~/greynoise-cli

greynoise-cli/src/args.rs -rw-r--r-- 3.22 kB
2a9ea282 — Arthur Melton works 2 years ago 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127

use clap::{Parser, Subcommand};

lazy_static! {
    pub static ref ARGS: Args = Args::parse(); 
}

/// A cli program to check ips
#[derive(Parser, Clone)]
#[command(author, version, about, long_about = None)]
pub struct Args {
    /// The ip that you want to check
    pub ip: String,
    
    /// The value you want to get
    #[command(subcommand)]
    pub command: Commands,
}

#[derive(Subcommand, Clone)]
pub enum Commands {
    /// How much noise do they make on the internet
    #[command(subcommand)]
    Noise(NoiseCommand),

    /// The person / company running the ip 
    #[command(subcommand)]
    Riot(RiotCommand),
}

#[derive(Subcommand, Clone)]
pub enum NoiseCommand {
    /// If they make noise on the internet
    Get,
    /// The first time they have been seen 
    FirstSeen,
    /// The last time they have been seen 
    LastSeen,
    /// Has greynoise seen the ip 
    Seen,
    /// What they are doing 
    Tags,
    /// If they finish the tcp handshake or if they use udp 
    Spoofable,
    /// What are they seen as 
    Classification,
    /// What CVEs do they try and exploit 
    Cve,
    /// If the ip is a bot 
    Bot,
    /// Is the ip a VPN 
    Vpn,
    /// What VPN service are they
    VpnService,
    /// Information about the ip
    #[command(subcommand)]
    Metadata(NoiseMetadata),
    /// Information about what they scan
    #[command(subcommand)]
    Scan(NoiseScan),
    /// Information about what they try and look for / get
    #[command(subcommand)]
    Web(NoiseWeb),
}

#[derive(Subcommand, Clone)]
pub enum NoiseMetadata {
    /// The ID of the matchine
    Asn,
    /// The city the IP lives in
    City,
    /// The country where the IP lives
    Country,
    /// The Country code that the IP lives in
    CountryCode,
    /// The organization that the ip is under
    Organization,
    /// The category for the ip or what it does
    Category,
    /// If the IP is involved with tor
    Tor,
    /// The reverse dns of the ip
    Rdns,
    /// The operating system the matchine is running
    Os,
    /// The countries that they target
    DestinationCountries,
    /// The countries that they target but the country codes
    DestinationCountryCodes,
}

#[derive(Subcommand, Clone)]
pub enum NoiseScan {
    /// Get all the ports that the ip scans
    GetPorts,
    /// Get all the protocols the ip uses
    GetProtocols,
    /// Get all the data
    GetAll,
}

#[derive(Subcommand, Clone)]
pub enum NoiseWeb {
    /// Get all the paths that the ip looks for
    GetPaths,
    /// Get all the useragents the ip uses
    GetUseragents,
}

#[derive(Subcommand, Clone)]
pub enum RiotCommand {
    /// Get what the ip is used for
    Category,
    /// The name of the company / person that operates the ip
    Name,
    /// The description of the company / person
    Description,
    /// The explanation of the category
    Explanation,
    /// The time that the Riot profile was last updated or varified
    LastUpdate,
    /// The url to there logo
    LogoUrl,
    /// The reference to where the information about the company was obtained
    Reference,
    /// How trustworthy is the company / person and if you can ignore there requests
    TrustLevel,
}