Restructure repository: organize tools by purpose, create what search tool
- Move single-file tools to tools/ organized by category (security, forensics, data, etc.) - Move multi-file projects to projects/ (go-tools, puzzlebox, timesketch, rust-tools) - Move system scripts to scripts/ (proxy, display, setup, windows) - Organize config files in config/ (shell, visidata, applications) - Move experimental tools to archive/experimental - Create 'what' fuzzy search tool with progressive enhancement (ollama->fzf->grep) - Add initial metadata database for intelligent tool discovery - Preserve git history using 'git mv' commands
This commit is contained in:
tobias
56
tools/security/vt_ip.py
Normal file
56
tools/security/vt_ip.py
Normal file
@@ -0,0 +1,56 @@
|
||||
#!/usr/bin/python3
|
||||
import sys
|
||||
import pprint
|
||||
import requests
|
||||
import os.path
|
||||
|
||||
|
||||
# os.path.exists(file_path)
|
||||
|
||||
|
||||
out_sep=';'
|
||||
|
||||
with open(os.path.expanduser('~/.virustotal_api_key')) as api_f:
|
||||
api_key=api_f.readline().strip()
|
||||
|
||||
if os.path.exists(os.path.expanduser('~/.ipinfo_api_key')):
|
||||
with open(os.path.expanduser('~/.ipinfo_api_key')) as api_g:
|
||||
ipinfo_api_key=api_g.readline().strip()
|
||||
ipinfo_data=requests.get('http://ipinfo.io/{}'.format(sys.argv[1]), params={'token':ipinfo_api_key})
|
||||
print(ipinfo_data.json())
|
||||
|
||||
ip=sys.argv[1]
|
||||
# url='https://www.virustotal.com/vtapi/v2/ip/report'
|
||||
url = 'https://www.virustotal.com/vtapi/v2/ip-address/report'
|
||||
params = {'apikey': api_key, 'ip':ip }
|
||||
headers = {
|
||||
"Accept-Encoding": "gzip, deflate",
|
||||
"User-Agent" : "gzip,python_requests,vt_pdns.py"
|
||||
}
|
||||
|
||||
|
||||
|
||||
try:
|
||||
response = requests.get(url, params=params, headers=headers)
|
||||
response_data = response.json()
|
||||
except requests.exceptions.ProxyError as e:
|
||||
print("Proxy Error")
|
||||
print(e)
|
||||
exit(1)
|
||||
|
||||
print("=== Short report for : {} ===".format(ip))
|
||||
print(response_data['verbose_msg'])
|
||||
if 'detected_urls' in response_data :
|
||||
print("{} detected URLs found".format(len(response_data['detected_urls'])))
|
||||
if 'detected_downloaded_samples' in response_data :
|
||||
print("{} detected Downloads found".format(len(response_data['detected_downloaded_samples'])))
|
||||
if 'resolutions' in response_data:
|
||||
print("== Resolutions ==")
|
||||
data=sorted(response_data['resolutions'], key=lambda i:i['last_resolved']) if len(response_data['resolutions'])>1 else response_data['resolutions']
|
||||
for r in data:
|
||||
print(" {} : {}".format(r["last_resolved"],r["hostname"]))
|
||||
|
||||
|
||||
for k in response.json():
|
||||
print("=== {} ===".format(k))
|
||||
print(response_data[k])
|
||||
Reference in New Issue
Block a user