a Slack bot that listens for messages containing IP addresses and responds with security info about them.

Full demo video at https://youtu.be/1LehrI46O-c

First you'll need to create a Slack app

Navigate over to the OAuth & Permissions sidebar, Scroll down to the Bot Token Scopes section and click Add an OAuth Scope

Search for:

1. channels:history
2. chat:write

Scroll down to the User Token Scopes section and click Add an OAuth Scope: Search for:

1. channels:history

git clone git@github.com:<USERNAME>/ip-bot.git

pip install -r requirements.txt

Install your own app by selecting the Install App button at the top of the OAuth & Permissions page 5.

Create a file ip_bot/.env Containing you API tokens. for this project we need:

1. The Bot User OAuth Access Token under the OAuth & Permissions sidebar
2. The Slack signing secret. Navigate to the Basic Information page from your app management page. Under App Credentials, copy the value for Signing Secret.
3. Virus Total's public API. Create an account to get your Token at https://developers.virustotal.com/reference/overview

SLACK_BOT_TOKEN=<Your Slack bot Token>
SLACK_SIGNING_SECRET=<Slack signing key>
VIRUS_TOTAL_API_KEY=<Your Virus Total api token>

To tr out locally we'll be using ngrok, which allows you to expose a public endpoint that Slack can use to send your app events. If you haven't already, install ngrok from their website.
Tell ngrok to use port 3000 which Bolt for python uses by default:

ngrok http 3000

First get the Bolt app running:

python ip_bot/app.py

On your app configuration page, select the Event Subscriptions sidebar. You'll be presented with an input box to enter a Request URL, which is where Slack sends the events your app is subscribed to. For local development, we'll use your ngrok URL from above.

For example: https://1234abcde.ngrok.io

By default Bolt for Python listens for all incoming requests at the /slack/events route, so for the Request URL you can enter your ngrok URL appended with /slack/events.

For example: https://1234abcde.ngrok.io/slack/events

After you've saved your Request URL, click on Subscribe to events on behalf of users, then Add Workspace Event and search for message.channels. Then Save Changes using the button on the bottom right.

You bot is now ready in action Open slack messenger and add your bot to any channel and mention an ip address in a message and see what happens

You can deploy this project for free on Railway.app

1. Create a new project and select deploy from GitHub repo
   give railway.app access to your newly created GitHub repo.
2. Go to the variables tab and add the above mentioned variables.
3. In the setting tab under the Domains section click generate domain and add it to your slack app as mentioned above in Subscribing to events
4. Set the start command to be python ip_bot/app.py.

Your bot is now running all the time.

• Abe