added ip rep fetch + bug fix

2026-01-07 22:56:01 +01:00
parent 190d74e1a7
commit 4f42b946f3
5 changed files with 69 additions and 33 deletions
--- a/src/analyzer.py
+++ b/src/analyzer.py
@@ -8,6 +8,9 @@ from datetime import datetime, timedelta
 import re
 from wordlists import get_wordlists
 from config import get_config
+import requests
+from sanitizer import sanitize_for_storage, sanitize_dict
+
 """
 Functions for user activity analysis
 """
@@ -228,6 +231,10 @@ class Analyzer:
                for name, pattern in wl.attack_urls.items():
                    if re.search(pattern, queried_path, re.IGNORECASE):
                        attack_urls_found_list.append(pattern)
+
+            #remove duplicates
+            attack_urls_found_list = set(attack_urls_found_list)
+            attack_urls_found_list = list(attack_urls_found_list)
            
            if len(attack_urls_found_list) > attack_urls_threshold:
                score["attacker"]["attack_url"] = True
@@ -281,3 +288,32 @@ class Analyzer:
        self._db_manager.update_ip_stats_analysis(ip, analyzed_metrics, category, category_scores, last_analysis)

        return 0
+
+    def update_ip_rep_infos(self, ip: str) -> list[str]:
+        api_url = "https://iprep.lcrawl.com/api/iprep/"
+        params = {
+            "cidr": ip
+        }
+        headers = {
+            "Content-Type": "application/json"
+        }
+
+        response = requests.get(api_url, headers=headers, params=params)
+        payload = response.json()
+
+        if payload["results"]:
+            data = payload["results"][0]
+
+            country_iso_code = data["geoip_data"]["country_iso_code"]
+            asn = data["geoip_data"]["asn_autonomous_system_number"]
+            asn_org = data["geoip_data"]["asn_autonomous_system_organization"]
+            list_on = data["list_on"]
+
+            sanitized_country_iso_code = sanitize_for_storage(country_iso_code, 3)
+            sanitized_asn = sanitize_for_storage(asn, 100)
+            sanitized_asn_org = sanitize_for_storage(asn_org, 100)
+            sanitized_list_on = sanitize_dict(list_on, 100000)
+            
+            self._db_manager.update_ip_rep_infos(ip, sanitized_country_iso_code, sanitized_asn, sanitized_asn_org, sanitized_list_on)
+        
+        return