def SBaseQuery(domain):
sb = SenderBase(timeout=30)
sb_result = sb.lookup(domain)
print "[+] Senderbase retrived results for " + domain + " ............"
print ""
print sb_result
print "##############################################################################"
def test_timeout(self):
s = SenderBase(host='10.255.255.1',timeout=0.25) # This should hang since this IP/port does not host a service!
timeout_exception_caught = False
start = time.time()
try:
result = s.lookup('1.2.3.4')
except requests.exceptions.ConnectTimeout:
timeout_exception_caught = True
end = time.time()
assert timeout_exception_caught == True
assert end-start < 1 # Make sure we didn't take too long to run the whole test
def test_192_168_0_1(self, requests_post):
def mock_requests_post(*args,**kwargs):
class __mock():
f = open('%s/tests/mocks/192.168.0.1_result.html' % basedir, 'r')
text = f.read()
return __mock
requests_post.side_effect = mock_requests_post
s = SenderBase()
result = s.lookup('192.168.0.1')
assert result is not None
assert result == {}
def test_amazon_com_multiple(self, requests_post):
def mock_requests_post(*args,**kwargs):
class __mock():
f = open('%s/tests/mocks/amazon.com_multiple_result.html' % basedir, 'r')
text = f.read()
return __mock
requests_post.side_effect = mock_requests_post
s = SenderBase()
result = s.lookup('amazon.com')
assert result is not None
assert result == {}
def test_google_com(self, requests_post):
def mock_requests_post(*args,**kwargs):
class __mock():
f = open('%s/tests/mocks/google.com_result.html' % basedir, 'r')
text = f.read()
return __mock
requests_post.side_effect = mock_requests_post
s = SenderBase()
result = s.lookup('google.com')
assert result is not None
assert 'ip' not in result
assert 'network_owner' not in result
assert result['web_reputation'] == 'Neutral'
assert result['web_category'] == 'Search Engines and Portals'
assert result['host_name'] == 'google.com'
assert result['domain'] == 'google.com'
def test_4_4_4_4(self, requests_post):
def mock_requests_post(*args,**kwargs):
class __mock():
f = open('%s/tests/mocks/4.4.4.4_result.html' % basedir, 'r')
text = f.read()
return __mock
requests_post.side_effect = mock_requests_post
s = SenderBase()
result = s.lookup('4.4.4.4')
assert result is not None
assert result['ip'] == '4.4.4.4'
assert result['network_owner'] == 'Level 3 Communications'
assert result['web_reputation'] == 'Poor'
assert result['black_listed'] == True
assert result['host_name'] == 'alu7750testscr.xyz1.gblx.mgmt.Level3.net'
assert result['blacklists'][0]['bl.spamcop.net'] == 'Not Listed'
assert result['blacklists'][2]['pbl.spamhaus.org'] == 'Listed'
assert 'web_category' not in result
assert result['email_reputation'] == 'Poor'
assert result['fwd_rev_dns_match'] == 'No'
def test_8_8_8_8(self, requests_post):
def mock_requests_post(*args,**kwargs):
class __mock():
f = open('%s/tests/mocks/8.8.8.8_result.html' % basedir, 'r')
text = f.read()
return __mock
requests_post.side_effect = mock_requests_post
s = SenderBase()
result = s.lookup('8.8.8.8')
assert result is not None
assert result['ip'] == '8.8.8.8'
assert result['network_owner'] == 'Google'
assert result['web_reputation'] == 'Neutral'
assert result['black_listed'] == False
assert result['host_name'] == 'google-public-dns-a.google.com'
assert result['blacklists'][0]['bl.spamcop.net'] == 'Not Listed'
assert result['blacklists'][2]['pbl.spamhaus.org'] == 'Not Listed'
assert result['web_category'] == 'Search Engines and Portals'
assert result['email_reputation'] == 'Good'
assert result['fwd_rev_dns_match'] == 'Yes'
for ck in dnsbl:
if ck[1] == False or ck[1] == None:
pass
else:
dnsbl_list.append(ck[0])
return dnsbl_list
def p_out(txt):
global out
print(txt)
out += str(txt) + "\n"
for ip in check_ip:
sb_out = sb.lookup(ip)
dnsbl_l = dnsbl_filter(dnsbl_check(ip))
ip_info = requests.get('http://ipinfo.io/%s' % ip)
trend_micro = trendmicro_test(ip)
EMAIL = 0
p_out(' ')
## Info generiche
p_out(colored(ip, 'cyan'))
p_out(' HostName: %s' % ip_info.json()['hostname'])
p_out(' Provider: %s' % ip_info.json()['org'])
# Info Sender Base
p_out(' Black List: %s' % bl(sb_out['black_listed']))
if sb_out['black_listed'] == True:
#!/usr/bin/python
from senderbase import SenderBase
with open('ip-list.txt') as file:
for ip in file:
sb = SenderBase(timeout=30)
my_result = sb.lookup(ip)
print "Lookup IP:",ip," senderbase.org:",my_result
print
'''webrep.py Checks reputation of email sender domain/ips scrapes relevant search result fields from senderbase, virustotal, reputationauthority, trustedsource Usage: webrep.py <domain/ip address> How each should work 1. Go to the QUERY url (from the program and without opening a browser), bypassing "agree to terms checkbox" 2. Find and scrape the portion of the page with the search result of the search 3. Output of the result for each individual report Senderbase: Uses senderbase module and produces results required modules: senderbase, sys ''' import sys from senderbase import SenderBase QUERY = "google.com" #sys.argv[1] sb = SenderBase(timeout=30) my_result = sb.lookup(QUERY) print "[+] SenderBase results for %s are \n %s " % (QUERY, my_result) #end
#!/usr/bin/python
from senderbase import SenderBase
with open('ip-list.txt') as file:
for ip in file:
sb = SenderBase(timeout=30)
my_result = sb.lookup(ip)
print "Lookup IP:", ip, " senderbase.org:", my_result
print