Research and Development

At the outset of an external infrastructure test it’s often useful to ensure that the addresses you’re testing are correct, and actually owned by the client. Failure to do so can result in an awkward situation, and one we here at Portcullis Labs would like to avoid wherever possible. With this in mind, we’ve learned to whois… like a boss.

Key features

This handy little python 2 script does whois lookups on the IP addresses given in a file (one per line), and will give you the range and owner of each of the addresses (with duplicates removed) so you can spot anything that looks fishy before you start testing*.

Usage and example

IP address file:

8.8.8.8
8.8.8.9
4.4.2.2

And to run:

$ python2 whoislikeaboss.py ips
8.0.0.0 - 8.255.255.255 Level 3 Communications, Inc.
4.0.0.0 - 4.255.255.255 Level 3 Communications, Inc.

Simples!

*- Common sense not included.


Request to be added to the Portcullis Labs newsletter

We will email you whenever a new tool, or post is added to the site.

Your Name (required)

Your Email (required)