Abuse.ch SSL Blacklist Analyzer

[3c7]

URL: https://sslbl.abuse.ch/

SSL Blacklist (SSLBL) is a project maintained by abuse.ch. The goal is to provide a list of "bad" SSL certificates identified by abuse.ch to be associated with malware or botnet activities. SSLBL relies on SHA1 fingerprints of malicious SSL certificates and offers various blacklists that can found in the SSL Blacklist section.

Will provide an analyzer for that, but low prio atm.

[srilumpa]

Would it be possible to design the analyzer to plug in it other services provided by abuse.ch? I was thinking of adding RansomwareTracker (https://ransomwaretracker.abuse.ch/) and FeodoTracker (https://feodotracker.abuse.ch/)

[3c7]

Hmmm. Need to think about it whether it's better to split them into multiple analyzer or to keep one. As these are open trackers, they don't need credentials, so from that side it would be possible (would'nt like to mix different credentials in one analyzer config).

[omibao]

SSLBL seems no longer works?