Skip to content

Latest commit

 

History

History
108 lines (81 loc) · 2.9 KB

README.md

File metadata and controls

108 lines (81 loc) · 2.9 KB
Raw

Malicious IP List and AbuseIPDB scripts

This is a CSV list of malicious IPs that have performed unsolicited scans against production applications.

Abuse by Country Pie Chart Abuse by Country Pie Chart

Installation

Clone the repo, create venv and install requirements

git clone https://github.com/ashleykleynhans/ipset.git
cd ipset
python3 -m venv venv
source venv/bin/activate
pip3 install -r requirements.txt

Configure API AbuseIPDB API key and your timezone

  1. Copy the .env.example file to .env
cp .env.example .env
  1. Edit the .env file and configure your AbuseIPDB API Key and timezone.
  2. Save the file.

Create IP Set JSON

python3 create_ip_set_json.py

This will output JSON in the following format:

[
    "64.176.194.36/32",
    "104.234.204.32/32",
    "104.207.139.139/32",
    "54.206.45.15/32",
    "138.199.18.131/32",
    "20.127.152.198/32"
]

Check an IP in AbuseIPDB

Note

Obviously change the IP address below to the IP address that you actually want to check.

python3 check_abuse_ipdb.py --ip-address 64.176.194.36

Report a malicious IP to AbuseIPDB

Note

This is just an example, you should obviously change the IP address to the one that you actually want to report. You can get a list of category ids here, and set the reason to the reason why you are reporting the malicious IP.

python3 report_to_abuse_ipdb.py \
    --ip-address 64.176.194.36 \
    --categories 19,21 \
    --reason "Malicious Behaviour/Probing for vulnerabilities/Brute force attempts"

Check the CSV file for duplicate entries

python3 find_duplicates.py

Generate a pie chart from the list of Malicious IP Addresses

python3 generate_pie_chart.py --field Country

Community and Contributing

Pull requests and issues on GitHub are welcome. Bug fixes and new features are encouraged.

Appreciate my work?

Buy Me A Coffee