Skip to content
/ steam_scanner Public

scanning steam profiles to identify bot/malicious accounts

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

WTFender/steam_scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

31 Commits
gae
gae
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
database_setup.py
database_setup.py
 
 
requirements.txt
requirements.txt
 
 
steam_scanner.py
steam_scanner.py
 
 

Repository files navigation

steam_scanner

python2/3 compatible

demo

wtfender.com/steam-scanner

setup

register for api keys

# set environment variables
export MYSQL_USER="user"
export MYSQL_PASS="password"
export MYSQL_HOST="host"
export MYSQL_DB="database_name"
export MYSQL_CERT="ssl_cert"
export MYSQL_KEY="ssl_key"
export MYSQL_CA="ssl_ca"
export STEAM_API_KEY="api_key"
export GOOGLE_API_KEY="api_key"

# clone project
git clone https://github.com/WTFender/steam_scanner.git && cd steam_scanner

# install requirements
pip install -r requirements.txt

# setup database
python database_setup.py
> Database tables created.

scan

# run one scan
python steam_scanner.py
> 2019-04-06 14:31:42.309805: Scanned 1 profiles with 2 links containing 2 threats.

{
    "...snip...": 1,
    "links": [
        {
            "is_threat": 1,
            "threatType": "MALWARE",
            "url": "https://testsafebrowsing.appspot.com/s/malware.html"
        },
        {
            "is_threat": 1,
            "threatType": "SOCIAL_ENGINEERING",
            "url": "https://testsafebrowsing.appspot.com/s/phishing.html"
        }
    ],
    "personaname": "Mr. Cringer Pants",
    "...snip...": 1
}

# run more scans
while true; do python steam_scanner.py && sleep 120s; done
> 2019-04-06 15:12:54.184112: Scanned 51 profiles with 5 links containing 0 threats.
> 2019-04-06 15:13:19.837920: Scanned 58 profiles with 1 links containing 0 threats.
> 2019-04-06 15:13:41.044895: Scanned 65 profiles with 3 links containing 0 threats.

# be mindful of steam's api limitations
# 1 scan = 1 api call  
# 1 api call = 100 profile scans max
# 100,000 api call limit per day

investigate

SELECT count(url) AS bad_links, threatType 
FROM links
WHERE is_threat=1
GROUP BY threatType;

+----------+--------------------+
| bad_links | threatType        |
+----------+--------------------+
|        1 | MALWARE            |
|        1 | SOCIAL_ENGINEERING |
|        2 | UNWANTED_SOFTWARE  |
+----------+--------------------+

visualize

graph mysql via grafana

scale

deploy on google app engine

# clone from source
git clone https://github.com/WTFender/steam_scanner.git && cd steam_scanner/gae/steam_scanner

# update secrets
nano secrets.yaml

# deploy on gae
gcloud projects create "project_name"
gcloud app deploy --project="project_name"

# enable scan job (100 profiles per minute)
gcloud app deploy cron.yaml --project="project_name"

# scan specific steamID
curl https://wtfender.com/api/scan/76561198130753269 | python -m json.tool

[
    {
        "personaname": "Mr. Cringer Pants",
        "profilestate": 1,
        "profileurl": "https://steamcommunity.com/id/cringerpants/",
        "...snip...": 1
    }
]

About

scanning steam profiles to identify bot/malicious accounts

Resources

Readme
Activity

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages