In hrbrmstr/netintel: Various network intelligence routines
Version 1.2 adds the Zeus and Nothink blocklists
Version 1.1 brings a significant update to the core components of the netinel package. Every function has been re-written to be as fast as possible without resorting to Rcpp functions. The intent of the package is to provide as many IP & ASN intelligence routines to those using R for Security Data Science and security intel/ops/IR work.
It relies on httr, plyr & data.table.
Current function list:
Alien.Vault.Reputation - Retrieves Alien Vault's IP reputation databaseBulkOrigin - Retrieves BGP Origin ASN info for a list of IPv4 addressesBulkOriginASN - Retrieves BGP Origin ASN info for a list of ASN idsBulkPeer - Retrieves BGP Peer ASN info for a list of IPv4 addressesCIRCL.BGP.Rank - Retrieves CIRCL aggregated, historical/current BGP rank dataSANS.ASN.Detail - Retrieves SANS ASN intel currently tracked IP detailZeus.Blocklist - Retrieves Zeus Blocklist (IP/FQDN/URL)Nothink.Blocklist - Retrieves Nothink Malware DNS network traffic blacklist (IP/FQDN)
Installation
devtools::install_github("hrbrmstr/netintel")
library(netintel)
Usage
library(netintel)
# current verison
packageVersion("netintel")
# Bulk stuff
BulkOrigin("162.243.111.4")
BulkOriginASN(62567)
BulkPeer("162.243.111.4")
# CIRCL
head(CIRCL.BGP.Rank(62567))
# SANS was flaky so no example
# SANS.ASN.Detail(62567)
# AlienVault
head(Alien.Vault.Reputation())
# Zeus
str(Zeus.Blocklist())
# Nothink
str(Nothink.Blocklist())
Test Results
library(netintel)
library(testthat)
date()
test_dir("tests/")
hrbrmstr/netintel documentation built on May 17, 2019, 5:11 p.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Version 1.2 adds the Zeus and Nothink blocklists
Version 1.1 brings a significant update to the core components of the netinel package. Every function has been re-written to be as fast as possible without resorting to Rcpp functions. The intent of the package is to provide as many IP & ASN intelligence routines to those using R for Security Data Science and security intel/ops/IR work.
It relies on httr, plyr & data.table.
Current function list:
Alien.Vault.Reputation- Retrieves Alien Vault's IP reputation databaseBulkOrigin- Retrieves BGP Origin ASN info for a list of IPv4 addressesBulkOriginASN- Retrieves BGP Origin ASN info for a list of ASN idsBulkPeer- Retrieves BGP Peer ASN info for a list of IPv4 addressesCIRCL.BGP.Rank- Retrieves CIRCL aggregated, historical/current BGP rank dataSANS.ASN.Detail- Retrieves SANS ASN intel currently tracked IP detailZeus.Blocklist- Retrieves Zeus Blocklist (IP/FQDN/URL)Nothink.Blocklist- Retrieves Nothink Malware DNS network traffic blacklist (IP/FQDN)
Installation
devtools::install_github("hrbrmstr/netintel") library(netintel)
Usage
library(netintel) # current verison packageVersion("netintel") # Bulk stuff BulkOrigin("162.243.111.4") BulkOriginASN(62567) BulkPeer("162.243.111.4") # CIRCL head(CIRCL.BGP.Rank(62567)) # SANS was flaky so no example # SANS.ASN.Detail(62567) # AlienVault head(Alien.Vault.Reputation()) # Zeus str(Zeus.Blocklist()) # Nothink str(Nothink.Blocklist())
Test Results
library(netintel) library(testthat) date() test_dir("tests/")
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.