-
**Describe the bug**
I tried to follow the README and invoking cherrybomb in passive mode results in dns error (why does it even go to that address?)
**To Reproduce**
Steps to reproduce the behav…
-
Given that they require two different commands and return different data (albeit more frequently on one request type than the other), I suggest that "rdata name" and "rrset" lookups for names be separ…
-
### Search first
- [X] I searched and no similar issues were found
### What Happened?
بارها گفتم مدل dns برای همچین نرم افزاری باید فرق داشته باشه گوش نمیدید که باید بصورت passive و active با…
-
Search for IP ranges from an IP entity.
ie you have IP entity 127.0.0.1, have a transform that ask how wide you want to search (/16, /24, etc...) and then search rdata on ISC for domains pointing to …
-
ISC's passive DNS specification paper suggests to also include the RRs from the _Authorities_ section in the response packet in the RRsets considered for inclusion in the database.
FEVER currently on…
satta updated
4 years ago
-
Also include detection rates for latest detected URLs and hashes
-
New source of passive dns
http://pdns.circl.lu/
Access can be asked at info@circl.lu
-
### Feature description
1.1.1.1 or 8.8.8.8 (sometimes routed to local dns and manipulated) will fail to get ip some times but exactly that time 1.0.0.1 will resolve domain of inbound proxies
dua…
-
**DNS resolution false positives.**
If I understood correctly, if one declares a list of DNS names, Falco will resolve them to IP addresses, to be able to track attempts to reach them. Which …
sl805 updated
2 months ago
-
Argus-5.0 supports full packet capture for the monitored control plane, which means that DNS flows will have the complete DNS request and response content in the flow records. radump.1 can parse out …