Added -s option to search for ASNs matching a given name

Author: nitefood

README.md

@@ -15,13 +15,14 @@ Features:
   * **Announced prefixes** aggregated to the most relevant less-specific `INET(6)NUM` object (actual [LIR allocation](https://www.ripe.net/manage-ips-and-asns/db/support/documentation/ripe-database-documentation/rpsl-object-types/4-2-descriptions-of-primary-objects/4-2-4-description-of-the-inetnum-object)).
 
 - It will perform an **AS path trace** (using [mtr](https://github.com/traviscross/mtr) in raw mode and retrieving AS data from the results) for single IPs or DNS results, optionally reporting detailed data for each hop, such as RPKI ROA validity, organization/network name, geographic location, etc.
-- It will also detect **IXPs** (Internet Exchange Points) traversed during the trace, and highlight them for clarity.
+- It will detect **IXPs** (Internet Exchange Points) traversed during the trace, and highlight them for clarity.
 - It will attempt to lookup all relevant **abuse contacts** for any given IP or prefix.
 - It will perform **RPKI validity** lookups for every possible IP. Data is validated against [RIPE RPKI Validator](https://rpki-validator.ripe.net/). For path traces, the tool will match each hop's ASN/Prefix pair (retrieved from the Prefix Whois public server) with relevant published RPKI ROAs. In case of origin AS mismatch or unallowed more-specific prefixes, it will warn the user of a potential **route leak / BGP hijack** along with the offending AS in the path (requires `-d` option, see below for usage info).
   - *Read more about BGP hijkacking [here](https://en.wikipedia.org/wiki/BGP_hijacking).*
   - *Read more about RPKI [here](https://en.wikipedia.org/wiki/Resource_Public_Key_Infrastructure), [here](https://blog.cloudflare.com/rpki/), or [here](https://www.ripe.net/manage-ips-and-asns/resource-management/certification).*
-- It will also perform **IP reputation** lookups (especially useful when investigating foreign IPs from log files).
-- It is also possible to search by **organization name** in order to retrieve a list of IPv4/6 network ranges related to a given company. A multiple choice menu will be presented if more than one organization matches the search query.
+- It will perform **IP reputation** lookups (especially useful when investigating foreign IPs from log files).
+- It is possible to search by **organization name** in order to retrieve a list of IPv4/6 network ranges related to a given company. A multiple choice menu will be presented if more than one organization matches the search query.
+- It is possible to search for **ASNs matching a given name**, in order to map the ASNs for a given organization.
 
 Screenshots for every lookup option are below.
 
@@ -90,6 +91,12 @@ Requires Bash v4.2+. Tested on:
 
 ![search_by_org](https://user-images.githubusercontent.com/24555810/96520260-f7eae100-126e-11eb-8987-52b97c75faaf.png)
 
+### Suggested ASNs search ###
+
+* _Suggested ASNs for "google"_
+
+![asnsuggest](https://user-images.githubusercontent.com/24555810/98309344-7e6f2480-1fca-11eb-9ec6-df2cb63a62ce.png)
+
 ---
 
 ## Installation
@@ -149,6 +156,7 @@ In order to do so, you can use the following command:
 * `asn [-n|-d] <host.name.tld>` -- _to lookup matching IP(v4/v6), route and ASN data (supports multiple IPs - e.g. DNS RR)_
 * `asn <Route>` -- _to lookup matching ASN data for the given prefix_
 * `asn [-o] <Organization Name>` -- _to search by company name and lookup network ranges exported by (or related to) the company_
+* `asn [-s] <Name>` -- _to search for all ASNs matching a given name. Can be used to map all ASNs related to a given company_
 
 ##### *Path tracing and reputation*
 
@@ -167,6 +175,10 @@ In order to do so, you can use the following command:
 - The script will try to figure out if the input is an Organization name (i.e. if it doesn't look like an IP address, an AS number or a hostname).
   In order to force an organization search (for example for Orgs containing `.` in their name), pass the `[-o|--organization]` command line switch.
 
+##### *ASN suggest (-s)*
+
+- The script will try to find ASNs matching the given search string, using the RIPEStat API.
+
 ##### *IXP detection and unannounced prefixes*
 
 - The script will detect [IXPs](https://en.wikipedia.org/wiki/Internet_exchange_point) traversed during path traces by matching them with [PeeringDB](https://www.peeringdb.com/)'s comprehensive dataset of IXP prefixes.

asn

@@ -128,6 +128,42 @@ QueryRipestat(){
 	StatusbarMessage ""
 }
 
+RIPESuggestASN(){
+	TRIM_WHITESPACES=false
+	input="$1"
+	while true; do
+		StatusbarMessage "Retrieving suggested ASNs for ${bluebg}${input}${lightgreybg}"
+		ripe_suggest_output=$(curl -s "https://stat.ripe.net/data/searchcomplete/data.json?resource=${input}&sourceapp=nitefood-asn" | \
+								jq -r '.data.categories | .[] | select ( .category == "ASNs" ) | .suggestions[]')
+		StatusbarMessage ""
+		if [ -n "$ripe_suggest_output" ]; then
+			found_suggestions=$(echo -e "$ripe_suggest_output" | jq -r '.description' | sort -u)
+			for suggestion in $found_suggestions; do
+				echo -e "\n${green}$suggestion${default}"
+				for suggestion_asn in $(echo -e "$ripe_suggest_output" | jq -r 'select (.description=="'"$suggestion"'") | .value'); do
+					echo -e "\t${yellow}$suggestion_asn${default}"
+				done
+			done
+			echo ""
+			return
+		elif [ "$TRIM_WHITESPACES" = false ]; then
+			TRIM_WHITESPACES=true
+			oldinput="$input"
+			# shellcheck disable=SC2001
+			input=$(echo "$oldinput" | sed 's/[ \t]*//g')
+			if [ "$input" = "$oldinput" ]; then
+				echo -e "\n${redbg}No suggestions found${default}\n"
+				return
+			else
+				continue
+			fi
+		else
+			echo -e "\n${redbg}No suggestions found${default}\n"
+			return
+		fi
+	done
+}
+
 WhoisIP(){
 	full_whois_data=$(whois "$1")
 	network_whois_data=$(echo -e "$full_whois_data" | grep -i -E "^netname:|^orgname:|^org-name:|^owner:|^descr:|^country:")
@@ -222,6 +258,7 @@ PrintUsage(){
 			"\n\n  ${green}-d, --detailed\n\t${default}Output detailed hop info during the AS path trace to the ${blue}TARGET${default}" \
 			"\n\t(This option also enables RPKI validation/BGP hijacking detection for every hop)" \
 			"\n\n  ${green}-n, --notrace\n\t${default}Disable tracing the AS path to the ${blue}TARGET${default}" \
+			"\n\n  ${green}-s, --suggest\n\t${default}Lookup AS names and numbers matching ${blue}TARGET${default}" \
 			"\n\n  ${green}-o, --organization\n\t${default}Force ${blue}TARGET${default} to be treated as an Organization Name" \
 			"\n\nSupported targets:" \
 			"\n\n  ${blue}<AS Number>${default}\n\tLookup matching and BGP announcements/neighbours data." \
@@ -1024,7 +1061,7 @@ CheckPrerequisites() {
 	disabled_features=""
 	HARD_FAIL=false
 
-	BGPSTAT_LOOKUP=true
+	RIPESTAT_LOOKUP=true
 	RPKI_LOOKUP=true
 	REPUTATION_LOOKUP=true
 	HAVE_IPCALC=true
@@ -1048,8 +1085,8 @@ CheckPrerequisites() {
 					TRACEASNPATH=false
 					;;
 				"jq")
-					disabled_feat="IP reputation, RIPEstat BGP info and RPKI ROA lookups"
-					BGPSTAT_LOOKUP=false
+					disabled_feat="IP reputation, RIPEstat BGP info / ASN suggestions, and RPKI ROA lookups"
+					RIPESTAT_LOOKUP=false
 					RPKI_LOOKUP=false
 					REPUTATION_LOOKUP=false
 					;;
@@ -1153,6 +1190,7 @@ if [[ $# -lt 1 ]]; then
 fi
 
 FORCE_ORGSEARCH=false
+SUGGEST_SEARCH=false
 
 case "$1" in
 	"-n"|"--notrace")
@@ -1185,6 +1223,16 @@ case "$1" in
 			userinput=$(echo "$@" | cut -d ' ' -f 2- | sed -e 's/^[ \t]*//')
 		fi
 		;;
+	"-s"|"--suggest")
+		if [[ $# -lt 2 ]]; then
+			PrintUsage
+			echo -e "Error: missing ${red}TARGET${default}\n"
+			exit 1
+		else
+			SUGGEST_SEARCH=true
+			userinput=$(echo "$@" | cut -d ' ' -f 2- | sed -e 's/^[ \t]*//')
+		fi
+		;;
 	*)
 		if [ "${1:0:1}" = "-" ]; then
 			 PrintUsage
@@ -1217,6 +1265,14 @@ if [ "$FORCE_ORGSEARCH" = true ]; then
 	exit 0
 fi
 
+if [ "$SUGGEST_SEARCH" = true ]; then
+	# user passed the "-s|--suggest" switch
+	[[ "$RIPESTAT_LOOKUP" = false ]] &&	PrintErrorAndExit "Please install the necessary prerequisite tool!"
+	RIPESuggestASN "$userinput"
+	exit 0
+fi
+
+
 input=$(echo "$userinput" | sed 's/\/.*//g' | grep -Eo "$ipv4v6regex")
 
 if [ -z "$input" ]; then
@@ -1289,7 +1345,7 @@ if [ -z "$input" ]; then
 		echo -e "${bluebg} AS Name ────────>${default} ${green}${found_asname}"
 		echo -e "${bluebg} Organization ───>${default} ${yellow}${found_org}"
 		echo -e "${bluebg} AS Reg. date ───>${default} ${white}${found_createdate}"
-		if [ "$BGPSTAT_LOOKUP" = true ]; then
+		if [ "$RIPESTAT_LOOKUP" = true ]; then
 			BoxHeader "BGP informations for AS${asn} (${found_asname})"
 			echo ""
 			QueryRipestat "${asn}"