webstergd
commented
9 years ago I am happy to do this but I would worry about false positives. Since these are typically download sites, I would expect some cross over with benign domains because the domains can and appear to be often hijacked. I am doing a study on this right now (should be finished by the end of May) and if you want I say lets table this until we have the results.
If people want this now, just let me know and I will code it up pretty quickly for you.
On Sun, Apr 5, 2015 at 3:45 AM, Kyle Maxwell notifications@github.com wrote:
Use "URI - URL" as the Indicator type.
— Reply to this email directly or view it on GitHub https://github.com/krmaxwell/maltrieve/issues/151.
Use "URI - URL" as the Indicator type.