Forked from https://github.com/mikebanks/AbuseIPdbSCAN

AbuseIP DB Scanner

This is a python3 script that will parse any text file containg IP addresses and return relevant threat information using the AbuseIPDB API.

New Releases

Visit the Latest Releases page to download the python version or the windows binary version of the script.

Download and use binary

• Download the windows binary from the releases page

Important! The binary should work fine on Windows 10, in any other case you need to download Windows 10 Universal C Runtime

• Unzip the downloaded file to a folder of your choice (e.g C:\users\user\programs)
• Open windows terminal (windows key + R and type CMD)
• Change to the desired directory (cd \users\user\programs)

Optional: You can add the directory to your PATH environment variable or copy the script inside C:\Windows\System32\ directory in order for it to be available to you at any time while on the terminal.

• Run the script with abuseipdb
• You will be prompted to enter your api key Please enter your abuseipdb.com API key here: 1234567
• The key is stored in registry and you can change it at any time using the -a switch
• To properly use the program you need to have a text file (e.g alerts.log) that contains IP addresses in any form. The file is parsed and all non-local IP addresses are extracted and deduplicated. In order to execute the script just type: abuseipdb -f {FileWithIPs} e.g. abuseipdb -f alert.log

Optional: To save to a file you can apend > {filename} after the command e.g abuseipdb -f alert.log > ThreatReport.txt

• Specify the number of days you wish to search and display alerts for by using the -d or –days switch. e.g. abuseipdb -f myip.txt -d 60

  • Accepted range is 1 to 365
  • If no switch is specified the script uses a default value of 30
  • Contains a really simple failsafe so the script won’t break, really helps with the binary version

• To get help type abuseipdb -h

Setup and Usage with python

Setup

• Python3 (2.7 may have errors)
• Requests

  pip3 install Requests
  

• Requests[security]

  pip3 install requests[security]
  

Usage:

In order to use the script you will need an API key. The API key is stored in a file my.api in the same directory as the script. In order for the script to work make sure you edit the file my.api and enter your API Key. API key information can be found here: (https://www.abuseipdb.com/api.html)

To use type:

python3 abuseipdb.py -f file_to_parse.txt

The options are as follows:

-t      outputs items in tab seperated values (Default)

-c      outputs items in comma seperated values

-d      specifies number of days

Setup and use with PIPENV

Setup PIPENV and AbuseIP-db-scanner

• Requirements
  • Python3
  • Pipenv (install with pip install pipenv)
  • Requests

cd ~
git clone https://github.com/louigigr/AbuseIP-db-scanner.git
cd AbuseIP-db-scanner
pipenv install --python 3.6
pipenv shell
pipenv install requests

Usage

To use type:

python abuseipdb.py

Troubleshooting

• If you are receiving errors, please look at the Issues queue and see if there is already an issue open.

• If you have a unique issue, please create a new Issue, and include the output of your terminal from the bootstrap script down until the error.