-
Notifications
You must be signed in to change notification settings - Fork 0
/
README.Rmd
51 lines (33 loc) · 1.4 KB
/
README.Rmd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
---
output: rmarkdown::github_document
editor_options:
chunk_output_type: console
---
# rpdns
Query 'CIRCL' Passive 'DNS' 'API'
## Description
'CIRCL' 'Passive DNS' <https://www.circl.lu/services/passive-dns/> is a database storing historical 'DNS' records from various resources including malware analysis or partners. The 'DNS' historical data is indexed, which makes it searchable for incident handlers, security analysts or researchers.
It is highly suggested that your CIRCL username and password be stored in `CIRCL_USER` and `CIRCL_PASSWORD` (respectively) for the most efficient and secure use of this package.
Output follows the [Passive DNS - Common Output Format](https://datatracker.ietf.org/doc/draft-dulaunoy-dnsop-passive-dns-cof/).
This is a "package"-ized version of @michaelschratt's [script](https://github.com/michaelschratt/rpdns).
## What's Inside The Tin
- `pdns.query`: Query CIRCL.LU Passive DNS API
- `pdns_query`: Query CIRCL.LU Passive DNS API
The following functions are implemented:
## Installation
```{r eval=FALSE}
devtools::install_github("hrbrmstr/rpdns")
```
```{r message=FALSE, warning=FALSE, error=FALSE, include=FALSE}
options(width=120)
```
## Usage
```{r message=FALSE, warning=FALSE, error=FALSE}
library(rpdns)
# current verison
packageVersion("rpdns")
```
```{r message=FALSE, warning=FALSE, error=FALSE}
pdns_query("www.microsoft.com")
pdns_query("www.circl.lu")
```