-
**Describe the bug**
I tried to follow the README and invoking cherrybomb in passive mode results in dns error (why does it even go to that address?)
**To Reproduce**
Steps to reproduce the behav…
-
Improves the UX of the event timeline when using passive-dns enrichment
https://github.com/MISP/misp-modules/blob/7623b3c615501a9853cdaf3bfc26f16512993a8c/misp_modules/modules/expansion/circl_passive…
-
### Search first
- [X] I searched and no similar issues were found
### What Happened?
بارها گفتم مدل dns برای همچین نرم افزاری باید فرق داشته باشه گوش نمیدید که باید بصورت passive و active با…
-
Given that they require two different commands and return different data (albeit more frequently on one request type than the other), I suggest that "rdata name" and "rrset" lookups for names be separ…
-
ISC's passive DNS specification paper suggests to also include the RRs from the _Authorities_ section in the response packet in the RRsets considered for inclusion in the database.
FEVER currently on…
satta updated
4 years ago
-
Search for IP ranges from an IP entity.
ie you have IP entity 127.0.0.1, have a transform that ask how wide you want to search (/16, /24, etc...) and then search rdata on ISC for domains pointing to …
-
Also include detection rates for latest detected URLs and hashes
-
**DNS resolution false positives.**
If I understood correctly, if one declares a list of DNS names, Falco will resolve them to IP addresses, to be able to track attempts to reach them. Which …
sl805 updated
3 weeks ago
-
### Feature description
1.1.1.1 or 8.8.8.8 (sometimes routed to local dns and manipulated) will fail to get ip some times but exactly that time 1.0.0.1 will resolve domain of inbound proxies
dua…
-
New source of passive dns
http://pdns.circl.lu/
Access can be asked at info@circl.lu