From b15d215f6704427014deb65f051ef7b89f9efb7f Mon Sep 17 00:00:00 2001
From: Roy SALIBA <salibaroy3@gmail.com>
Date: Wed, 29 May 2024 22:44:42 +0200
Subject: [PATCH] Create derivant

---
 derivant | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 derivant

diff --git a/derivant b/derivant
new file mode 100644
index 0000000..32ac879
--- /dev/null
+++ b/derivant
@@ -0,0 +1,32 @@
+import re
+
+# Exemple de log contenant des activités suspectes
+log_data = """
+192.168.1.1 - - [28/May/2024:10:32:55 +0000] "GET /index.html HTTP/1.1" 200 2326
+192.168.1.2 - - [28/May/2024:10:33:12 +0000] "GET /login.php?username=admin&password=admin HTTP/1.1" 200 1420
+192.168.1.3 - - [28/May/2024:10:34:23 +0000] "POST /transfer.php HTTP/1.1" 200 5320
+192.168.1.4 - - [28/May/2024:10:35:00 +0000] "GET /scam_offer HTTP/1.1" 200 221
+"""
+
+# Mots-clés ou motifs pour détecter des scams
+scam_patterns = [
+    re.compile(r'scam_offer'),
+    re.compile(r'login\.php\?username=admin&password=admin'),
+    re.compile(r'transfer\.php')
+]
+
+# Fonction pour détecter des scams dans les logs
+def detect_scams(log_data, patterns):
+    lines = log_data.split('\n')
+    scam_lines = []
+    for line in lines:
+        for pattern in patterns:
+            if pattern.search(line):
+                scam_lines.append(line)
+                break
+    return scam_lines
+
+scam_activities = detect_scams(log_data, scam_patterns)
+print("Detected scam activities:")
+for activity in scam_activities:
+    print(activity)