Write a function that takes an IP address as the input and returns true if the IP is in the list of Tor exit nodes. Since downloading this file from the internet every time would be to time and network consuming the function should download it once and save it in the user's home folder: ~/.nano_siem/tor_exit_nodes.txt.
But since the file can change you should update the file if the downloaded file is older than a day.
Write a Python function that takes an IP address as a string and outputs the corresponding coordinates as a tuple: (Longitude, Latitude). The tuple should have the data type (float, float). The conversion should be done locally with the GeoLite2 database. You can use the python-geoip package for this.
Update: There is a newer version of the library geoip2 that you should use. But I think therefore you have to manually download the GeoLite2 database. Don't use the web service.
Please develop this feature in the feature/geoip-lookup branch. You should complete the function in this file.
Search for scientific articles on intrusion detection and which patterns indicate hacking attempts. The goal is to find a list of URL paths that indicate hacking attempts. Example: /loadImage?filename=../../../etc/passwd