Simple python tool that checks for malicious/suspicious IP connection on local machine using AbuseIPDB.
This is how the script gears run:
- The script starts by running as from command line the ipconfig command
- It saves the result to a txt file
- It parses the file looking for IP connections
- It retrieves the IPs, port used and connection status
- Checks IPs against AbuseIPDB using the API
- Shows the results giving advice based on the confidence score
Colored scheme works as the following table:
| Advice | Score range | Color |
|---|---|---|
| Good | 0-30 | green |
| Maybe check it | 30-50 | cyan |
| Check it | 50-60 | yellow |
| Absolutely check it | 60-100 | red |
- Windows OS
- Python version:
3.7 - AbuseIPDB profile for the API KEY
- AbuseIpDb by Vsecades
- Art for the ASCII art
Once you satisfy all the prerequisites, just launch it and let him do the magic.
Checking any suspicious connection. By the way, I've created this tool just for educational purpose. Feel free to show me better way to do it.
- Andrea Grigoletto - Wirzka