IP intelligence, ASN analytics, routing security, GeoIP/MMDB engineering, and infrastructure research
Open datasets, static dashboards, routing-security tooling, enrichment pipelines, GeoIP/MMDB workflows, and operational network intelligence systems.
- IP and ASN enrichment with provenance and confidence scoring
- VPN, proxy, Tor, crawler, cloud, CDN, and hosting infrastructure analysis
- BGP, RPKI, ROA, and routing-security visibility
- GeoIP/MMDB compilation, validation, diffing, and operational tooling
- Geofeed discovery and routing-aware geolocation enrichment
- Static dashboards, APIs, and GitHub-native publishing workflows
- Operational datasets for SIEM, fraud detection, OSINT, and network analytics
| Project | Description |
|---|---|
| IP-Knowledge-Layer | Open enrichment layer for CIDR, ASN, cloud, CDN, crawler, Tor, VPN, and infrastructure intelligence with provenance and confidence scoring. |
| ASN-Signal-Graph | ASN-level infrastructure signal aggregation for VPN overlap, Tor visibility, public-feed exposure, and defensive analytics. |
| blackroute | Local-first hostile infrastructure and reputation intelligence pipeline with MMDB and CSV outputs. |
| ASN-VPN-Network-Intelligence | VPN infrastructure overlap and ASN/provider enrichment datasets. |
| Project | Description |
|---|---|
| VPN-Infrastructure-Intelligence-Lab | Aggregate VPN infrastructure intelligence dashboard for provider, ASN, country, and hosting dependency analysis. |
| vpn-provider-overlap-intelligence | Shared infrastructure and provider overlap analysis across ASNs, prefixes, and hosting networks. |
| Project | Description |
|---|---|
| RouteSentinel | Daily route-security snapshot analyzer for BGP RIB dumps and RPKI VRP datasets. |
| GeoFeed-Harvester | RFC 8805 geofeed discovery, validation, provenance tracking, and routing-aware geolocation analysis from public RIR data. |
| Project | Description |
|---|---|
| CrawlerScope | Interactive crawler intelligence dashboard for AI crawlers, search bots, scanners, and monitoring probes. |
| Tor-Radar | Browser-only Tor relay intelligence dashboard with compact snapshots and relay metadata. |
| Project | Description |
|---|---|
| GeoForge | Consensus-based GeoIP compiler combining GeoLite2, DB-IP, IP2Location, geofeeds, RIR, and WHOIS signals. |
| MMDBForge | Toolkit for inspecting, validating, diffing, and analyzing MaxMind DB and custom MMDB datasets. |
| MMDB-WatchTower | Production-safe MMDB updater with validation, rollback, atomic swaps, smoke tests, and Prometheus metrics. |
| Project | Description |
|---|---|
| PrefixCloak | Prefix-preserving IPv4/IPv6 sanitizer for logs, telemetry, SIEM exports, and subnet-safe anonymization workflows. |
IP ranges
-> CIDR normalization
-> ASN attribution
-> BGP and RPKI validation
-> geofeed discovery
-> hosting and cloud classification
-> VPN / proxy / Tor / crawler signals
-> GeoIP and MMDB enrichment
-> reputation and abuse context
-> dashboards, CSV exports, static APIs, and lookup databases
CSV JSON JSONL Parquet MMDB CIDR
ASN BGP RPKI ROA RIR WHOIS GeoIP GeoFeed
VPN Proxy Tor Crawler Cloud CDN Hosting Scanner Reputation
- Expanding ASN-level infrastructure signal aggregation
- Building routing-security visibility around BGP and RPKI validation
- Developing geofeed discovery and provenance pipelines
- Improving VPN overlap analysis without publishing raw endpoint inventories
- Building local-first GeoIP, MMDB, and reputation tooling
- Publishing compact operational datasets for SIEM and analytics workflows
| Principle | Description |
|---|---|
| Reproducibility | Deterministic dataset generation with auditable inputs |
| Source Transparency | Preserve provenance and confidence metadata |
| Operational Utility | Lightweight exports for pipelines and local lookups |
| Static Deployment | Prefer GitHub-native dashboards and APIs |
| Defensive Focus | Infrastructure intelligence for analytical workflows |
| Project | Focus |
|---|---|
| RouteSentinel | BGP · RPKI · MRT · VRP · route security |
| GeoFeed-Harvester | RFC8805 · GeoIP · geofeeds · RIR · BGP |
| ASN-Signal-Graph | ASN · CIDR · infrastructure signals · Tor · VPN |
| IP-Knowledge-Layer | ASN · enrichment · bot detection · VPN intelligence |
| GeoForge | GeoIP · MMDB · geolocation consensus · WHOIS |
| MMDBForge | MaxMind DB · diffing · validation · tooling |
| MMDB-WatchTower | MMDB operations · rollback · observability |
| CrawlerScope | AI crawlers · scanners · monitoring probes |
| Tor-Radar | Tor relay intelligence · Onionoo · dashboards |
| PrefixCloak | privacy · anonymization · SIEM · telemetry |
| blackroute | hostile infrastructure · reputation · MMDB |
| VPN-Infrastructure-Intelligence-Lab | VPN infrastructure analytics · ASN visibility |
Open to collaboration around:
- IP intelligence datasets
- ASN and routing analytics
- VPN and Tor infrastructure research
- crawler and AI fetcher visibility
- GeoIP/MMDB quality engineering
- RPKI and BGP measurements
- fraud detection and SIEM enrichment
Licensing varies by repository depending on source constraints and redistribution requirements.
Most repositories use:
- Apache-2.0 or MIT for code
- CC0-1.0 for generated datasets
See repository license files for details.