Skip to content

LeakIX/l9filter

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 7 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.github/workflows
 
 
cmd/l9filter
 
 
transformer
 
 
LICENSE
 
 
README.md
 
 
go.mod
 
 
go.sum
 
 
transform.go
 
 
l9filter Features Usage Supported formats Installation Instructions From Binary From Source Running l9filter Examples Human output Send to any l9 tool Human output

README.md

l9filter

GitHub Release Follow on Twitter

l9filter is a translation tool for stdin/stdout that understand the l9format. Its main goal is to facilitate data communication between different network recon software.

Features

  • stdin/stdout oriented
  • Conversion back and forward between formats
  • Low memory/CPU footprint
  • Easy to implement interface

Usage

l9filter transform -h

Displays help for the random command (only implementation atm)

Flag Description
--input-format Selects the input format to parse
--output-format Selects the output format to use
--source-file Use an input file instead of stdin
--target-file Use an output file instead of stdout

Supported formats

The following formats are supported

Format Description
l9 JSON based l9format
nmap Nmap format
masscan masscan default format
hostport <host>:<port> conversion
url Handles URL conversion
human Human readable format (output only)
dnsx Handles DNS resolution from dnsx's json output
sx Handles SX's JSON input/output sx
tbicore Handles LeakIX API's schema

Installation Instructions

From Binary

The installation is easy. You can download the pre-built binaries for your platform from the Releases page.

▶ chmod +x l9filter-linux-64
▶ mv l9filter-linux-64 /usr/local/bin/l9filter

From Source

▶ GO111MODULE=on go get -u -v github.com/LeakIX/l9filter/cmd/l9filter
▶ ${GOPATH}/bin/l9filter transform -h

Running l9filter

l9filter requires an input to run. By default stdin will be used unles input-file is specified.

▶ l9filter transform -i l9 -o hostport

Examples

ip4scout speaks l9format which is a JSON schema targeted at network recon.

Parsing its output would look like :

Human output

▶ ip4scout random --ports=3306,9200,6379|tee results.json|l9filter transform -i l9 -o human

Displays human-readable results on stdout while saving the scan results to results.json

Send to any l9 tool

▶ masscan -rate=10000 -p1-1024 192.168.0.0/24|l9filter transform -i masscan -o l9|l9tcpid service --max-threads=100 > services.json

Run masscan, transform its output to l9format, send live results to l9tcpid and save the final work to services.json.

Human output

l9filter transform -s services.json -i l9 -o human

Reads l9formatted lines from services.json and outputs human-readable format to stdout

About

Translates between l9format and various others

Resources

Readme

License

MIT license

Stars

7 stars

Watchers

1 watching

Forks

2 forks

Releases 7

v1.0.0 Latest
Jun 1, 2021
+ 6 releases

Languages