{"id":45126747,"url":"https://github.com/themains/know-your-ip","last_synced_at":"2026-02-19T23:14:22.226Z","repository":{"id":62574435,"uuid":"118770252","full_name":"themains/know-your-ip","owner":"themains","description":"Know Your IP: Get location, blacklist status, shodan and censys results, and more.","archived":false,"fork":false,"pushed_at":"2025-12-15T22:44:32.000Z","size":774,"stargazers_count":21,"open_issues_count":1,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-12-17T15:24:18.741Z","etag":null,"topics":["blacklisted-ips","cybersecurity","ip-geolocation"],"latest_commit_sha":null,"homepage":"https://themains.github.io/know-your-ip/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/themains.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2018-01-24T13:38:38.000Z","updated_at":"2025-12-16T21:23:34.000Z","dependencies_parsed_at":"2022-11-03T18:37:04.561Z","dependency_job_id":null,"html_url":"https://github.com/themains/know-your-ip","commit_stats":null,"previous_names":["themains/know-your-ip"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/themains/know-your-ip","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/themains%2Fknow-your-ip","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/themains%2Fknow-your-ip/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/themains%2Fknow-your-ip/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/themains%2Fknow-your-ip/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/themains","download_url":"https://codeload.github.com/themains/know-your-ip/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/themains%2Fknow-your-ip/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29636141,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-19T22:32:43.237Z","status":"ssl_error","status_checked_at":"2026-02-19T22:32:38.330Z","response_time":117,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blacklisted-ips","cybersecurity","ip-geolocation"],"created_at":"2026-02-19T23:14:21.517Z","updated_at":"2026-02-19T23:14:22.214Z","avatar_url":"https://github.com/themains.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Know Your IP\n\n[![PyPI version](https://img.shields.io/pypi/v/know_your_ip.svg)](https://pypi.python.org/pypi/know_your_ip)\n[![CI](https://github.com/themains/know-your-ip/workflows/CI/badge.svg)](https://github.com/themains/know-your-ip/actions)\n[![Downloads](https://static.pepy.tech/badge/know-your-ip)](https://pepy.tech/project/know-your-ip)\n\nGet comprehensive data on IP addresses. Learn where they are located (lat/long, country, city, time zone), whether they are flagged as malicious (by [AbuseIPDB](https://www.abuseipdb.com), [VirusTotal](https://www.virustotal.com), [IPVoid](https://ipvoid.com/), etc.), which ports are open and what services are running (via [Shodan](https://shodan.io)), and network diagnostics (ping, traceroute).\n\n## 🚀 What's New in v0.2.0\n\n- **Modern Configuration**: TOML-based config with Pydantic validation\n- **VirusTotal API v3**: Latest API with enhanced threat intelligence\n- **Embedded Categories**: Self-contained AbuseIPDB category mapping\n- **Python 3.11+ Features**: Match/case syntax, union types, type safety\n- **Performance Boost**: No file I/O for category lookups\n- **Environment Variables**: Configuration via `KNOW_YOUR_IP_*` variables\n\n## Quick Start\n\n### Installation\n\n**Requirements**: Python 3.11+\n\n```bash\npip install know_your_ip\n```\n\n### Basic Usage\n\n#### Command Line\n```bash\n# Analyze single IP\nknow_your_ip 8.8.8.8\n\n# Analyze from file\nknow_your_ip --file input.csv --config config.toml\n```\n\n#### Python Library\n```python\nfrom know_your_ip import KnowYourIPConfig, query_ip\n\n# Load configuration\nconfig = KnowYourIPConfig()\nconfig.virustotal.enabled = True\nconfig.virustotal.api_key = \"your_api_key\"\n\n# Analyze IP\nresult = query_ip(config, \"8.8.8.8\")\nprint(result['virustotal.reputation'])  # 530\n```\n\n## Configuration\n\n### TOML Configuration File\n\nCreate `know_your_ip.toml` (see `examples/know_your_ip.toml` for full example):\n\n```toml\n[maxmind]\nenabled = true\ndb_path = \"./db\"\n\n[abuseipdb]\nenabled = true\napi_key = \"your_api_key_here\"\ndays = 90\n\n[virustotal]\nenabled = true\napi_key = \"your_api_key_here\"\n\n[output]\ncolumns = [\n    \"ip\",\n    \"maxmind.country.names.en\",\n    \"virustotal.reputation\",\n    \"abuseipdb.categories\"\n]\n```\n\n### Environment Variables\n\n```bash\nexport KNOW_YOUR_IP_VIRUSTOTAL_API_KEY=\"your_key\"\nexport KNOW_YOUR_IP_VIRUSTOTAL_ENABLED=true\nexport KNOW_YOUR_IP_ABUSEIPDB_API_KEY=\"your_key\"\n```\n\n### Programmatic Configuration\n\n```python\nfrom know_your_ip import KnowYourIPConfig\n\nconfig = KnowYourIPConfig()\nconfig.virustotal.api_key = \"your_api_key\"\nconfig.abuseipdb.enabled = True\nconfig.abuseipdb.days = 30\n```\n\n## Supported Services\n\n| Service | Features | API Required |\n|---------|----------|--------------|\n| **MaxMind** | Geolocation, ASN, ISP | Free database |\n| **VirusTotal** | Threat reputation, categories | ✅ Free/Paid |\n| **AbuseIPDB** | Abuse reports, categories | ✅ Free/Paid |\n| **Shodan** | Open ports, services | ✅ Paid |\n| **Censys** | Internet scanning data | ✅ Free/Paid |\n| **IPVoid** | Blacklist status | Web scraping |\n| **GeoNames** | Timezone data | ✅ Free |\n| **Ping/Traceroute** | Network diagnostics | System tools |\n\n### API Registration Links\n\n- [VirusTotal](https://www.virustotal.com/gui/join-us) - 500 requests/day, 4/min free\n- [AbuseIPDB](https://www.abuseipdb.com/register) - 1,000 requests/day free\n- [Shodan](https://account.shodan.io/register) - Paid service ($69+/month)\n- [Censys](https://search.censys.io/register) - 250 requests/month free\n- [GeoNames](https://www.geonames.org/login) - 10,000 requests/day, 1,000/hour free\n\n## Advanced Features\n\n### Pandas Integration\n\n```python\nimport pandas as pd\nfrom know_your_ip import load_config, query_ip\n\n# Load IPs from CSV\ndf = pd.read_csv('ips.csv')\n\n# Load configuration\nconfig = load_config()\n\n# Analyze all IPs\nresults = df['ip'].apply(lambda ip: pd.Series(query_ip(config, ip)))\nresults.to_csv('analysis.csv', index=False)\n```\n\n### Custom Analysis\n\n```python\nfrom know_your_ip import maxmind_geocode_ip, virustotal_api\n\n# Get only geolocation\nlocation = maxmind_geocode_ip(config, \"8.8.8.8\")\nprint(f\"Country: {location['maxmind.country.names.en']}\")\n\n# Get only threat intelligence\nthreat_data = virustotal_api(config, \"8.8.8.8\")\nprint(f\"Malicious detections: {threat_data['virustotal.malicious']}\")\n```\n\n### Batch Processing\n\n```bash\n# Process large files with concurrency\nknow_your_ip --file large_ips.csv --max-conn 10 --config config.toml\n\n# Process specific range\nknow_your_ip --file ips.csv --from 100 --to 200\n```\n\n## API Reference\n\n### Core Functions\n\n- `query_ip(config, ip)` - Complete IP analysis\n- `load_config(path)` - Load configuration from file\n- `maxmind_geocode_ip(config, ip)` - Geolocation data\n- `virustotal_api(config, ip)` - VirusTotal threat intel\n- `abuseipdb_api(config, ip)` - Abuse reports\n- `shodan_api(config, ip)` - Port/service data\n- `ping(config, ip)` - Network latency\n- `traceroute(config, ip)` - Network path\n\n### Configuration Classes\n\n- `KnowYourIPConfig` - Main configuration\n- `MaxMindConfig` - Geolocation settings\n- `VirusTotalConfig` - Threat intel settings\n- `AbuseIPDBConfig` - Abuse data settings\n- `OutputConfig` - Output column configuration\n\n## Command Line Reference\n\n```\nusage: know_your_ip [-h] [-f FILE] [-c CONFIG] [-o OUTPUT] [-n MAX_CONN]\n                    [--from FROM_ROW] [--to TO] [-v] [--no-header]\n                    [ip [ip ...]]\n\nKnow Your IP - Comprehensive IP Address Analysis\n\npositional arguments:\n  ip                    IP Address(es) to analyze\n\noptional arguments:\n  -h, --help            show this help message and exit\n  -f FILE, --file FILE  List of IP addresses file\n  -c CONFIG, --config CONFIG\n                        Configuration file (TOML format)\n  -o OUTPUT, --output OUTPUT\n                        Output CSV file name\n  -n MAX_CONN, --max-conn MAX_CONN\n                        Max concurrent connections\n  --from FROM_ROW       From row number\n  --to TO               To row number\n  -v, --verbose         Verbose mode\n  --no-header           Output without header\n```\n\n## Rate Limits\n\n| Service | Free Tier | Paid Tier |\n|---------|-----------|-----------|\n| VirusTotal | 500/day, 4/min | Higher limits |\n| AbuseIPDB | 1,000/day | 10,000+/day |\n| Censys | 250/month, 1 req/2.5s | Higher limits |\n| GeoNames | 10,000/day, 1,000/hour | Commercial plans |\n| Shodan | No free API | $69+/month |\n\n## Examples\n\nSee the [`examples/`](examples/) directory for:\n- [example.py](examples/example.py) - Basic usage examples\n- [example.ipynb](examples/example.ipynb) - Jupyter notebook tutorial\n- [input.csv](examples/input.csv) - Sample input file\n- [output.csv](examples/output.csv) - Sample output\n\n## System Requirements\n\n### Dependencies\n- Python 3.11+\n- System `traceroute` command (Linux) or `tracert` (Windows)\n- Raw socket access for ping (requires admin/root privileges)\n\n### Platform Support\n- ✅ Linux\n- ✅ macOS\n- ✅ Windows\n- ✅ Docker/containers\n\n## Documentation\n\nFor comprehensive documentation, visit: [https://themains.github.io/know-your-ip/](https://themains.github.io/know-your-ip/)\n\n## Contributing\n\nWe welcome contributions! Please see our [Contributing Guide](CONTRIBUTING.md) and [Code of Conduct](https://contributor-covenant.org/version/1/0/0/).\n\n## License\n\nReleased under the [MIT License](https://opensource.org/licenses/MIT).\n\n## Authors\n\n- [Suriyan Laohaprapanon](https://github.com/soodoku)\n- [Gaurav Sood](https://github.com/soodoku)\n\n---\n\n**Security Note**: This tool is designed for legitimate security analysis, threat intelligence, and network diagnostics. Please use responsibly and in accordance with applicable laws and service terms of use.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthemains%2Fknow-your-ip","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthemains%2Fknow-your-ip","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthemains%2Fknow-your-ip/lists"}