ⚙️ Add more data sources to check spoofing capabilities.\n- 🗂️ Implement caching to reduce API call overhead for repeated queries.\n- 🔧 Improved error handling and log management.\n\n# 👨‍💻 Best Way to get a server\n\n\u003ca href=\"https://aeza.net/?ref=375036\"\u003e\u003cimg src=\"https://github.com/user-attachments/assets/f875428b-cb35-442d-8dce-cdc5ead4ffbd\" width=\"728\" height=\"90\" alt=\"aeza\"\u003e\u003c/a\u003e\n##### For this subject, the best hosting I found is [Aeza](https://aeza.net/?ref=375036 \"Aeza Hosting\")\n##### You Can buy hourly 10Gbps \u0026 Ryzen 9 Servers with a cheap price\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatrixtm%2Fspooffinder","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmatrixtm%2Fspooffinder","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatrixtm%2Fspooffinder/lists"}