Version 1.2 adds the Zeus and Nothink blocklists
Version 1.1 brings a significant update to the core components of the netinel
package. Every function has been re-written to be as fast as possible without resorting to Rcpp
functions. The intent of the package is to provide as many IP & ASN intelligence routines to those using R for Security Data Science and security intel/ops/IR work.
It relies on httr
, plyr
& data.table
.
Current function list:
Alien.Vault.Reputation
- Retrieves Alien Vault's IP reputation databaseBulkOrigin
- Retrieves BGP Origin ASN info for a list of IPv4 addressesBulkOriginASN
- Retrieves BGP Origin ASN info for a list of ASN idsBulkPeer
- Retrieves BGP Peer ASN info for a list of IPv4 addressesCIRCL.BGP.Rank
- Retrieves CIRCL aggregated, historical/current BGP rank dataSANS.ASN.Detail
- Retrieves SANS ASN intel currently tracked IP detailZeus.Blocklist
- Retrieves Zeus Blocklist (IP/FQDN/URL)Nothink.Blocklist
- Retrieves Nothink Malware DNS network traffic blacklist (IP/FQDN)devtools::install_github("hrbrmstr/netintel") library(netintel)
library(netintel) # current verison packageVersion("netintel") # Bulk stuff BulkOrigin("162.243.111.4") BulkOriginASN(62567) BulkPeer("162.243.111.4") # CIRCL head(CIRCL.BGP.Rank(62567)) # SANS was flaky so no example # SANS.ASN.Detail(62567) # AlienVault head(Alien.Vault.Reputation()) # Zeus str(Zeus.Blocklist()) # Nothink str(Nothink.Blocklist())
library(netintel) library(testthat) date() test_dir("tests/")
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.