Skip to content
/ iprecon Public

CLI tool that retrieves WHOIS data for IP addresses

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DominicBreuker/iprecon

BranchesTags

Repository files navigation

iprecon

InstallationUsageAcknowledgements

iprecon is a small CLI tool you can use to get WHOIS data for IP addresses which a focus on determining IP ownership. Accepts lists of IPs from files or piped via stdin and outputs in different formats (textual table, CSV or JSON). Output per IP is concise and kept to a single line for easy grepping and quick visual inspection.

Installation

Run pip install iprecon to get it from PyPI. Then run iprecon --help to see if it worked.

Alternatively, clone and install requirements from requirements.txt (virtual environment highly recommended).

Usage

To run iprecon you have to give it a list of IP addresses to check. It expects simple lists with one IP per file. Do it in two ways:

  • from file: iprecon --from-file /path/to/ips.txt
  • piped from stdin: cat /path/to/ips.txt | iprecon

You can output to different formats:

  • iprecon -o text: outputs an ASCII table (terminal)
  • iprecon -o csv: outputs a CSV file
  • iprecon -o json: outputs a JSON file

Output is always printed to stdout. Redirect to a file if required (e.g., iprecon -o json > out.json to store a JSON file).

Errors are ignored silently, e.g., if IPs have invalid formats or are private. To see errors on stderr, request verbose output with iprecon -v.

WHOIS data can be requested in different ways. Generally speaking, there is the legacy WHOIS protocol which is text-based and difficult to parse. There is also RDAP, which is an HTTP-based protocol returning structured data. See here for more information. By default, iprecon uses RDAP but if for any reason you get nonsense try if iprecon --request-method whois works better.

The tool is not fast and you may have to wait long when IP lists are large. Try iprecon --request-method rdap-bulk in those cases, which tries to speed up but as much as possible but you may get banned. There is also a delay because of setup so it will actually be slower on small lists. You will also not get any intermediate output. All results are shown at the end.

Acknowledgements

iprecon is nothing more than a tiny wrapper around github.com/secynic/ipwhois, which is the library actually doing all the work. Think of it as a command line interface to the library. It has nice documentation you should read if you want to know what is actually going on.

About

CLI tool that retrieves WHOIS data for IP addresses

Topics

security whois ip bug-bounty recon

Resources

Readme
Activity

Stars

3 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages