A script to check breached IPs against organizational CIDR ranges and IP lists. It processes input files recursively or specific files as defined by command-line arguments, sanitizes IPs, and outputs matched results to a JSON file.
- Recursively processes input files from predefined directories.
- Sanitizes and validates IP addresses (trims whitespace, removes ports).
- Matches IPs against CIDR ranges and IP lists.
- Outputs results to a JSON file in the specified output directory.
config.yaml
: Defines default directories and behavior for the script.breach_lists/
: Contains breach IP list files.org_cidr_lists/
: Contains organization CIDR list files.org_ip_lists/
: Contains organization IP list files.output/
: Stores the results JSON file (ignored by Git using.gitignore
).requirements.txt
: Lists required Python libraries for installation.
- Clone the repository:
git clone https://github.com/BadSamuraiDev/breach_check.git
- Navigate to the project directory:
cd your-repository
- Install dependencies:
pip install -r requirements.txt
- Edit
config.yaml
to customize input/output directories and behavior.
The script contains sample org files from the FortiNet Belsen Leak found on the repo by arsolutioner. These files can simply be removed and replaced with your own.
python breach_check.py [--breach_files FILE ...] [--cidr_files FILE ...] [--ip_files FILE ...] [--debug]
### Output Sample
```json
{
"in_cidr": [
"72.27.4.3",
"175.45.29.190"
],
"in_ip_list": [
"63.143.98.183",
"175.45.29.190"
]
}