Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/abe-101/ip-bot

a Slack bot that listens for messages containing IP addresses and responds with security info about them.
https://github.com/abe-101/ip-bot

python slack slack-bot virustotal

Last synced: 4 months ago
JSON representation

a Slack bot that listens for messages containing IP addresses and responds with security info about them.

Host: GitHub
URL: https://github.com/abe-101/ip-bot
Owner: abe-101
License: apache-2.0
Created: 2022-08-30T01:40:11.000Z (over 2 years ago)
Default Branch: main
Last Pushed: 2023-06-26T13:03:57.000Z (over 1 year ago)
Last Synced: 2024-05-01T16:27:43.988Z (9 months ago)
Topics: python, slack, slack-bot, virustotal
Language: Python
Homepage:
Size: 173 KB
Stars: 9
Watchers: 1
Forks: 3
Open Issues: 10
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- License: LICENSE

Awesome Lists containing this project

README

# IP-Bot

https://user-images.githubusercontent.com/82916197/187593974-ca406ab0-8813-4396-bb16-5d06fbee0bf8.mp4

## Description

a Slack bot that listens for messages containing IP addresses and responds with security info about them.

Full demo video at https://youtu.be/1LehrI46O-c

# Getting Started

## Creating a Slack app
First you'll need to [create a Slack app](https://api.slack.com/apps?new_app=1&ref=bolt_start_hub)

## Requesting Scopes
Navigate over to the **OAuth & Permissions** sidebar, Scroll down to the **Bot Token Scopes** section and click **Add an OAuth Scope**

Search for:
1. channels:history
2. chat:write

Scroll down to the **User Token Scopes** section and click **Add an OAuth Scope**:
Search for:
1. channels:history

## Fork and Clone this repo
```
git clone [email protected]:/ip-bot.git
```

## Install Dependencies:
```
pip install -r requirements.txt
```
## Installing Your App

Install your own app by selecting the **Install App** button at the top of the **OAuth & Permissions** page
5.

## Environment Variables

Create a file `ip_bot/.env` Containing you API tokens.
for this project we need:
1. The Bot User OAuth Access Token under the **OAuth & Permissions** sidebar
2. The Slack signing secret. Navigate to the **Basic Information** page from your app management page. Under **App Credentials**, copy the value for Signing Secret.
3. [Virus Total's](https://www.virustotal.com/gui/home/upload) public API. Create an account to get your Token at https://developers.virustotal.com/reference/overview

```
SLACK_BOT_TOKEN=
SLACK_SIGNING_SECRET=
VIRUS_TOTAL_API_KEY=
```

## Using ngrok as a local proxy

To tr out locally we'll be using ngrok, which allows you to expose a public endpoint that Slack can use to send your app events. If you haven't already, [install ngrok from their website](https://ngrok.com/download).
Tell ngrok to use port 3000 which Bolt for python uses by default:
```
ngrok http 3000
```

## Subscribing to events

First get the Bolt app running:
```
python ip_bot/app.py
```

On your app configuration page, select the **Event Subscriptions** sidebar. You'll be presented with an input box to enter a Request URL, which is where Slack sends the events your app is subscribed to. For local development, we'll use your ngrok URL from above.

For example: https://1234abcde.ngrok.io

By default Bolt for Python listens for all incoming requests at the /slack/events route, so for the Request URL you can enter your ngrok URL appended with `/slack/events`.

For example: https://1234abcde.ngrok.io/slack/events

After you've saved your Request URL, click on **Subscribe to events on behalf of users**, then **Add Workspace Event** and search for `message.channels`. Then **Save Changes** using the button on the bottom right.

## Try It Out

You bot is now ready in action
Open slack messenger and add your bot to any channel and mention an ip address in a message and see what happens

## Deployment

You can deploy this project for free on [Railway.app](https://railway.app?referralCode=abe-101)

1. Create a new project and select `deploy from GitHub repo`
give railway.app access to your newly created GitHub repo.
2. Go to the variables tab and add the [above mentioned](#Environment-Variables) variables.
3. In the setting tab under the Domains section click `generate domain` and add it to your slack app as mentioned above in [Subscribing to events](#Subscribing-to-events)
4. Set the `start command` to be `python ip_bot/app.py`.

Your bot is now running all the time.

## Credits
* [Abe](https:github.com/abe-101)