Project

tornados

0.0
No release in over a year
tornadosatilla777/tornadosHomepageDocumentationSource CodeBug TrackerWiki
Gem and cli for get tor exit nodes IP list with geoip enrichment.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
1,938
Stars
3
Forks
0
Watchers
2
 Releases
Current version
0.1.1
Total releases
2
First release
2022-04-03
Latest release
2022-04-04
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2022-04-03
Reverse Dependencies
0

 Dependencies

Development

pry
>= 0
rake
~> 13.0
rspec
~> 3.0
rubocop
~> 1.21

Runtime

faraday
~> 2.2.0
maxmind-geoip2
~> 1.1.0
 Project Readme

Tornados

Tornados is a library and cli tool to automate downloading tor exit nodes list and enrich this list by geo ip info. For Tor exit nodes list this source is used. For enrichment GeoLite2 Free Geolocation Data is used.

Cli tool

When tornados used as cli tool it download ip addresses into memory, then download ip geolocation base and save it as GeoLite2-Country.mmdb into current directory.

Finally it create in current directory csv file tor_exit_nodes_list.csv where first column is a tor exit node ip address, second column is a country ISO code (RU for example) and third column is country name string.

To install

gem install tornados

To use (-k - is a MaxMind secret key):

tornados -k key

or (MaxMind keys as environmet variable and -i key define what country nodes to include into result):

GEO_API_DATABASE_LICENSE_KEY=key tornados -i RU

After this, tor_exit_nodes_list.csv will be created in current directory.

You can use this file in SIEM, for example, to detection malicious network traffic. To display help info:

tornados -h

Library

For use tornados in your ruby application: add to Gemfile

gem "tronados"

in code

require "tornados"

Now you can use tornado services (see below).

Tornados::NodesFetcher

Tornados::NodesFetcher.call

returns array of arrays whith next format [[ip address 1], [ip address 2] ... [ip address N]]

Tornados::MaxDbFetcher

Tornados::MaxDbFetcher.call(key)

download to disk max db file and return path to it

Tornados::GeoEnrich

Tornados::GeoEnrich.call(tor_exit_nodes, geobase_file_path)

add to ip array, two columns with geo ip info [[ip address 1, ISO code, country name], ...]

Tornados::CsvFormater

Tornados::CsvFormater.call(enriched_tor_exit_nodes)

create csv string from ip list array

Tornados::FileWriter

Tornados::FileWriter.call(csv_enriched_tor_exit_nodes, result_file)

write csv file to disk

Development

After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and the created tag, and push the .gem file to rubygems.org.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/tornado.

License

The gem is available as open source under the terms of the MIT License.