diff --git a/.gitignore b/.gitignore index 66fd13c..e8e9063 100644 --- a/.gitignore +++ b/.gitignore @@ -13,3 +13,6 @@ # Dependency directories (remove the comment below to include it) # vendor/ +.DS_Store +go.mod +build/go-scamalytics_macos_intel diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..ba6927b --- /dev/null +++ b/Makefile @@ -0,0 +1,33 @@ +APP_NAME=go-scamalytics +BUILD_DIR=build +SRC_FILES=*.go + +# Windows x86-64 +build_win64: + GOOS=windows GOARCH=amd64 go build -o $(BUILD_DIR)/$(APP_NAME)_win64.exe $(SRC_FILES) + +# Windows x86 +build_win32: + GOOS=windows GOARCH=386 go build -o $(BUILD_DIR)/$(APP_NAME)_win32.exe $(SRC_FILES) + +# Linux x86-64 +build_linux64: + GOOS=linux GOARCH=amd64 go build -o $(BUILD_DIR)/$(APP_NAME)_linux64 $(SRC_FILES) + +# Linux x86 +build_linux32: + GOOS=linux GOARCH=386 go build -o $(BUILD_DIR)/$(APP_NAME)_linux32 $(SRC_FILES) + +# macOS Intel +build_macos_intel: + GOOS=darwin GOARCH=amd64 go build -o $(BUILD_DIR)/$(APP_NAME)_macos_intel $(SRC_FILES) + +# macOS M1 +build_macos_arm: + GOOS=darwin GOARCH=arm64 go build -o $(BUILD_DIR)/$(APP_NAME)_macos_m1 $(SRC_FILES) + + +build_all: build_win64 build_win32 build_linux64 build_linux32 build_macos_intel build_macos_arm + +clean: + rm -rf $(BUILD_DIR) diff --git a/README.md b/README.md index 75502ea..e45fa85 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,33 @@ # go-scamalytics Check IP list on scamalytics.com exlude official API + +![Console output](https://raw.githubusercontent.com/Allespro/go-scamalytics/master/img/1.png) + + +![CVS output](https://raw.githubusercontent.com/Allespro/go-scamalytics/master/img/2.png) + +go-scamalytics is a command-line application that allows users to check the fraud score of a list of IP addresses using scamalytics.com. The application works by scraping data from the scamalytics.com website without using the official API, which allows users to perform this check for free. + +The app is designed for security professionals and developers who need to quickly check the fraud score of multiple IP addresses and generate a report in CSV format. The application is written in Go and can be compiled for multiple platforms, including Windows, Linux, and macOS. + +## Build +To install go-scamalytics, you will first need to clone the repository from GitHub and build them. + +``` +git clone https://github.com/Allespro/go-scamalytics +cd go-scamalytics +make +``` + +After running the make command, you can find the compiled binary files in the `build` directory within the project directory. These binary files can be executed directly on their respective platforms. + +## Usage +Once compiled, you can run the application from the command line. To see the available options, run `go-scamalytics --help`. + +``` +go-scamalytics -i inputFile.txt -o outputFile.csv -u useragents.txt +``` + +## License + +This project is licensed under the MIT License - see the file [LICENSE](https://github.com/Allespro/go-scamalytics/blob/main/LICENSE) for details. diff --git a/check_ip.txt b/check_ip.txt new file mode 100644 index 0000000..987df8d --- /dev/null +++ b/check_ip.txt @@ -0,0 +1,10 @@ +65.3.138.75 +12.134.112.46 +134.221.134.31 +181.236.134.173 +55.8.36.204 +167.144.204.155 +187.117.243.165 +40.93.80.10 +60.76.138.69 +130.170.56.72 \ No newline at end of file diff --git a/checked_ip.csv b/checked_ip.csv new file mode 100644 index 0000000..7a3598c --- /dev/null +++ b/checked_ip.csv @@ -0,0 +1,11 @@ +ip;score;risk +65.3.138.75;50;medium +12.134.112.46;30;medium +134.221.134.31;57;medium +181.236.134.173;29;medium +55.8.36.204;100;very high +167.144.204.155;0;low +187.117.243.165;13;low +40.93.80.10;17;low +60.76.138.69;54;medium +130.170.56.72;0;low \ No newline at end of file diff --git a/img/1.png b/img/1.png new file mode 100644 index 0000000..e54bfb3 Binary files /dev/null and b/img/1.png differ diff --git a/img/2.png b/img/2.png new file mode 100644 index 0000000..1c3ad2d Binary files /dev/null and b/img/2.png differ diff --git a/main.go b/main.go new file mode 100644 index 0000000..e18234e --- /dev/null +++ b/main.go @@ -0,0 +1,146 @@ +package main + +import ( + "bufio" + "encoding/json" + "flag" + "fmt" + "io/ioutil" + "math/rand" + "net/http" + "os" + "regexp" + "strings" +) + +func checkIP(ip, useragentsFile string) map[string]interface{} { + userAgents, err := ioutil.ReadFile(useragentsFile) + if err != nil { + fmt.Printf("Failed to read useragents file: %s\n", err.Error()) + os.Exit(1) + } + userAgentsList := strings.Split(string(userAgents), "\n") + userAgent := userAgentsList[rand.Intn(len(userAgentsList))] + url := fmt.Sprintf("https://scamalytics.com/ip/%s", ip) + req, err := http.NewRequest("GET", url, nil) + if err != nil { + fmt.Printf("Can`t init request: %s\n", err.Error()) + os.Exit(1) + } + req.Header.Set("User-Agent", userAgent) + req.Host = "scamalytics.com" + client := &http.Client{} + response, err := client.Do(req) + if err != nil { + fmt.Printf("Failed to get response from the server: %s\n", err.Error()) + os.Exit(1) + } + defer response.Body.Close() + if response.StatusCode != http.StatusOK { + fmt.Printf("Can't check IP %s - Response code: %d\n", ip, response.StatusCode) + return nil + } + fmt.Printf("Checking IP %s\n", ip) + body, err := ioutil.ReadAll(response.Body) + if err != nil { + fmt.Printf("Failed to read response body: %s\n", err.Error()) + os.Exit(1) + } + pattern := regexp.MustCompile(`(?s)]*>(.*?)<\/pre>`) + matches := pattern.FindStringSubmatch(string(body)) + if len(matches) != 2 { + fmt.Printf("Failed to find pattern in the response body\n") + os.Exit(1) + } + var data map[string]interface{} + if err := json.Unmarshal([]byte(matches[1]), &data); err != nil { + fmt.Printf("Failed to parse JSON response: %s\n", err.Error()) + os.Exit(1) + } + return data +} + +func addToCSV(filename string, ipInfo map[string]interface{}, delimiter string) { + file, err := os.OpenFile(filename, os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0666) + if err != nil { + fmt.Printf("Failed to open file %s: %s\n", filename, err.Error()) + os.Exit(1) + } + defer file.Close() + _, err = fmt.Fprintf(file, "%s%s%s%s%s\n", + ipInfo["ip"].(string), delimiter, + ipInfo["score"].(string), delimiter, + ipInfo["risk"].(string)) + if err != nil { + fmt.Printf("Failed to write to file %s: %s\n", filename, err.Error()) + os.Exit(1) + } +} + +func loadIPFile(filename string) []string { + var ipAddresses []string + file, err := os.Open(filename) + if err != nil { + fmt.Printf("Failed to open file %s: %s\n", filename, err.Error()) + os.Exit(1) + } + defer file.Close() + scanner := bufio.NewScanner(file) + for scanner.Scan() { + ipAddresses = append(ipAddresses, scanner.Text()) + } + if err := scanner.Err(); err != nil { + fmt.Printf("Failed to read file %s: %s\n", filename, err.Error()) + os.Exit(1) + } + return ipAddresses +} + +func main() { + banner := `:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +:::::::::::'###::::'##:::::'##:'########::'########::::::::::: +::::::::::'## ##::: ##:'##: ##:... ##..::'##. ##. ##:::::::::: +:::::::::'##:. ##:: ##: ##: ##:::: ##:::: ##: ##:..::::::::::: +::::::::'##:::. ##: ##: ##: ##:::: ##::::. ########::::::::::: +:::::::: #########: ##: ##: ##:::: ##:::::... ##. ##:::::::::: +:::::::: ##.... ##: ##: ##: ##:::: ##::::'##: ##: ##:::::::::: +:::::::: ##:::: ##:. ###. ###::::: ##::::. ########::::::::::: +::::::::..:::::..:::...::...::::::..::::::........:::::::::::: +: : +: Base Files: check_ip.txt / checked_ip.csv / useragents.txt : +: Version 0.1 : +: Check ip list on scamalytics.com exlude official API : +: : +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +` + fmt.Println(banner) + flag.Usage = func() { + fmt.Fprintf(os.Stderr, "Usage: %s [OPTIONS]\n\n", os.Args[0]) + fmt.Fprintln(os.Stderr, "Check IP list on scamalytics.com exlude official API") + fmt.Fprintln(os.Stderr, "Base Files: check_ip.txt / checked_ip.csv / useragents.txt") + fmt.Fprintln(os.Stderr, "\nOptions:") + flag.PrintDefaults() + } + + inputFile := flag.String("i", "check_ip.txt", "Input file") + outputFile := flag.String("o", "checked_ip.csv", "Output file") + useragentsFile := flag.String("u", "useragents.txt", "Useragents file (for html parsing)") + delimiter := flag.String("d", ";", "Delimiter for CSV") + + flag.Parse() + + if flag.NArg() > 0 { + flag.Usage() + os.Exit(1) + } + addToCSV(*outputFile, map[string]interface{}{"ip": "ip", "score": "score", "risk": "risk"}, *delimiter) + ips := loadIPFile(*inputFile) + for _, ip := range ips { + ipInfo := checkIP(ip, *useragentsFile) + if ipInfo != nil { + addToCSV(*outputFile, ipInfo, *delimiter) + } else { + return + } + } +} diff --git a/useragents.txt b/useragents.txt new file mode 100644 index 0000000..202ecd2 --- /dev/null +++ b/useragents.txt @@ -0,0 +1,33 @@ +Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 +Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 +Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36 +Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 +Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 +Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 +Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 +Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 +Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 +Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 +Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 +Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 +Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36 +Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 +Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.109 Safari/537.36 +Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 +Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.89 Safari/537.36 +Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.63 Safari/537.36 +Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 +Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 +Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.65 Safari/537.36 +Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36 +Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 +Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36 +Mozilla/5.0 (Windows NT 6.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 +Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 +Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 +Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.89 Safari/537.36 +Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 +Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 +Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36 +Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36 +Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.104 Safari/537.36 \ No newline at end of file