Snup是一个python包,用于根据黑洞列表和DNS服务检查ip、哈希、电子邮件、域或url。
snub的Python项目详细描述
怠慢
Snub是一个python包,使用户能够通过CLI或flaskapi检索给定的IP、哈希、电子邮件、域或URL是否在黑洞列表中。您可以指定是检查上面的某个指示器是在基于文本的列表上还是在DNSBL列表上。或者,您可以指定自己的静态(已知错误)指示器。在
如果克隆此存储库,还可以使用提供的docker-compose.yml文件来利用围绕Snub构建的API。在
安装
Python包或CLI工具
要将Snub
用作项目中的Python包或CLI工具,可以通过pip
或pip3
安装它。在
pip3 install snub
烧瓶API
为了使用提供的Flask API,您需要克隆此存储库并构建映像:
^{pr2}$使用Python包或CLI
一旦使用pip或从存储库安装了Snub
,就可以在项目中导入Python包:
fromsnubimportSnubsnub=Snub()# You can check an indicator against all or a specific snubbed list# By default snub checks all lists for the given indicatorsnub.check('10.103.79.86')# To select to use a specific list provide one of the following value set to `True` or any combination of the following.snub.check('10.103.79.86',text_list=True,dns_list=True,static_list=True)# Snub also includes another python package called Hopper (https://github.com/MSAdministrator/hopper).# By using the `analyze` method within Snub you can pass in a email message raw string header and get information about the received from hops as well as whether they are on any of Snubs listssnub.analyze('''Delivered-To: money@capitalism.comReceived: by 10.129.52.209 with SMTP id b200csp1430876ywa; Tue, 10 Oct 2017 01:17:02 -0700 (PDT)X-Received: by 10.31.153.20 with SMTP id b20mr6116862vke.110.1507623422746; Tue, 10 Oct 2017 01:17:02 -0700 (PDT)Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id b31sor1345013uaa.124.2017.10.10.01.17.02 for <money@capitalism.com> (Google Transport Security); Tue, 10 Oct 2017 01:17:02 -0700 (PDT)Received-SPF: pass (google.com: domain of bags@test_email.ua.edu designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65;X-Received: by 10.176.85.196 with SMTP id w4mr6874179uaa.75.1507623422198; Tue, 10 Oct 2017 01:17:02 -0700 (PDT)MIME-Version: 1.0Received: by 10.103.79.86 with HTTP; Tue, 10 Oct 2017 01:17:01 -0700 (PDT)From: Mr. Money Bags <bags@moneyrules.com>Date: Tue, 10 Oct 2017 01:17:01 -0700Subject:To: money@capitalism.com;Content-Type: text/plain; charset="UTF-8"Bcc: satan@wallstreet.comA business opportunity awaits''')# You can provide any of the same lists types as optional paramters. By default it will search all from and receivedBy indicators against all lists.
构建Docker映像
首先需要构建Docker映像:
docker build --force-rm -t snub .
运行Docker映像
您可以用几种不同的方式运行docker映像:
运行CLI工具
如果在Docker内部运行CLI工具,则可以使用要搜索黑洞或基于DNS的列表的值运行容器:
docker run -t -i -p 5000:5000 snub {SOME_VALUE_HERE}
例如:
docker run -t -i -p 5000:5000 snub tfvai.marketer.mobi
运行API
如果要运行API,则只需发出要搜索的值:
NOTE:现在必须使用docker compose直接公开api
docker-compose up
如果您更改了定义的列表(yml文件)文件,则必须重新生成docker compose:
docker-compose build
然后运行docker compose:
docker-compose up
API端点
有几个新的API端点可用:
搜索所有被拒绝的列表
要搜索所有被拒绝的列表,请导航到您的浏览器:
http://0.0.0.0:5000/snub/search/{SOME_VALUE_HERE}
搜索基于文本的缓冲列表
要只搜索基于文本的缓冲列表,请导航到您的浏览器:
http://0.0.0.0:5000/snub/blackhole/{SOME_VALUE_HERE}
仅搜索基于DNS的列表
要搜索DNS黑洞列表,请导航到您的浏览器:
http://0.0.0.0:5000/snub/dns/{SOME_VALUE_HERE}
只搜索文本.static.yml
要只搜索静态列表,请导航到浏览器:
http://0.0.0.0:5000/snub/static/{SOME_VALUE_HERE}
这将返回找到的有关您正在搜索的值的任何信息。在
- 项目
标签: