Skip to content

general-cyber01/ip-intel

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ip_analyze.py
ip_analyze.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

IP Intel — CLI Threat Intelligence Tool

A terminal-based IP intelligence engine that fingerprints IP addresses, identifies bot infrastructure, and scores threat levels.

Features

  • PTR record resolution via DNS
  • GeoIP — location, ISP, ASN lookup
  • Reverse-IP co-hosted domain enumeration
  • Bot identity fingerprinting (Googlebot, Bingbot, Cloudflare, AWS, Tor, and more)
  • Threat scoring with detailed signal breakdown
  • Color-coded terminal report output

Installation

git clone https://github.com/general-cyber01/ip-intel.git
cd ip-intel
pip install -r requirements.txt

Usage

python ip_analyzer.py <target_ip>

Examples:

python ip_analyzer.py 8.8.8.8
python ip_analyzer.py 1.1.1.1
python ip_analyzer.py 66.249.66.1

Add --json to get raw JSON output:

python ip_analyzer.py 8.8.8.8 --json

Sample Output

════════════════════════════════════════════════════════════
   IP INTELLIGENCE REPORT
════════════════════════════════════════════════════════════

  TARGET IP       8.8.8.8
  PTR RECORD      dns.google

  BOT IDENTITY
────────────────────────────────────────────────────────────
  Identified As    Google Public DNS
  Category         DNS Server

  GEOLOCATION & NETWORK
────────────────────────────────────────────────────────────
  Location         Ashburn, Virginia, United States
  ISP              Google LLC
  Organisation     Google Public DNS
  ASN              AS15169 Google LLC

  THREAT ASSESSMENT
════════════════════════════════════════════════════════════
  Verdict          BOT / INFRASTRUCTURE
  Threat Score     ████████████████████ 100/100

Verdict Types

Verdict Score Meaning
LIKELY HUMAN 0–29 Residential or unknown IP
SUSPICIOUS 30–59 Shared hosting or mixed signals
BOT / INFRASTRUCTURE 60–100 Confirmed datacenter, crawler, or bot

Bot Categories Detected

Category Examples
Search Engine Bot Googlebot, Bingbot, Yandex, Baidu
DNS Server Google Public DNS, Cloudflare DNS
CDN / Edge Cloudflare, Akamai, Fastly
Cloud / Datacenter AWS, Azure, GCP, DigitalOcean, Hetzner
Security Scanner Shodan, Censys
Anonymizer Tor Exit Nodes, VPN/Proxy

Data Sources

  • PTR / DNSsocket.gethostbyaddr() (system DNS)
  • GeoIPip-api.com (free, no key required)
  • Reverse IPHackerTarget API (free tier)

License

MIT

About

Open-source IP threat intelligence tool — bot fingerprinting, GeoIP, reverse-IP lookup & threat scoring for WAF engineers.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages