Bulk WHOIS search
Project description
Installation
Depending on if you want only this tool, the full set of PNU tools, or PNU plus a selection of additional third-parties tools, use one of these commands:
pip install pnu-wis
pip install PNU
pip install pytnix
:warning: This tool is not yet included in the PNU and pytnix distributions
WIS(1)
NAME
wis - Bulk WHOIS Search
SYNOPSIS
wis
[-1|--first]
[-c|--case]
[-d|--dirname DIR]
[-e|--exclude FILE]
[-f|--filename FILE]
[-i|--inet4]
[-I|--inet6]
[-r|--range]
[-s|--summary]
[-S|--summaryonly]
[--debug]
[--help|-?]
[--version]
[--]
KEYWORD
[...]
DESCRIPTION
The wis utility searches for keyword(s) within bulk WHOIS database(s).
Beside saving multiple WHOIS queries, using pre-downloaded bulk WHOIS databases enables to do plain text searches on all the WHOIS records.
You can either select one specific database (in plain text or gzipped format) using the -f|--filename FILE option, or/and a directory containing all your databases using the -d|--dirname DIR option.
Use the -c|--case option to make your searches case sensitive.
Use the -e|--exclude FILE option to provide a one-excluded-case-insensitive-keyword-per-line file to filter out matching records.
You'll then obtain a list of records matching at least one of your keywords, and not matching any of the excluded keywords.
If you use the -1|--first option, you'll instead only obtain the first line of each matching record.
If you use the -i|--inet4 and/or -I|--inet6 option(s), you'll instead obtain only matching inetnum or inet6num records reformatted as a pipe-separated-values of networks:
starting IP address|ending IP Address|netname|descr|org|country
If you add the -r|--range option to the last ones, you'll instead obtain only matching inetnum or inet6num records reformatted as a pipe-separated-values of hosts:
IP address|type|subnet|netname|descr|org|country
Where type is either "Network" for the first address in a subnet, "Broadcast" for the last address in a subnet or "IP address" for the rest.
If you use the *-s|--summary" option, you'll get a summary of the record types found (from the first line of each matching record, before the colon).
If you use the -S|--summaryonly option you'll only get that.
OPTIONS
Options | Use |
---|---|
-1|--first | Show only the first line of each matching record |
-c|--case | Make searches case sensitive |
-d|--dirname DIR | Use databases from the DIR directory name |
-e|--exclude FILE | Exclude words from the FILE file name |
-f|--filename FILE | Use database from the FILE file name |
-i|--inet4 | Show only reformatted inetnum records |
-I|--inet6 | Show only reformatted inet6num records |
-r|--range | Show expanded inet(6)num ranges |
-s|--summary | Show a summary of the type of matching records |
-S|--summaryonly | Show only a summary of the type of matching records |
--debug | Enable debug mode |
--help|-? | Print usage and a short help message and exit |
--version | Print version and exit |
-- | Options processing terminator |
ENVIRONMENT
The WIS_DEBUG environment variable can also be set to any value to enable debug mode.
FILES
The wis utility uses bulk WHOIS databases downloaded from the main Regional Internet Registries (RIR) and National Internet Registries (NIR).
The provided "fetch-db-WHOIS.sh" script can be used for doing this.
You can also use bulk RR (Routing Registries) databases, that you can download with the provided "fetch-db-RR.sh" script.
Be sure to read the databases respective terms of use before!
EXIT STATUS
The wis utility exits 0 on success, and >0 if an error occurs.
EXAMPLES
Assuming that you have installed the available bulk WHOIS databases (in gzipped format) in a directory named "db", and that you made a one-excluded-keyword-per-line file named "excluded.txt", use the following commands:
- to extract full WHOIS information about matching blocks:
wis -d db -e excluded.txt keyword1 keyword2 keyword3
- to extract only the first line of WHOIS information about matching blocks:
wis -d db -e excluded.txt -1 keyword1 keyword2 keyword3
- to extract an IPv4 network summary about matching blocks:
wis -d db -e excluded.txt -i keyword1 keyword2 keyword3
- to extract an IPv4 host summary about matching blocks:
wis -d db -e excluded.txt -ir keyword1 keyword2 keyword3
- to analyze a database record types:
wis -f database_name.db.gz -S
SEE ALSO
STANDARDS
The wis utility is not a standard UNIX command.
This implementation tries to follow the PEP 8 style guide for Python code.
PORTABILITY
To be tested under Windows.
HISTORY
This implementation was made for the PNU project.
Its first use case was to identify all my company's IP addresses ranges through the world, helping to secure our networks and identify shadow IT...
The initial name of the command was "AS Search", but the resulting short form seemed problematic... So I went for a wiser name :smiley:
LICENSE
It is available under the 3-clause BSD license.
AUTHORS
CAVEAT
Only the AFRINIC, RIPE, APNIC, APNIC/JPNIC, APNIC/TWNIC and APNIC/KISA databases have useful domain, inetnum, inet6num and organisation information.
LACNIC does not provide useful inetnum and inet6num information.
ARIN, APNIC/IDNIC, APNIC/CNNIC, APNIC/VNNIC and APNIC/IRINN do not provide domain, inetnum, inet6num and organisation information at all.
However you can find route information from all of them, which can then be used with regular WHOIS queries.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file pnu_wis-1.0.0.tar.gz
.
File metadata
- Download URL: pnu_wis-1.0.0.tar.gz
- Upload date:
- Size: 14.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.9.15
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 9a79799321c15980ea90237e59ff2872a27fb5f766c2d2c68f72b8a6fd1a636d |
|
MD5 | c422dd69f4eae1f80b0b78503de39fd4 |
|
BLAKE2b-256 | 58aba696efb223674739ee95935738ac84f639af0fd558075aed9011a036c0b5 |
File details
Details for the file pnu_wis-1.0.0-py3-none-any.whl
.
File metadata
- Download URL: pnu_wis-1.0.0-py3-none-any.whl
- Upload date:
- Size: 12.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.9.15
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 555d60e019b65d4e0a96eae517ff4c00a18cef79d323beb8eb2f833635bc6def |
|
MD5 | bf01dd9e0ad24919132eef780397561b |
|
BLAKE2b-256 | 7fea298ec301b30cf5e8c956fc45d46454f33e9f89f7b91af06f2ab0d2b8db79 |