Skip to content

tuckerweibell/malicious-ip-scaper

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits

.github/workflows

.github/workflows

 
 

data_collected

data_collected

 
 

.gitignore

.gitignore

 
 

Gemfile

Gemfile

 
 

Gemfile.lock

Gemfile.lock

 
 

README.md

README.md

 
 

abuseipdb_scrape.rb

abuseipdb_scrape.rb

 
 

firehol_abusers_scrape.rb

firehol_abusers_scrape.rb

 
 

firehol_anonymous_scrape.rb

firehol_anonymous_scrape.rb

 
 

firehol_level2_scrape.rb

firehol_level2_scrape.rb

 
 

firehol_level3_scrape.rb

firehol_level3_scrape.rb

 
 

firehol_webserver_scrape.rb

firehol_webserver_scrape.rb

 
 

scrape_all.sh

scrape_all.sh

 
 

Repository files navigation

badge

Malicious IP Scraper

This is a public IP scaper that may be used to compile large lists of known malicious IP addresses into CSV files. The scraper pulls the latest OSINT data from Firehol and AbuseIPDB and parses IP addresses and IP CIDR ranges into CSV lists that may be imported into SIEMs, EDR systems, or WAFs to detect or prevent malicious activity in your environment.

Get Started

  1. Clone repository.
  2. Install ruby on your host.
  3. Add executable permissions to the scrape_all.sh file.
  4. Execute the scrape_all.sh (on windows you will need “Windows Subsystem for Linux” to run .sh files)

Example

Assuming you have ruby installed and you are running on Linux or MacOs...

git clone git@github.com:tuckerweibell/malicious-ip-scaper.git

cd malicious-ip-scraper

chmod 777 scrape_all.sh

./scrape_all.sh

➜  malicious-ip-scaper git:(main) ✗ ./scrape_all.sh 
Pulled data from page=1 successfully.
Pulled data from page=2 successfully.
Pulled data from page=3 successfully.
...

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages