Initial commit

.github/workflows/checks.yml

@@ -0,0 +1,26 @@
+name: Integration Checks
+
+on:
+  push:
+    branches: ["main"]
+
+jobs:
+  checks:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Go 1.22.2
+        uses: actions/setup-go@v5
+        with:
+          go-version: '1.22.2'
+
+      - name: Verify dependencies
+        run: go mod verify
+
+      - name: Run go vet
+        run: go vet .
+
+      - uses: dominikh/staticcheck-action@v1
+        with:
+          version: "latest"

.gitignore

@@ -0,0 +1,37 @@
+# If you prefer the allow list template instead of the deny list, see community template:
+# https://github.com/github/gitignore/blob/main/community/Golang/Go.AllowList.gitignore
+#
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+*.bin
+ip-enrich
+.DS_Store
+
+# Test binary, built with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Dependency directories (remove the comment below to include it)
+# vendor/
+
+# Go workspace file
+go.work
+
+# IDE
+.idea
+.vscode
+
+# ENV file
+.env
+
+# Log files
+*.log
+
+# Tapes
+*.tape

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Ryan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,48 @@
+# IP-Enrich
+
+IP-Enrich is a Go-based TUI that provides a quick and dirty enrichment of a single IP Address by aggregating data from multiple API endpoints. 
+It requires no API keys or local DBs. 
+
+![Demo](assets/demo.gif)
+
+## Usage
+
+To get started, you need to have [Go](https://go.dev/) installed. Once installed, follow these steps:
+
+1. Clone the repository: `git clone https://github.com/dalryan/ip-enrich.git`
+2. Navigate to the project directory: `cd ip-enrich`
+3. Build the project: `go build`
+4. Run the project: `./ip-enrich <ip>`
+
+
+## Adding New API Endpoints
+
+To add a new API endpoint, you need to modify the `Endpoints` variable in the `model.go` file. Each endpoint is represented as a `APIQueryUnit` which includes the name of the endpoint, the URL, and the model representing the response.
+
+Currently, it assumes the endpoint you are adding requires only a simple GET request. If the endpoint requires additional headers, or a different HTTP method, you will need to modify the `api.go` file to handle these requirements.
+
+## Roadmap
+
+(aka things I will probably never do)
+
+- [ ] Add a summary of the results in the choices view.
+- [ ] Add a JSON export of the results.
+- [ ] Add support for stdin/stdout piping (e.g. `echo "127.0.0.1" | ip-enrich - | jq ..` )
+- [ ] Add more API endpoints for IP enrichment.
+- [ ] Add support for host/domain enrichment.
+- [ ] Add support for local DB and file lookups.
+- [ ] Add some tests? 
+
+## Reference
+
+The project uses the following libraries:
+
+- [Bubbletea](https://github.com/charmbracelet/bubbletea): For the MVU pattern.
+- [Lipgloss](https://github.com/charmbracelet/lipgloss): For styling the interface.
+- [Bubbles](https://github.com/charmbracelet/bubbles): For additional UI components like the spinner and viewport.
+- [Cobra](https://github.com/spf13/cobra): For CLI commands and flags.
+- [Chroma](github.com/alecthomas/chroma/v2): For syntax highlighting in the JSON view.
+
+The tool was mostly written as an exercise to become familiar with TUIs, Bubbletea, and the MVU pattern. It also takes some inspiration from the excellent [ASN](https://github.com/nitefood/asn)
+
+The tool is intended only for single IP address enrichment and is not intended for bulk enrichment.

cmd/root.go

@@ -0,0 +1,69 @@
+package cmd
+
+import (
+	"fmt"
+	"github.com/charmbracelet/bubbles/spinner"
+	tea "github.com/charmbracelet/bubbletea"
+	"github.com/charmbracelet/lipgloss"
+	"github.com/dalryan/ip-enrich/internal/sources"
+	"github.com/dalryan/ip-enrich/internal/ui"
+	"github.com/dalryan/ip-enrich/internal/utils"
+	"github.com/spf13/cobra"
+	"os"
+	"strings"
+)
+
+var ip string
+
+var rootCmd = &cobra.Command{
+	Use:   "ip-enrich [ip]",
+	Short: "A quick and dirty tool for enriching an IP Address",
+	Args:  cobra.MaximumNArgs(1),
+	Run:   Run,
+}
+
+func Run(cmd *cobra.Command, args []string) {
+	if len(args) > 0 {
+		ip = args[0]
+	}
+	if err := utils.ValidateIPAddr(ip); err != nil {
+		fmt.Printf("Not a valid IP address: %s", ip)
+		return
+	}
+
+	initialModel := ui.Model{
+		Ip:              ip,
+		ViewingResponse: false,
+		Results:         make(map[string]sources.Result),
+		Spinner:         spinner.New(spinner.WithSpinner(spinner.Jump)),
+	}
+
+	for i, endpoint := range ui.Endpoints {
+		updatedURL := strings.Replace(endpoint.URL, "{ip}", ip, -1)
+		ui.Endpoints[i].URL = updatedURL
+		initialModel.Results[endpoint.Name] = sources.Result{
+			Data: nil,
+			Url:  updatedURL,
+			Code: 0,
+			Done: false,
+		}
+	}
+
+	initialModel.Spinner.Style = lipgloss.NewStyle().Foreground(lipgloss.Color("205"))
+
+	if _, err := tea.NewProgram(initialModel, tea.WithAltScreen(), tea.WithMouseCellMotion()).Run(); err != nil {
+		fmt.Printf("Error: %v\n", err)
+		os.Exit(1)
+	}
+}
+
+func Execute() {
+	if err := rootCmd.Execute(); err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+}
+
+func init() {
+	rootCmd.PersistentFlags().StringVarP(&ip, "ip", "i", "", "IP address to enrich")
+}

go.mod

@@ -0,0 +1,32 @@
+module github.com/dalryan/ip-enrich
+
+go 1.22.2
+
+require (
+	github.com/alecthomas/chroma/v2 v2.13.0
+	github.com/charmbracelet/bubbles v0.18.0
+	github.com/charmbracelet/bubbletea v0.26.1
+	github.com/charmbracelet/lipgloss v0.10.0
+	github.com/spf13/cobra v1.8.0
+)
+
+require (
+	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
+	github.com/dlclark/regexp2 v1.11.0 // indirect
+	github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
+	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mattn/go-localereader v0.0.1 // indirect
+	github.com/mattn/go-runewidth v0.0.15 // indirect
+	github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 // indirect
+	github.com/muesli/cancelreader v0.2.2 // indirect
+	github.com/muesli/reflow v0.3.0 // indirect
+	github.com/muesli/termenv v0.15.2 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	golang.org/x/sync v0.7.0 // indirect
+	golang.org/x/sys v0.19.0 // indirect
+	golang.org/x/term v0.19.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+)

go.sum

@@ -0,0 +1,55 @@
+github.com/alecthomas/chroma/v2 v2.13.0 h1:VP72+99Fb2zEcYM0MeaWJmV+xQvz5v5cxRHd+ooU1lI=
+github.com/alecthomas/chroma/v2 v2.13.0/go.mod h1:BUGjjsD+ndS6eX37YgTchSEG+Jg9Jv1GiZs9sqPqztk=
+github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k=
+github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8=
+github.com/charmbracelet/bubbles v0.18.0 h1:PYv1A036luoBGroX6VWjQIE9Syf2Wby2oOl/39KLfy0=
+github.com/charmbracelet/bubbles v0.18.0/go.mod h1:08qhZhtIwzgrtBjAcJnij1t1H0ZRjwHyGsy6AL11PSw=
+github.com/charmbracelet/bubbletea v0.26.1 h1:xujcQeF73rh4jwu3+zhfQsvV18x+7zIjlw7/CYbzGJ0=
+github.com/charmbracelet/bubbletea v0.26.1/go.mod h1:FzKr7sKoO8iFVcdIBM9J0sJOcQv5nDQaYwsee3kpbgo=
+github.com/charmbracelet/lipgloss v0.10.0 h1:KWeXFSexGcfahHX+54URiZGkBFazf70JNMtwg/AFW3s=
+github.com/charmbracelet/lipgloss v0.10.0/go.mod h1:Wig9DSfvANsxqkRsqj6x87irdy123SR4dOXlKa91ciE=
+github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
+github.com/dlclark/regexp2 v1.11.0 h1:G/nrcoOa7ZXlpoa/91N3X7mM3r8eIlMBBJZvsz/mxKI=
+github.com/dlclark/regexp2 v1.11.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
+github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f h1:Y/CXytFA4m6baUTXGLOoWe4PQhGxaX0KpnayAqC48p4=
+github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f/go.mod h1:vw97MGsxSvLiUE2X8qFplwetxpGLQrlU1Q9AUEIzCaM=
+github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
+github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
+github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY=
+github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
+github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
+github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-localereader v0.0.1 h1:ygSAOl7ZXTx4RdPYinUpg6W99U8jWvWi9Ye2JC/oIi4=
+github.com/mattn/go-localereader v0.0.1/go.mod h1:8fBrzywKY7BI3czFoHkuzRoWE9C+EiG4R1k4Cjx5p88=
+github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk=
+github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
+github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
+github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 h1:ZK8zHtRHOkbHy6Mmr5D264iyp3TiX5OmNcI5cIARiQI=
+github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6/go.mod h1:CJlz5H+gyd6CUWT45Oy4q24RdLyn7Md9Vj2/ldJBSIo=
+github.com/muesli/cancelreader v0.2.2 h1:3I4Kt4BQjOR54NavqnDogx/MIoWBFa0StPA8ELUXHmA=
+github.com/muesli/cancelreader v0.2.2/go.mod h1:3XuTXfFS2VjM+HTLZY9Ak0l6eUKfijIfMUZ4EgX0QYo=
+github.com/muesli/reflow v0.3.0 h1:IFsN6K9NfGtjeggFP+68I4chLZV2yIKsXJFNZ+eWh6s=
+github.com/muesli/reflow v0.3.0/go.mod h1:pbwTDkVPibjO2kyvBQRBxTWEEGDGq0FlB1BIKtnHY/8=
+github.com/muesli/termenv v0.15.2 h1:GohcuySI0QmI3wN8Ok9PtKGkgkFIk7y6Vpb5PvrY+Wo=
+github.com/muesli/termenv v0.15.2/go.mod h1:Epx+iuz8sNs7mNKhxzH4fWXGNpZwUaJKRS1noLXviQ8=
+github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
+github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
+github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0=
+github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho=
+github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
+github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
+golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
+golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q=
+golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

internal/api/api.go

@@ -0,0 +1,42 @@
+package api
+
+import (
+	"encoding/json"
+	tea "github.com/charmbracelet/bubbletea"
+	"github.com/dalryan/ip-enrich/internal/sources"
+	"io"
+	"net/http"
+	"time"
+)
+
+// MakeAPIRequest sends a GET request to the URL and attempts to decode the JSON response into the supplied model.
+// This function is designed to be used with the BubbleTea framework, returning a command (tea.Cmd).
+//
+// If successful, it returns a statusMsg that includes the URL, the HTTP status code, and the decoded model.
+// If unsuccessful, it returns an errMsg containing the URL and the error.
+//
+// Parameters:
+//   - url: The URL to which the HTTP request is sent.
+//   - model: A pointer to a struct where the JSON response will be decoded.
+//
+// Returns:
+//   - tea.Cmd: An async command executed by the BubbleTea runtime.
+func MakeAPIRequest(key string, url string, model interface{}) tea.Cmd {
+	return func() tea.Msg {
+		c := &http.Client{Timeout: 10 * time.Second}
+		res, err := c.Get(url)
+		if err != nil {
+			return sources.ErrMsg{URL: url, Err: err}
+		}
+		defer func(Body io.ReadCloser) {
+			err := Body.Close()
+			if err != nil {
+				return
+			}
+		}(res.Body)
+		if err := json.NewDecoder(res.Body).Decode(model); err != nil {
+			return sources.ErrMsg{URL: url, Err: err}
+		}
+		return sources.StatusMsg{URL: url, Code: res.StatusCode, DATA: model, KEY: key}
+	}
+}

internal/sources/greynoise.go

@@ -0,0 +1,23 @@
+package sources
+
+// GreyNoiseCommunityResponse is a response from the GreyNoise Community API.
+//
+// Fields:
+//   - IP: The IP address being queried.
+//   - Noise: Indicates whether the IP is labeled as "noise" (background traffic).
+//   - Riot: Indicates whether the IP is part of a "riot" (benign data centers, CDNs, etc.).
+//   - Classification: A string that categorizes the type of noise.
+//   - Name: A descriptive name for the classification.
+//   - Link: A URL to GreyNoise for detailed information about the IP address.
+//   - LastSeen: The last date and time the IP was observed by GreyNoise.
+//   - Message: A message providing additional context or information about the IP.
+type GreyNoiseCommunityResponse struct {
+	IP             string `json:"ip"`
+	Noise          bool   `json:"noise"`
+	Riot           bool   `json:"riot"`
+	Classification string `json:"classification"`
+	Name           string `json:"name"`
+	Link           string `json:"link"`
+	LastSeen       string `json:"last_seen"`
+	Message        string `json:"message"`
+}