From 7986909f3c5a78a4f9bc1c00faa1c59b6f203352 Mon Sep 17 00:00:00 2001 From: Roy SALIBA Date: Wed, 29 May 2024 22:49:33 +0200 Subject: [PATCH] Create Iamgrok --- jesappellegrok | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 jesappellegrok diff --git a/jesappellegrok b/jesappellegrok new file mode 100644 index 0000000..cda5820 --- /dev/null +++ b/jesappellegrok @@ -0,0 +1,72 @@ +import re +import numpy as np +from datetime import datetime + +# Fonction pour scanner plusieurs entrées +def scan_entries(entries): + results = [] + for entry in entries: + scan_result = scan_entry(entry) + results.append(scan_result) + return results + +# Fonction pour scanner une seule entrée +def scan_entry(entry): + scam_patterns = [ + re.compile(r'scam_offer'), + re.compile(r'login\.php\?username=admin&password=admin'), + re.compile(r'transfer\.php') + ] + scam_activities = detect_scams(entry, scam_patterns) + return scam_activities + +# Fonction pour détecter des scams dans les logs +def detect_scams(log_data, patterns): + lines = log_data.split('\n') + scam_lines = [] + for line in lines: + for pattern in patterns: + if pattern.search(line): + scam_lines.append(line) + break + return scam_lines + +# Fonction pour calculer les dérivées +def calculate_derivatives(data): + data = np.array(data) + derivatives = np.diff(data) + return derivatives + +# Exemple d'utilisation +log_entries = [ + """ + 192.168.1.1 - - [28/May/2024:10:32:55 +0000] "GET /index.html HTTP/1.1" 200 2326 + 192.168.1.2 - - [28/May/2024:10:33:12 +0000] "GET /login.php?username=admin&password=admin HTTP/1.1" 200 1420 + 192.168.1.3 - - [28/May/2024:10:34:23 +0000] "POST /transfer.php HTTP/1.1" 200 5320 + 192.168.1.4 - - [28/May/2024:10:35:00 +0000] "GET /scam_offer HTTP/1.1" 200 221 + """, + # Ajoutez d'autres entrées ici +] + +scanned_results = scan_entries(log_entries) + +# Supposons que chaque scan_result contient le nombre d'activités suspectes détectées +activity_counts = [len(result) for result in scanned_results] + +# Calculer les dérivées des activités suspectes détectées +activity_derivatives = calculate_derivatives(activity_counts) + +# Afficher les résultats +print("Scanned Results:", scanned_results) +print("Activity Counts:", activity_counts) +print("Activity Derivatives:", activity_derivatives) + +# Sauvegarder les résultats dans un fichier +timestamp = datetime.now().strftime("%Y-%m-%d_%H-%M-%S") +output_filename = f"scan_results_{timestamp}.txt" +with open(output_filename, 'w', encoding='utf-8') as file: + file.write(f"Scanned Results: {scanned_results}\n") + file.write(f"Activity Counts: {activity_counts}\n") + file.write(f"Activity Derivatives: {activity_derivatives}\n") + +print(f"Results saved to {output_filename}")