Skip to content

Commit

Permalink
Merge pull request #44 from jeffbryner/master
Browse files Browse the repository at this point in the history 
adds support for isc/dshield query of an ip address
  • Loading branch information
@krmaxwell
krmaxwell committed May 5, 2015
2 parents e9ca38b + 1cac23f commit e2ae74c
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 0 deletions.
6 changes: 6 additions & 0 deletions tests/tests.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,12 @@ def test_urlvoid_ip_check(self):
self.assertIn('google-public-dns-a.google.com', data['other_names'])
self.assertIn('androidbia.info', data['bad_names'])

def test_dshield_ip_check(self):
self.assertIsNone(ub.dshield_ip_check('asdf'))
self.assertIsInstance(ub.dshield_ip_check('166.216.157.95'), dict)
data = ub.dshield_ip_check('8.8.8.8')
self.assertIn('google', data['ip']['asname'].lower())


if __name__ == '__main__':
unittest.main()
11 changes: 11 additions & 0 deletions utilitybelt.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -331,3 +331,14 @@ def urlvoid_ip_check(ip):
return_dict['other_names'].append(each.parent.text.strip())

return return_dict


def dshield_ip_check(ip):
"""Checks dshield for info on an IP address"""
if not is_IPv4Address(ip):
return None

headers = {'User-Agent': useragent}
url = 'https://isc.sans.edu/api/ip/'
response = requests.get('{0}{1}?json'.format(url, ip), headers=headers)
return response.json()

0 comments on commit e2ae74c

Please sign in to comment.