New geolocus-cli For ONYPHE’s Geolocus Database – Source: securityboulevard.com

ONYPHE has made available a free API and free MMDB download of their new Geolocus database. It provided IP address metadata in the form of:

{     "abuse":     [         "[email protected]",         "[email protected]",         "[email protected]",         "[email protected]"     ],     "asn": "AS14618",     "continent": "NA",     "continentname": "North America",     "country": "US",     "countryname": "United States",     "domain":     [         "amazon.com",         "amazonaws.com",         "aws.com"     ],     "ip": "3.215.138.152",     "isineu": 0,     "latitude": "37.09024",     "location": "37.09024,-95.712891",     "longitude": "-95.712891",     "netname": "AMAZON-IAD",     "organization": "Amazon Data Services NoVa",     "physical_asn": "AS14618",     "physical_continent": "NA",     "physical_continentname": "North America",     "physical_country": "US",     "physical_countryname": "United States",     "physical_isineu": 0,     "physical_latitude": "37.09024",     "physical_location": "37.09024,-95.712891",     "physical_longitude": "-95.712891",     "physical_organization": "Amazon.com, Inc.",     "physical_subnet": "3.208.0.0/12",     "physical_timezone": "America/Chicago",     "subnet": "3.208.0.0/12",     "timezone": "America/Chicago" } 

Since it’s way more efficient to use the MMDB file than the API, I built a cross-platform CLI tool for it: https://codeberg.org/hrbrmstr/geolocus-cli.

also with binary releases: https://codeberg.org/hrbrmstr/geolocus-cli/releases

Code is also available via Tangled Knot: https://tangled.sh/@hrbrmstr.dev/geolocus-cli

Usage:

# Download the latest Geolocus database geolocus-cli download  # Look up IPs from a file geolocus-cli lookup -i ips.txt -o results.json  # Process IPs from stdin and output to stdout cat ips.txt | geolocus-cli lookup  # Output in CSV format geolocus-cli lookup -i ips.txt -f csv -o results.csv  # Output in JSONL format (one JSON object per line) geolocus-cli lookup -i ips.txt -f jsonl -o results.jsonl  # Disable session caching geolocus-cli lookup -i ips.txt --no-cache 

CLI options:

Commands:   download    Download a fresh copy of the geolocus.mmdb database   lookup      Lookup and enrich IP addresses from a file or stdin  Options:   -h, --help              Show help information   -i, --input       Input file containing IP addresses (one per line)   -o, --output      Output file for results (defaults to stdout)   -f, --format    Output format: json, csv, or jsonl (default: json)   --no-cache              Disable IP caching for the current session 

The post New geolocus-cli For ONYPHE’s Geolocus Database appeared first on rud.is.

*** This is a Security Bloggers Network syndicated blog from rud.is authored by hrbrmstr. Read the original post at: https://rud.is/b/2025/04/27/new-geolocus-cli-for-onyphes-geolocus-database/