0.1.6 • Published 4 months ago

abuse-reporter v0.1.6

Weekly downloads
-
License
MIT
Repository
gitlab
Last release
4 months ago

Reporter: Automated AbuseIPDB Reporter

Overview

Reporter is an automated Node.js script that detects, analyzes, and reports abusive IPs to AbuseIPDB. It integrates with ProxyCheck.io to gather additional IP details, making it a powerful tool for system administrators, security teams, and webmasters.

Features

  • 📌 Retrieve IP Data from ProxyCheck.io
  • 🚨 Submit IP Abuse Reports (Individual & Bulk) to AbuseIPDB
  • 📊 Fetch Latest Blacklist Data for Threat Intelligence
  • 📝 CSV-Based Bulk Reporting for Large-Scale Operations
  • 🏴 Test Mode to Preview Reports Before Sending
  • 💡 Supports Multiple Report Categories (DDoS, Brute-force, Phishing, etc.)

Installation

Prerequisites

  • Node.js (v14 or higher)
  • AbuseIPDB API Key (Get one at AbuseIPDB)

Setup

Clone the repository and install dependencies:

git clone https://github.com/a4to/reporter.git
cd reporter
npm install

Set up the API key:

export AbuselPDB_API_KEY="your_api_key_here"

Set up the base comment for report:

  • Edit the base_comment.txt file in the directory to reflect the nature of reports.
  • ${ip} is the latent variable of the ip in question

Usage

1. Check an IP:

reporter 192.168.1.1

2. Report a Single IP:

reporter -r 192.168.1.1
#reporter --report 192.168.1.1

3. Report Multiple IPs from a File:

reporter -r file.txt
#reporter --reporter file.txt

Each line in file.txt should contain one IP address.

4. Fetch the Latest Blacklist:

reporter -b
# reporter --blacklist

5. Test Mode (No Actual Reports Sent) - used to preview the report comment and category ids

reporter -r -t 192.168.1.1
# reporter --report --test 192.168.1.1

Categories for Reports

  • DNS Compromise | category: 1
  • DNS Poisoning | category: 2
  • Fraud Orders | category: 3
  • DDoS Attack | category: 4
  • FTP Brute-Force | category: 5
  • Ping of Death | category: 6
  • Phishing | category: 7
  • Fraud VoIP | category: 8
  • Open Proxy | category: 9
  • Web Spam | category: 10
  • Email Spam | category: 11
  • Blog Spam | category: 12
  • VPN IP | category: 13
  • Port Scan | category: 14
  • Hacking | category: 15
  • SQL Injection | category: 16
  • Spoofing | category: 17
  • Brute-Force | category: 18
  • Bad Web Bot | category: 19
  • Exploited Host | category: 20
  • Web App Attack | category: 21
  • SSH | category: 22
  • IoT Targeted | category: 23

Output Files

  • Blacklist Data: blacklist.json
  • Bulk Reports: CSV files stored in /reports/
  • Individual Reports: Displayed in Console

Contributing

Feel free to contribute via pull requests.

License

MIT License

fspathpromptsabuseipdb-client
0.1.6

4 months ago

0.1.5

4 months ago

0.1.4

4 months ago