Query GreyNoise Intelligence API in Python
Because really who wants to write the 3 lines of python when you could just write 2...
Inspired heavily by @hrbrmstr R package of the same name. https://github.com/hrbrmstr/greynoise
Provides interface to 3 main queries currently supported by GreyNoise Intelligence API. http://greynoise.io/
The following functions are implemented:
list_tags(): List GreyNoise Intelligence Tagsquery_tags(): Query all tags associated with a given IP addressquery_ip(): Query all IPs that have a given tag
Additional Features include:
to_dataframe(): Put results into a Pandas DataFramemost_common(): Find the N most common entities in a columnplot_most_common(): Plot most common entitiesplot_time_series(): Plot time series offirst_seenmetadata
pip install -r requirements.txt
pip install .import greynoise
greynoise.list_tags() ['VNC_SCANNER_HIGH',
'PING_SCANNER_LOW',
'COBALT_STRIKE_SCANNER_HIGH',
'JBOSS_WORM',
'NETIS_ROUTER_ADMIN_SCANNER_LOW',
'GOOGLEBOT',
'SNMP_SCANNER_LOW',
'PYCURL_HTTP_CLIENT',
'ROUTER_RPC_SCANNER_HIGH',
'TELNET_SCANNER_HIGH',
'MONGODB_SCANNER_HIGH',
'WEB_SCANNER_HIGH',
'NTP_SCANNER_LOW',
'ZMAP_CLIENT',
'DNS_SCANNER_HIGH',
'HTTP_ALT_SCANNER_HIGH',
'PINGDOM',
'COUNTERSTRIKE_SERVER_SCANNER_LOW',
'IPIP',
'MSSQL_SCANNER_LOW',
'...']