Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/dfirsec/check_rep

Check IP or Domain reputation against open-source Blacklists.
https://github.com/dfirsec/check_rep

blacklists dfir forensics geolocation-map infosec python3 reputation threatintel

Last synced: 12 days ago
JSON representation

Check IP or Domain reputation against open-source Blacklists.

Host: GitHub
URL: https://github.com/dfirsec/check_rep
Owner: dfirsec
License: mit
Created: 2018-12-07T00:31:11.000Z (almost 6 years ago)
Default Branch: master
Last Pushed: 2023-07-25T19:03:08.000Z (over 1 year ago)
Last Synced: 2023-07-25T20:56:41.389Z (over 1 year ago)
Topics: blacklists, dfir, forensics, geolocation-map, infosec, python3, reputation, threatintel
Language: Python
Homepage:
Size: 2.52 MB
Stars: 58
Watchers: 3
Forks: 14
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # Check Reputation

![Generic badge](https://img.shields.io/badge/python-3.8-blue.svg) [![Twitter](https://img.shields.io/badge/[email protected])](https://twitter.com/pulsecode)

Check IP or Domain reputation against several open-source Blacklists.

Option to create a Geolocation map file using coordinates derived from [freegeoip.live](https://freegeoip.live).

***Note:***

Use of VirusTotal option requires an API key.  The service is free, however you must register for an account to aquire an API key.

```console

   ________              __      ____

  / ____/ /_  ___  _____/ /__   / __ \___  ____

 / /   / __ \/ _ \/ ___/ //_/  / /_/ / _ \/ __ \

/ /___/ / / /  __/ /__/ ,<    / _, _/  __/ /_/ /

\____/_/ /_/\___/\___/_/|_|  /_/ |_|\___/ .___/

                                       /_/

Check IP and Domain Reputation

usage: check_rep.py [-h] [-q Q] [--log] [--vt] [--fg | --mx FILE [FILE ...]]

Check IP or Domain Reputation

required arguments:

  -q Q                  query ip address or domain

options:

  -h, --help            show this help message and exit

  --log                 log results to file

  --vt                  check virustotal

  --fg                  use freegeoip for geolocation

  --mx FILE [FILE ...]  geolocate multiple ip addresses or domains

    Options

    --------------------

    freegeoip [freegeoip.live]  - free/opensource geolocation service

    virustotal [virustotal.com] - online multi-antivirus scan engine

    * NOTE:

    Use of the VirusTotal option requires an API key.

    The service is "free" to use, however you must register

    for an account to receive an API key.

```

## Installation

```text

git clone https://github.com/dfirsec/check_rep.git

cd check_rep

pip install -r requirements.txt

```

### Example Run

[![asciicast](https://asciinema.org/a/r6VDD8QaHsaj3Fzo1wjU96BmQ.svg)](https://asciinema.org/a/r6VDD8QaHsaj3Fzo1wjU96BmQ)

### Geolocation Map File

![alt text](images/geo_ip_map_example.png)