def SBaseQuery(domain):
sb = SenderBase(timeout=30)
sb_result = sb.lookup(domain)
print "[+] Senderbase retrived results for " + domain + " ............"
print ""
print sb_result
print "##############################################################################"
def test_192_168_0_1(self, requests_post):
def mock_requests_post(*args,**kwargs):
class __mock():
f = open('%s/tests/mocks/192.168.0.1_result.html' % basedir, 'r')
text = f.read()
return __mock
requests_post.side_effect = mock_requests_post
s = SenderBase()
result = s.lookup('192.168.0.1')
assert result is not None
assert result == {}
def test_amazon_com_multiple(self, requests_post):
def mock_requests_post(*args,**kwargs):
class __mock():
f = open('%s/tests/mocks/amazon.com_multiple_result.html' % basedir, 'r')
text = f.read()
return __mock
requests_post.side_effect = mock_requests_post
s = SenderBase()
result = s.lookup('amazon.com')
assert result is not None
assert result == {}
def test_timeout(self):
s = SenderBase(host='10.255.255.1',timeout=0.25) # This should hang since this IP/port does not host a service!
timeout_exception_caught = False
start = time.time()
try:
result = s.lookup('1.2.3.4')
except requests.exceptions.ConnectTimeout:
timeout_exception_caught = True
end = time.time()
assert timeout_exception_caught == True
assert end-start < 1 # Make sure we didn't take too long to run the whole test
def test_amazon_com_domain_fucntion(self, requests_post):
def mock_requests_post(*args,**kwargs):
class __mock():
f = open('%s/tests/mocks/amazon.com_domain_result.html' % basedir, 'r')
text = f.read()
return __mock
requests_post.side_effect = mock_requests_post
s = SenderBase()
result = s.lookup_domain('amazon.com')
assert result is not None
assert result != {}
assert result['host_name'] == 'amazon.com'
assert result['domain'] == 'amazon.com'
assert result['web_category'] == 'Shopping'
assert result['email_volume']['last_month'] == '5.7'
assert result['web_reputation'] == 'Good'
def test_google_com(self, requests_post):
def mock_requests_post(*args,**kwargs):
class __mock():
f = open('%s/tests/mocks/google.com_result.html' % basedir, 'r')
text = f.read()
return __mock
requests_post.side_effect = mock_requests_post
s = SenderBase()
result = s.lookup('google.com')
assert result is not None
assert 'ip' not in result
assert 'network_owner' not in result
assert result['web_reputation'] == 'Neutral'
assert result['web_category'] == 'Search Engines and Portals'
assert result['host_name'] == 'google.com'
assert result['domain'] == 'google.com'
def test_4_4_4_4(self, requests_post):
def mock_requests_post(*args,**kwargs):
class __mock():
f = open('%s/tests/mocks/4.4.4.4_result.html' % basedir, 'r')
text = f.read()
return __mock
requests_post.side_effect = mock_requests_post
s = SenderBase()
result = s.lookup('4.4.4.4')
assert result is not None
assert result['ip'] == '4.4.4.4'
assert result['network_owner'] == 'Level 3 Communications'
assert result['web_reputation'] == 'Poor'
assert result['black_listed'] == True
assert result['host_name'] == 'alu7750testscr.xyz1.gblx.mgmt.Level3.net'
assert result['blacklists'][0]['bl.spamcop.net'] == 'Not Listed'
assert result['blacklists'][2]['pbl.spamhaus.org'] == 'Listed'
assert 'web_category' not in result
assert result['email_reputation'] == 'Poor'
assert result['fwd_rev_dns_match'] == 'No'
def test_8_8_8_8_ip_specific(self, requests_post):
def mock_requests_post(*args,**kwargs):
class __mock():
f = open('%s/tests/mocks/8.8.8.8_result.html' % basedir, 'r')
text = f.read()
return __mock
requests_post.side_effect = mock_requests_post
s = SenderBase()
result = s.lookup_ip('8.8.8.8')
assert result is not None
assert result['ip'] == '8.8.8.8'
assert result['network_owner'] == 'Google'
assert result['web_reputation'] == 'Neutral'
assert result['black_listed'] == False
assert result['host_name'] == 'google-public-dns-a.google.com'
assert result['blacklists'][0]['bl.spamcop.net'] == 'Not Listed'
assert result['blacklists'][2]['pbl.spamhaus.org'] == 'Not Listed'
assert result['web_category'] == 'Search Engines and Portals'
assert result['email_reputation'] == 'Good'
assert result['fwd_rev_dns_match'] == 'Yes'
from senderbase import SenderBase
from termcolor import colored
import requests
from dnsbl import Base
from providers import BASE_PROVIDERS
from solutions import TO_DELIST
from lxml import html
sb = SenderBase(timeout=30)
out = ''
#check_ip = ["mx0%s.telecomitalia.it" % x for x in range(1,8)]
check_ip = ['217.169.121.10', '217.169.121.22']
## Trend Micro
def trendmicro_test(ip):
URL = "https://ers.trendmicro.com/reputations/index?ip_address=%s" % ip
page = requests.get(URL)
tree = html.fromstring(page.content)
reputation = tree.xpath('//dd[@class="reputationValue"]/text()')
if len(reputation) > 0:
reputation.append(
'https://ers.trendmicro.com/reputations/block/%s/DUL' % ip)
return reputation
else:
return ['Good']
#!/usr/bin/python
from senderbase import SenderBase
with open('ip-list.txt') as file:
for ip in file:
sb = SenderBase(timeout=30)
my_result = sb.lookup(ip)
print "Lookup IP:",ip," senderbase.org:",my_result
print
'''webrep.py Checks reputation of email sender domain/ips scrapes relevant search result fields from senderbase, virustotal, reputationauthority, trustedsource Usage: webrep.py <domain/ip address> How each should work 1. Go to the QUERY url (from the program and without opening a browser), bypassing "agree to terms checkbox" 2. Find and scrape the portion of the page with the search result of the search 3. Output of the result for each individual report Senderbase: Uses senderbase module and produces results required modules: senderbase, sys ''' import sys from senderbase import SenderBase QUERY = "google.com" #sys.argv[1] sb = SenderBase(timeout=30) my_result = sb.lookup(QUERY) print "[+] SenderBase results for %s are \n %s " % (QUERY, my_result) #end
#!/usr/bin/python
from senderbase import SenderBase
with open('ip-list.txt') as file:
for ip in file:
sb = SenderBase(timeout=30)
my_result = sb.lookup(ip)
print "Lookup IP:", ip, " senderbase.org:", my_result
print
