The opr CLI tool from oprand.com offers access to public and private threat data.
- Public Data: ASN
- Private Data: Phishing threat and domain impersonation
go install github.com/oprand/opr/cmd/opr@latest
The opr binary will be installed in the directory named by the $GOBIN environment
variable, which defaults to $GOPATH/bin or $HOME/go/bin if the GOPATH
environment variable is not set.
If you don't have go installed, download from our release page.
Oprand provides a free and public access to some of its in-house aggregated data.
- ASN lookup:
opr asn AS3 - ASN lookup by IP:
opr asn 1.1.1.1 - ASN lookup by domain:
opr asn example.com - ASN lookup by email domain:
opr asn @orange.com - Your IP's ASN:
opr asn me
# Batch queries possible:
opr asn AS5,8.8.8.8,@google.com
# Return results in JSON:
opr asn --json example.com
## Return all IPs under an ASN:
opr asn --ip AS5
## Return all CIDR under an ASN:
opr asn --cidr AS5
## Read from stdin:
echo tesla.com | opr asnGolang library usage also possible:
import "github.com/oprand/opr/client"
opr := client.New(client.OprClientParams{})
asnResponse, err := opr.GetAsn("AS3", "1.1.1.1", "example.com")
if err != nil {
return err
}
for _, asn := range asnResponse {
fmt.Printf("input:%s\n", asn.Input)
fmt.Printf("error:%s\n", asn.Error)
fmt.Printf("data:%v\n", asn.Output)
}For more information and usage see our ASN data documentation.
Oprand provides phishing threat and domain impersonation detection services. We publish a public Phishing Threat Report.
Access to the data below requires an Oprand account.
$ opr results --query=web,ssl example.com
- exämple.co fuzzer:homoglyph+tld-swap scanned:2023-03-05 14:52 (14min ago)
DNS
A 203.0.113.4
NS ns1.domain.com ns2.domain.com
TXT v=spf1 ip4:203.0.113.0/18 ?all
MX mx.exämple.nco
SPF v=spf1 ip4:203.0.113.0/18 ?all
WHOIS
DOMAIN REGISTERED .. 2022-04-15T00:38:46Z (50w5h ago)
UPDATED ..... 2022-04-15T00:38:46Z (50w5h ago)
EXPIRING .... 2024-04-15T00:38:46Z (in 1y2w)
REGISTRAR Domain.com, LLC
compliance@domain-inc.net 602-226-2389
IANA ID: 886
REGISTRANT UNKNOWN
WEB
VALID URL https://exämple.co
HTTP BANNER Apache/2
HTTP STATUS 200
HTML TITLE The real example.com website
CRED. HARVESTER YES
MENTION DOMAIN NO
MENTION BRAND YES
REDIRECT NO
SSL
ISSUER R3, Let's Encrypt
US
CERT EXPIRES .... 2024-05-16 14:56:09 +0000 UTC
SIGNATURE .. SHA256-RSA / CDE4B59A (last 8 char)
SUBJECT .... CN=*.exämple.co.net
ISSUER ..... CN=R3,O=Let's Encrypt,C=US
# ... 100s of more results
- We sign all our commits
- We produce deterministic builds
- We sign all our releases
- We provide a
SHA-256checksum for our releases - The tool doesn't include any auto-updating mechanism
- Dependencies are kept to a minimum and are vetted for any security issue
- The tool only connects to one external domain (*.oprand.com)
- No analytics or bug report system is included - please report manually
Signatures allow you verify the files were indeed provided by us.
- Download our release signing public key here
- Import it with
gpg --import release-key.pub - Verify it was imported successfully with
gpg --list-keys
After having imported our key, download opr.checksum.sha256.txt and its signature opr-checksums.sha256.txt.sig, then run:
gpg --verify --default-key=B2165DEA opr-checksums.sha256.txt.sig opr-checksums.sha256.txtA gpg: Good signature message should be displayed.
Checksums allow you to verify the integrity of the file you downloaded. Ensuring the file hasn't been modified in transit between Github and your system.
Download the opr.checksum.sha256.txt file associated with the release. Then from the same folder as your binary's .zip file, run:
# The `--ignore-missing` flag ensures it won't check missing files.
sha256sum --check --ignore-missing opr.checksum.sha256.txtYou should see OK on the same line as the release .zip file.
Copyright (c) Oprand. All rights reserved. Licensed under the GNU General Public License v3.0