-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathREADME.Rmd
66 lines (44 loc) · 1.14 KB
/
README.Rmd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
---
output: rmarkdown::github_document
---
```{r include=FALSE}
knitr::opts_chunk$set(message=FALSE, warning=FALSE, error=FALSE)
options(width=120)
```
# greynoise
Query 'GreyNoise Intelligence 'API'
## Description
Tools are provided to query the 'GreyNoise Intelligence 'API'.
GreyNoise has a web site but there's nothing there at the moment: <http://greynoise.io/>
## What's Inside The Tin
- `gn_list_tags`: List GreyNoise Intelligence Tags
- `gn_query_by_ip`: Query all tags associated with a given IP address
- `gn_query_by_tag`: Query all IPs that have a given tag
The following functions are implemented:
## Installation
```{r eval=FALSE}
devtools::install_github("hrbrmstr/greynoise")
```
## Usage
```{r}
library(greynoise)
library(tidyverse)
# current verison
packageVersion("greynoise")
```
### List tags
```{r}
gn_list_tags()
```
### Query by a specific tag
Let's look for who scans for DNS endpoints
```{r}
(dns <- gn_query_by_tag("DNS_SCANNER_HIGH"))
glimpse(dns)
```
### Query by IP
We'll use fie first 5 IP addresses found in the previous query results.
```{r}
(what_else <- map_df(dns$ip[1:5], gn_query_by_ip))
glimpse(what_else)
```