search

ciscocsirt / malspider

Malspider is a web spidering framework that detects characteristics of web compromises.
BSD 3-Clause "New" or "Revised" License
417 stars 78 forks source link

Feature Request - Black List #5

Open r3comp1le opened 8 years ago

r3comp1le commented 8 years ago

Creating blacklist for Domains and IPs. This would alert on known badness no matter the techniques of the iframe or script for example.

jasheppa5 commented 8 years ago

Are there blacklists/feeds you recommend? This is something I'd like to put in the dev pipeline for a later release.

On Tue, Jun 14, 2016 at 11:19 PM, r3comp1le notifications@github.com wrote:

Creating blacklist for Domains and IPs. This would alert on known badness no matter the techniques of the iframe or script for example.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/ciscocsirt/malspider/issues/5, or mute the thread https://github.com/notifications/unsubscribe/AR0QEFzf4sKT1MAkqwBwIr4FoRDwSjdRks5qL29UgaJpZM4I19fD .

r3comp1le commented 8 years ago

I would generate them from OSINT collection and domains and ips that show up in reports, along with internal intel.

freesalu commented 8 years ago

@r3comp1le - https://github.com/ciscocsirt/malspider/pull/9 added basic blacklist support!