Please add networks in cidr notation

[amoore2600]

Please add networks in cidr notation this would help keep the list more efficient.

[hackinghippo]

good point! but the original purpose of this repo was when I get a log4j DFIR I can easily grep through a list with that contains many many sources so I can investigate the findings in for example Firewall,WinEVTX bla bla

Maybe you can fork it and edit it yourself :)

[a1466d44-d3dc-4c0b-90c7-315b088731d7]

@amoore2600 Try adding this to whatever script you are using to gather this list: # cat log4j_ioc_ips.txt | aggregate -p 32 -m 32 -o 32 (only -p is needed, but for completeness Aggregate will (as the name suggests) aggregate all IPs into subnets to make the list smaller.

@hackinghippo May be you can generate 2 outputs? One single host list, and a second aggregated list of networks?

PS.: In the current list there are again RFC1918 addresses, as well as 9.9.9.11 (public non profit DNS resolver)

[hackinghippo]

@Daywalker01, good idea I will add 2 outputs in the future. I also work at domains and hashes sadly I didnt have much time :( much incidents atm...

I can add a whitelist if I have a good base or listing from known IP adresses