README
¶
abuseipdb client
Package abuseipdb provides a client for the AbuseIPDB API. It is required to have an API key to use the API.
See https://www.abuseipdb.com/api.html.
Installation
go get cgt.name/pkg/abuseipdb
License
Copyright Christoffer G. Thomsen 2016
Distributed under the Boost Software License, Version 1.0.
(See accompanying file LICENSE or copy at http://www.boost.org/LICENSE_1_0.txt)
Documentation
¶
Overview ¶
Package abuseipdb provides a client for the AbuseIPDB API. See https://www.abuseipdb.com.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var DefaultUserAgent = "go-abuseipdb-client/1.0 (+https://cgt.name/pkg/abuseipdb)"
Functions ¶
This section is empty.
Types ¶
type Category ¶
type Category int16
Category represents an AbuseIPDB attack category. See https://www.abuseipdb.com/categories
const ( // Fraudulent orders. CategoryFraudOrder Category = 3 // Participating in distributed denial-of-service (usually part of botnet). CategoryDDoSAttack Category = 4 // Open proxy, open relay, or Tor exit node. CategoryOpenProxy Category = 9 // Comment/forum spam, HTTP referer spam, or other CMS spam. CategoryWebSpam Category = 10 // Spam email content, infected attachments, phishing emails, and spoofed // senders (typically via exploited host or SMTP server abuse). // Note: Limit comments to only relevent information (instead of log dumps) // and be sure to remove PII if you want to remain anonymous. CategoryEmailSpam Category = 11 // Scanning for open ports and vulnerable services. CategoryPortScan Category = 14 // Credential brute-force attacks on webpage logins and services like SSH, // FTP, SIP, SMTP, RDP, etc. This category is seperate from DDoS attacks. CategoryBruteForce Category = 18 // Webpage scraping (for email addresses, content, etc) and crawlers that // do not honor robots.txt. // Excessive requests and user agent spoofing can also be reported here. CategoryBadWebBot Category = 19 // Host is likely infected with malware and being used for other attacks or // to host malicious content. // The host owner may not be aware of the compromise. // This category is often used in combination with other attack categories. CategoryExploitedHost Category = 20 // Attempts to probe for or exploit installed web applications such as a CMS // like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin // and various other software plugins/solutions. CategoryWebAppAttack Category = 21 // Secure Shell (SSH) abuse. // Use this category in combination with more specific categories. CategorySSH Category = 22 // Abuse was targeted at an "Internet of Things" type device. // Include information about what type of device was targeted in the comments. CategoryIoTTargeted Category = 23 )
type Client ¶
type Client struct {
APIKey string
// contains filtered or unexported fields
}
Client is an AbuseIPDB client. Use NewClient() to instantiate.
func (*Client) Check ¶
Check queries AbuseIPDB for reports of an IP address. Check uses the default days limit chosen by the API.
type Report ¶
type Report struct {
IP string `json:"ip"`
Categories []Category `json:"category"`
Country string `json:"country,omitempty"`
ISOCode string `json:"isoCode,omitempty"`
Created time.Time `json:"created,omitempty"`
Comment string `json:"comment,omitempty"`
}
Report is an AbuseIPDB report of an IP address. Report is used both for submitting and receiving reports, but not all fields are used in both cases. Country, ISOCode, and Created are only used when receiving reports. Comment is only used when submitting reports. Other fields are always valid.
func (*Report) UnmarshalJSON ¶
UnmarshalJSON implements the json.Unmarshaler inteface. A custom implementation is necessary because the standard Unmarshaler for time.Time expects RFC3339 format and the AbuseIPDB API uses RFC1123Z format.
type RequestError ¶
func (RequestError) Error ¶
func (e RequestError) Error() string
Source Files