downloadWHOIS.sh: Automating WHOIS collection

February 16, 2015 — Leave a comment

One of the least glamorous parts of network security is capturing information on Internet hosts that exhibit malicious intent.  Here is a script that I’ve created to help automate the process of collecting WHOIS information:

[code language=”bash”]#!/usr/bin/sh
#
# downloadWHOIS.sh
#
# This script uses native whois command to return the WHOIS information
# of the IP Addresses provided.
#
# USAGE:
# $ ./downloadWHOIS.sh 1.2.3.4
# $ ./downloadWHOIS.sh 1.2.3.4 1.2.3.5 1.2.3.6 etc.
#

# Set path to save files:
path=/Downloads/

# Set filename prefix and/or suffix:
prefix=
suffix=\_whois.txt

for args in "$@"
do
whois $args > $path$prefix$args$suffix
done
[/code]

I haven’t tested this script in a true Linux environment, but it works fine in Cygwin. (Not my preferred environment, but it’s what I have to work with.)

downloadWHOIS.sh

Have any scripts you’d like to share? I’d like to see what you’ve come up to make your tedious tasks easier to tackle.

I’ve also created a GitHub Gist for this shell script.

Aaron Melton

Posts

No Comments

Be the first to start the conversation.

Leave a Reply

Text formatting is available via select HTML.

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> 

*