A Python 3 script to monitor your IP for malicious domains/URL.
Script uses VT API to do the IP lookups and PDNS. Notification is sent via Slack.
Scripts require following modules to function.
- requests
- python-decouple
There are three ways to run this script.
- Run directly on host
- Run in a docker container
- Run using tasker
Install all dependencies using following command.
python3 pip install -r requirements.txtRename file .env.example to .env (under src).
Populate enviroment variables memntioned in .env
Navigate to src and execute the script as follow.
python3 VT_IP_Monitor.pySchedule the script execution using cron. Edit crontab file using command crontab -e and add following line at the end of the file.
0 */12 * * * python3 <path_to_src>/src/VT_IP_Monitor.py
This runs the script every 1 hour.
To periodically check for popular downloads, schedule the script using cron.
Pull the latest docker image from Docker Hub using following command.
docker pull hibare/vt_ip_monitorAlternatively, you can build the docker image using following command.
docker build --rm -t vt_ip_monitor . --no-cacheCreate following file.
- env
Populate the first file (env) with following values.
VT_API_KEY=<YOUR_VALUE>
IP_TO_MONITOR=<YOUR_VALUE>
VT_ENDPOINT=<YOUR_VALUE>
VT_LOCAL_SETTINGS_FILE=<YOUR_VALUE>
SLACK_ENDPOINT=<YOUR_VALUE>
PRESENT_RESOLUTIONS=<YOUR_VALUE>
Run the container using following command.
docker run -d -v $PWD/.env:/app/.env hibare/vt_ip_monitor:latesttasker is a docker image to schedule the execution of the containers. Its kind of cron for docker container execution.
Rename file .env.example to .env (under src).
Populate enviroment variables memntioned in .env
Replace <absolute path to src> with absolute path to the src directory in file docker-compose.yml.
Start stack using following command.
docker-compose up❗ All cron jobs are scheduled to run every 1 hour.