malspider icon indicating copy to clipboard operation
malspider copied to clipboard

Published 20 hours ago verified publisher icon ciscocsirt

Feature Request - Black List

Open r3comp1le opened this issue 8 years ago • 3 comments

Creating blacklist for Domains and IPs. This would alert on known badness no matter the techniques of the iframe or script for example.

r3comp1le avatar Jun 15 '16 03:06 r3comp1le

Are there blacklists/feeds you recommend? This is something I'd like to put in the dev pipeline for a later release.

On Tue, Jun 14, 2016 at 11:19 PM, r3comp1le [email protected] wrote:

Creating blacklist for Domains and IPs. This would alert on known badness no matter the techniques of the iframe or script for example.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/ciscocsirt/malspider/issues/5, or mute the thread https://github.com/notifications/unsubscribe/AR0QEFzf4sKT1MAkqwBwIr4FoRDwSjdRks5qL29UgaJpZM4I19fD .

jasheppa5 avatar Jun 20 '16 13:06 jasheppa5

I would generate them from OSINT collection and domains and ips that show up in reports, along with internal intel.

r3comp1le avatar Jun 20 '16 16:06 r3comp1le

@r3comp1le - https://github.com/ciscocsirt/malspider/pull/9 added basic blacklist support!

freesalu avatar Sep 12 '16 07:09 freesalu