Awesome-Mirrors/cyber-security-resources
1
0
Fork 0
mirror of https://github.com/The-Art-of-Hacking/h4cker.git synced 2024-10-01 01:25:43 -04:00
Code Issues Packages Projects Releases Wiki Activity

Create find_malicious_ip.py

Browse Source
This commit is contained in:
Omar Santos 2023-08-20 15:15:23 -04:00 committed by GitHub
parent eb02e336c2
commit 90aac169a6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
threat_hunting/find_malicious_ip.py Normal file
View File

@ -0,0 +1,23 @@
import re
# Define a list of known malicious IPs
malicious_ips = ['192.168.1.10', '10.0.0.5']
# Function to search through a log file
def search_log(file_path):
with open(file_path, 'r') as file:
logs = file.readlines()
for log in logs:
# Extract IP using regex (assuming a standard Apache log format)
ip = re.findall(r'\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b', log)
# Check if the IP exists in the malicious IPs list
if ip and ip[0] in malicious_ips:
print(f"Potential threat found! IP address {ip[0]} found in log.")
# Path to the log file
log_file_path = 'path/to/your/logfile.log'
# Start the search
search_log(log_file_path)