def repChecker():
print("\n --------------------------------- ")
print(" R E P U T A T I O N C H E C K ")
print(" --------------------------------- ")
rawInput = input("Enter IP, URL or Email Address: ").split()
ip = str(rawInput[0])
s = re.findall(r'\S+@\S+', ip)
if s:
print(' Email Detected...')
analyzeEmail(''.join(s))
else:
whoIsPrint(ip)
wIP = socket.gethostbyname(ip)
print("\n VirusTotal Report:")
url = 'https://www.virustotal.com/vtapi/v2/ip-address/report'
params = {'apikey': configvars.data['VT_API_KEY'], 'ip': wIP}
response = requests.get(url, params=params)
pos = 0
tot = 0
if response.status_code == 200:
try: # try IP else fall through to URL
result = response.json()
for each in result['detected_urls']:
tot = tot + 1
pos = pos + each['positives']
if tot != 0:
print(" No of Reportings: " + str(tot))
print(" Average Score: " + str(pos / tot))
print(" VirusTotal Report Link: " +
"https://www.virustotal.com/gui/ip-address/" +
str(ip))
else:
print(" No of Reportings: " + str(tot))
except:
try: #EAFP
url = 'https://www.virustotal.com/vtapi/v2/url/report'
params = {
'apikey': configvars.data['VT_API_KEY'],
'resource': wIP
}
response = requests.get(url, params=params)
result = response.json()
print("\n VirusTotal Report:")
print(" URL Malicious Reportings: " +
str(result['positives']) + "/" +
str(result['total']))
print(" VirusTotal Report Link: " +
str(result['permalink'])
) # gives URL for report (further info)
except:
print(" Not found in database")
else:
print(
" There's been an error - check your API key, or VirusTotal is possible down"
)
try:
TOR_URL = "https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.1.1.1"
req = requests.get(TOR_URL)
print("\n TOR Exit Node Report: ")
if req.status_code == 200:
tl = req.text.split('\n')
c = 0
for i in tl:
if wIP == i:
print(" " + i + " is a TOR Exit Node")
c = c + 1
if c == 0:
print(" " + wIP + " is NOT a TOR Exit Node")
else:
print(" TOR LIST UNREACHABLE")
except Exception as e:
print("There is an error with checking for Tor exit nodes:\n" +
str(e))
print("\n Checking BadIP's... ")
try:
BAD_IPS_URL = 'https://www.badips.com/get/info/' + wIP
response = requests.get(BAD_IPS_URL)
if response.status_code == 200:
result = response.json()
sc = result['Score']['ssh']
print(" " + str(result['suc']))
print(" Score: " + str(sc))
else:
print(' Error reaching BadIPs')
except:
print(' IP not found')
print("\n ABUSEIPDB Report:")
try:
AB_URL = 'https://api.abuseipdb.com/api/v2/check'
days = '180'
querystring = {'ipAddress': wIP, 'maxAgeInDays': days}
headers = {
'Accept': 'application/json',
'Key': configvars.data['AB_API_KEY']
}
response = requests.request(method='GET',
url=AB_URL,
headers=headers,
params=querystring)
if response.status_code == 200:
req = response.json()
print(" IP: " + str(req['data']['ipAddress']))
print(" Reports: " + str(req['data']['totalReports']))
print(" Abuse Score: " +
str(req['data']['abuseConfidenceScore']) + "%")
print(" Last Report: " + str(req['data']['lastReportedAt']))
else:
print(" Error Reaching ABUSE IPDB")
except:
print(' IP Not Found')
print("\n\nChecking against IP blacklists: ")
iplists.main(rawInput)
mainMenu()
def repChecker():
print("\n --------------------------------- ")
print(" R E P U T A T I O N C H E C K ")
print(" --------------------------------- ")
rawInput = input("Enter IP, URL or Email Address: ").split()
ip = str(rawInput[0])
s = re.findall(r'\S+@\S+', ip)
if s:
print(' Email Detected...')
analyzeEmail(''.join(s))
else:
whoIsPrint(ip)
wIP = socket.gethostbyname(ip)
now = datetime.now()
today = now.strftime("%m-%d-%Y")
if not os.path.exists('output/' + today):
os.makedirs('output/' + today)
f = open('output/' + today + '/' + str(rawInput) + ".txt", "a+")
print("\n VirusTotal Report:")
f.write("\n --------------------------------- ")
f.write("\n VirusTotal Report:")
f.write("\n --------------------------------- \n")
url = 'https://www.virustotal.com/vtapi/v2/url/report'
params = {'apikey': configvars.data['VT_API_KEY'], 'resource': wIP}
response = requests.get(url, params=params)
pos = 0 # Total positives found in VT
tot = 0 # Total number of scans
if response.status_code == 200:
try:
result = response.json()
for each in result:
tot = result['total']
if result['positives'] != 0:
pos = pos + 1
avg = pos / tot
print(" No of Databases Checked: " + str(tot))
print(" No of Reportings: " + str(pos))
print(" Average Score: " + str(avg))
print(" VirusTotal Report Link: " + result['permalink'])
f.write("\n\n No of Databases Checked: " + str(tot))
f.write("\n No of Reportings: " + str(pos))
f.write("\n Average Score: " + str(avg))
f.write("\n VirusTotal Report Link: " + result['permalink'])
except:
print('error')
else:
print(
" There's been an error, check your API Key or VirusTotal may be down"
)
try:
TOR_URL = "https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.1.1.1"
req = requests.get(TOR_URL)
print("\n TOR Exit Node Report: ")
f.write("\n\n --------------------------------- ")
f.write("\n TOR Exit Node Report: ")
f.write("\n --------------------------------- \n")
if req.status_code == 200:
tl = req.text.split('\n')
c = 0
for i in tl:
if wIP == i:
print(" " + i + " is a TOR Exit Node")
f.write("\n " + " " + i + " is a TOR Exit Node")
c = c + 1
if c == 0:
print(" " + wIP + " is NOT a TOR Exit Node")
f.write("\n " + wIP + " is NOT a TOR Exit Node")
else:
print(" TOR LIST UNREACHABLE")
f.write("\n TOR LIST UNREACHABLE")
except Exception as e:
print("There is an error with checking for Tor exit nodes:\n" + str(e))
print("\n Checking BadIP's... ")
f.write("\n\n ---------------------------------")
f.write("\n BadIP's Report : ")
f.write("\n --------------------------------- \n")
try:
BAD_IPS_URL = 'https://www.badips.com/get/info/' + wIP
response = requests.get(BAD_IPS_URL)
if response.status_code == 200:
result = response.json()
print(" " + str(result['suc']))
print(" Total Reports : " + str(result['ReporterCount']['sum']))
print("\n IP has been reported in the following Categories:")
f.write(" " + str(result['suc']))
f.write("\n Total Reports : " +
str(result['ReporterCount']['sum']))
f.write("\n IP has been reported in the following Categories:")
for each in result['LastReport']:
timeReport = datetime.fromtimestamp(
result['LastReport'].get(each))
print(' - ' + each + ': ' + str(timeReport))
f.write('\n - ' + each + ': ' + str(timeReport))
else:
print(' Error reaching BadIPs')
except:
print(' IP not found'
) #Defaults to IP not found - not actually accurate
f.write('\n IP not found')
print("\n ABUSEIPDB Report:")
f.write("\n\n ---------------------------------")
f.write("\n ABUSEIPDB Report:")
f.write("\n ---------------------------------\n")
try:
AB_URL = 'https://api.abuseipdb.com/api/v2/check'
days = '180'
querystring = {'ipAddress': wIP, 'maxAgeInDays': days}
headers = {
'Accept': 'application/json',
'Key': configvars.data['AB_API_KEY']
}
response = requests.request(method='GET',
url=AB_URL,
headers=headers,
params=querystring)
if response.status_code == 200:
req = response.json()
print(" IP: " + str(req['data']['ipAddress']))
print(" Reports: " + str(req['data']['totalReports']))
print(" Abuse Score: " +
str(req['data']['abuseConfidenceScore']) + "%")
print(" Last Report: " + str(req['data']['lastReportedAt']))
f.write("\n\n IP: " + str(req['data']['ipAddress']))
f.write("\n Reports: " + str(req['data']['totalReports']))
f.write("\n Abuse Score: " +
str(req['data']['abuseConfidenceScore']) + "%")
f.write("\n Last Report: " + str(req['data']['lastReportedAt']))
f.close()
else:
print(" Error Reaching ABUSE IPDB")
except:
print(' IP Not Found')
print("\n\nChecking against IP blacklists: ")
iplists.main(rawInput)
mainMenu()