MISP
/
misp-warninglists
mirror of https://github.com/MISP/misp-warninglists
2
0
Fork 0
Code Issues Releases Wiki Activity
935 Commits
3 Branches
47 Tags
764 MiB
Commit Graph

585 Commits (main)

Author SHA1 Message Date
Alexandre Dulaunoy ebb012515e
chg: [lists] warning-lists updated 2023-07-31 10:44:21 +02:00
Alexandre Dulaunoy 4a4c241d22
chg: [lists] updated to the latest version 2023-07-28 10:54:38 +02:00
Alexandre Dulaunoy 1a94fcd666
chg: [warning-lists] updated to the latest version 2023-07-04 14:57:03 +02:00
Davide fdbfb29eba Added DigitalSide.IT warninglist (false positive detection) 2023-06-22 15:34:20 +02:00
Alexandre Dulaunoy 9f55a9b6fd
chg: [lists] updated 2023-06-22 08:17:05 +02:00
Alexandre Dulaunoy b5f622be40
chg: [lists] updated 2023-06-18 18:41:05 +02:00
Alexandre Dulaunoy af7d0c0f58
chg: [lists] updated 2023-05-11 10:24:22 +02:00
Alexandre Dulaunoy bce14bb0d3
chg: [lists] updated 2023-05-09 20:02:40 +02:00
Alexandre Dulaunoy 82ed7aa602
chg: [warning-lists] updated to the latest version 2023-04-29 17:11:00 +02:00
Alexandre Dulaunoy fa24e49a66
chg: [warning-lists] updated 2023-04-12 15:46:54 +02:00
Alexandre Dulaunoy c94ae59a1a
chg: [lists] updated to the latest version 2023-04-10 12:54:31 +02:00
Hendrik Baecker bcbb51d50e Added google bot updater + list 2023-04-05 14:33:08 +02:00
Alexandre Dulaunoy 4f936b9465
chg: [warning-lists] updated 2023-04-02 22:50:26 +02:00
Alexandre Dulaunoy aa939f482f
chg: [lists] updated to the latest version 2023-03-27 10:15:44 +02:00
Alexandre Dulaunoy 677563239e
chg: [warning-lists] updated 2023-03-09 15:10:27 +01:00
Alexandre Dulaunoy 1ad7a75480
chg: [warning-lists] updated 2023-02-05 12:50:15 +01:00
Alexandre Dulaunoy 569792dbd7
fix: [captive-portals] jq all the things 2023-01-30 22:51:23 +01:00
Alexandre Dulaunoy e9b5cac5f7
Merge pull request #245 from MichaelDwucet/MichaelDwucet-New-Warning-List-Captive-Portals 
Add Captive Portal detection hostnames
 2023-01-30 22:50:40 +01:00
Alexandre Dulaunoy 96b11c084b
Merge pull request #244 from DavidCruciani/main 
add: [parking]
 2023-01-30 22:47:32 +01:00
Michael Dwucet b7635674c6
Create captive-portals/list.json 
Warning list with hostnames used by different OS and devices (Mac OS, Microsoft Windows, Apple iOS, Google Android, Samsung Android, HTC Android, Amazon FireOS, Firefox Browser, Chrome OS) for detection of captive portals used in public Wi-Fi networks. The source for the list is the official documentation of the Wireless Broadband Alliance:  https://captivebehavior.wballiance.com/ 
Additional Microsoft hostname www.msftconnecttest.com added from: https://learn.microsoft.com/de-de/troubleshoot/windows-client/networking/internet-explorer-edge-open-connect-corporate-public-network
 2023-01-30 21:26:23 +01:00
David Cruciani 1f367cd273 add: [parking] 2023-01-23 14:54:53 +01:00
Alexandre Dulaunoy a51a9adc6c
chg: [lists] updated to the latest version 2023-01-23 10:06:12 +01:00
Alexandre Dulaunoy 35ce848348
chg: [lists] updated 2023-01-20 14:27:14 +01:00
Alexandre Dulaunoy 19094e4900
chg: [lists] updated 2023-01-11 15:08:59 +01:00
csandera d91c41438b generator-vpn.py did not saved the generated list because of incorrect destination folder name 2023-01-10 19:41:59 +01:00
Alexandre Dulaunoy 3a059f8bd9
chg: [warning-lists] updated 2023-01-02 16:11:28 +01:00
Alexandre Dulaunoy 7c5b034b81
new: [google-chrome-crux-1million] added 2023-01-02 11:20:37 +01:00
Alexandre Dulaunoy ab2938e008
chg: [warning-lists] updated 2022-12-22 08:54:57 +01:00
Jakub Onderka d4845c59fe
fix: [microsoft-azure-appid] Correct type 2022-12-01 13:38:11 +00:00
Alexandre Dulaunoy 044365242d
chg: [global] MISP warning-list updated 2022-12-01 11:39:17 +01:00
Alexandre Dulaunoy f9aaa75f43
Merge branch 'ekamioka-main' into main 2022-12-01 11:24:31 +01:00
ekamioka 083ae1d17a hopla :) 2022-11-30 07:46:34 -03:00
ekamioka 200fbdc4db initial suggestion of public IPFS gateways - thanks to https://ipfs.github.io/public-gateway-checker/ 2022-11-30 07:23:04 -03:00
Alexandre Dulaunoy 31780d5f3d
new: [microsoft-azure-appid] generation added 2022-11-18 16:36:28 +01:00
Matthew Conway 28b12eb72f
Add translate.goog to Google list 
Subdomains of translate.goog are used to present translated websites
 2022-11-14 16:29:42 -08:00
Alexandre Dulaunoy 353d38313f
chg: [lists] updated automatically 2022-11-09 12:03:49 +01:00
David Cruciani 7fa44afc53 fix: [park domain] ip network 2022-11-04 17:17:48 +01:00
David Cruciani 09c312fcaa chg: [park_domain] new info source 2022-11-04 17:02:23 +01:00
David Cruciani 0a39aa3503 fix: [park dn ns] jq all things 2022-10-25 10:49:45 +02:00
David Cruciani 62a943f069 fix: [park dn] jq_all_things 2022-10-25 10:38:52 +02:00
David Cruciani b5ddd72bef Merge branch 'main' of https://github.com/DavidCruciani/misp-warninglists 2022-10-25 10:36:01 +02:00
David Cruciani f37cc08ffc add: [park dn] ns and ip 2022-10-25 10:17:40 +02:00
David Cruciani a1866042ab add: [park dns ns] bodis.com 2022-10-25 09:19:52 +02:00
David Cruciani cf8f293174 add: [park dns ns] freenom.com 2022-10-25 09:17:05 +02:00
David Cruciani d58e4321ed add: [park dns ns] sedo.com 2022-10-24 15:07:54 +02:00
David Cruciani dbadf2a077 add: [list] parking domain ns 2022-10-24 15:00:56 +02:00
Alexandre Dulaunoy bc12a5fa8a
fix: [parking] must be sorted 2022-10-24 13:41:45 +02:00
Alexandre Dulaunoy eefbf60c29
fix: [parking-domain] jq all the things 2022-10-24 13:39:44 +02:00
Alexandre Dulaunoy eb1461fac9
Merge branch 'main' of https://github.com/DavidCruciani/misp-warninglists into DavidCruciani-main 2022-10-24 13:39:16 +02:00
David Cruciani 3cc1da0570 add: [list] parking-domains 2022-10-24 11:59:33 +02:00
Alexandre Dulaunoy c50ad9fca9
chg: [warning-lists] updated to the latest version 2022-10-24 08:35:17 +02:00
Alexandre Dulaunoy 040837ca1d
chg: [tenable] headers updated 2022-10-05 15:53:46 +02:00
Alexandre Dulaunoy 14d19fa58f
Merge pull request #226 from jberkers42/jberkers42-tenable 
Add generator script for Tenable
 2022-10-05 15:52:48 +02:00
John Berkers 3069e9ab00 Add generator script for Tenable 2022-10-05 18:03:03 +11:00
Alexandre Dulaunoy 1b026ee511
chg: [lists] updated 2022-09-25 16:58:35 +02:00
Alexandre Dulaunoy d1376df646
Merge pull request #223 from drewm27/main 
Combine common range also including 208.100.26.238 learned from securityscorecard
 2022-09-19 23:08:15 +02:00
Drew Middlesworth 66a0d53d67 Combine common range also including 208.100.26.238 from 
securityscorecard
 2022-09-19 09:02:22 -07:00
Jeroen Pinoy c9a7bdc25e
chg: [bank-website] add major bank domains 2022-09-18 07:03:37 -07:00
Jeroen Pinoy ab0c2e6e94
chg: [bank-website] remove unregistered domains 2022-09-18 03:40:22 -07:00
Jeroen Pinoy 34ce664460
chg: [bank-website] add major bank domains 2022-09-14 15:23:02 -07:00
Alexandre Dulaunoy 81d122e2df
chg: [lists] updated 2022-09-09 16:26:59 +02:00
Alexandre Dulaunoy 6884002f48
chg: [lists] updated to the latest version 2022-09-09 13:58:31 +02:00
Drew Middlesworth cb5b546a9c Add 2 more sinkholes discovered from securityscorecard.com 2022-09-07 16:47:03 -07:00
Alexandre Dulaunoy e5cc9e4b0f
chg: [updated] lists 2022-09-01 10:47:51 +02:00
Alexandre Dulaunoy d54655cbe0
chg: [warning-lists] updated 2022-08-17 15:23:25 +02:00
Alexandre Dulaunoy faee7c9dff
chg: [public-dns] updated 2022-08-16 08:32:30 +02:00
Alexandre Dulaunoy cd1baa3de5
fix: [public-dns] Update the public-dns generator to remove non valid hostnames 
Fix reported issue #214
 2022-08-16 08:26:14 +02:00
Alexandre Dulaunoy 631b7d522e
fix: [security-provider] removed google services as mentioned in issue #214 2022-08-16 07:17:56 +02:00
Alexandre Dulaunoy 4884243111
fix: [manage-windows-2004-endpoints] Windows 10 Enterprise, version 2004 - Fix reported issue #214 2022-08-16 07:11:14 +02:00
Alexandre Dulaunoy 7a6eebe47b
chg: [stackpath] updated 2022-08-16 07:00:22 +02:00
Alexandre Dulaunoy 917b9659dd
chg: [lists] misp warning-lists updated 2022-08-10 07:58:14 +02:00
Alexandre Dulaunoy fc5599114f
chg: [warning-lists] updated 2022-08-04 09:09:59 +02:00
Alexandre Dulaunoy 7aa3954930
chg: [lists] updated 2022-07-27 18:43:17 +02:00
Koen Van Impe abba35bd69
Added AS 8075 ( MICROSOFT-CORP-MSN-AS-BLOCK ) 2022-07-27 16:14:02 +02:00
Maxime THIEBAUT 37418110a2 Apply IP-based warning lists on ip|port combinations 2022-07-05 09:32:41 +02:00
Alexandre Dulaunoy 0b03db25bd
chg: [lists] warning lists updated 2022-06-26 09:56:02 +02:00
drewm27 8af48a325a
Merge branch 'main' into main 2022-06-20 09:14:03 -07:00
Drew Middlesworth 0a604f0077 Add new sinkholes from riskrecon 2022-06-20 09:11:36 -07:00
Alexandre Dulaunoy cbd84c0172
chg: [warning-lists] updated 2022-06-07 07:41:44 +02:00
Alexandre Dulaunoy 1ed19f44fb
chg: [sinkholes] jq sorting 2022-05-31 22:54:06 +02:00
Alexandre Dulaunoy f4c569154d
Merge branch 'main' of https://github.com/drewm27/misp-warninglists into drewm27-main 2022-05-31 22:52:55 +02:00
Drew Middlesworth 5f91066cd4 Add new sinkholes from riskrecon.com 2022-05-31 09:24:51 -07:00
Alexandre Dulaunoy 0eca255f51
Merge pull request #209 from drewm27/main 
New sinkholes from riskrecon
 2022-05-09 23:26:26 +02:00
Drew Middlesworth 660349fcb6 New sinkholes from riskrecon 2022-05-09 12:36:31 -07:00
Alexandre Dulaunoy 7a471762a5
chg: [warning-lists] updated 2022-04-29 13:38:22 +02:00
Alexandre Dulaunoy f270e406bc
chg: [lists] updated 2022-04-19 09:54:28 +02:00
Alexandre Dulaunoy 89cd7146f2
chg: [warning-lists] updated 2022-03-31 14:22:48 +02:00
Alexandre Dulaunoy a6da32235f
chg: [warning-lists] updated 2022-03-24 15:30:31 +01:00
Alexandre Dulaunoy e6ce0020cf
chg: [warning-lists] updated 2022-03-11 10:59:08 +01:00
Alexandre Dulaunoy 2162423798
Merge pull request #206 from drewm27/main 
Another sinkhole acquired from abuseat.com
 2022-03-02 06:44:44 +01:00
Drew Middlesworth 2a2fe84637 Another sinkhole acquired from abuseat.com 2022-02-28 11:31:20 -08:00
Alexandre Dulaunoy 653a035ae7
chg: [warning-lists] updated 2022-02-26 16:05:14 +01:00
Alexandre Dulaunoy 5155ebf397
chg: [warning-lists] updated 2022-02-20 17:28:41 +01:00
Alexandre Dulaunoy df73d5c576
chg: [lists] updated to the latest version 2022-02-01 16:51:27 +01:00
Alexandre Dulaunoy 55ca141cc5
chg: [bank-website] fix JSON 2022-01-06 09:11:59 +01:00
Pituphong f34ede2575
Update Thailand Bank's website to list.json 
Update Thailand Bank's website to list.json
 2022-01-06 13:09:26 +07:00
Alexandre Dulaunoy 92bee338a0
chg: [lists] updated to the latest version + fix stackpath 2022-01-04 15:43:03 +01:00
Alexandre Dulaunoy 630419a8cd
chg: [bank-website] fix sorting 2022-01-04 10:38:21 +01:00
Alexandre Dulaunoy d7902cb198
Merge branch 'patch-1' of https://github.com/mkilijanek/misp-warninglists into mkilijanek-patch-1 2022-01-04 10:35:30 +01:00
Pituphong d1e65b32cb
Update v(dot)ht to list.json 2022-01-04 13:48:24 +07:00
Kili 73ca93f3b5
Update list.json 
Added few Polish banking domains: Bank Millennium, Alior Bank, Pekao S.A., ING Bank Śląski S.A.
 2022-01-03 14:55:32 +01:00
Alexandre Dulaunoy d5eb05f959
chg: [warning-lists] updated 2021-12-17 11:47:24 +01:00
Alexandre Dulaunoy ffb894e06f
Merge pull request #199 from drewm27/main 
New sinkhole hosts reported from riskrecon.com
 2021-12-13 19:37:22 +01:00
Drew Middlesworth ddc42da45e New sinkhole hosts reported from riskrecon.com 2021-12-13 09:52:01 -08:00
Francis Trudeau 88bd36bcf8
update list 
https://www.tunnelbear.com/whats-my-ip
 2021-12-09 11:02:31 -07:00
Alexandre Dulaunoy 985863c7cf
chg: [lists] updated 2021-12-06 10:31:38 +01:00
Alexandre Dulaunoy 63dd0c6cbe
Merge pull request #197 from drewm27/main 
Two more sinkholes from bitsight.com that are in use
 2021-12-02 20:07:30 +01:00
Drew Middlesworth 59d9617a4c Two more sinkholes from bitsight.com that are in use 2021-12-02 09:28:09 -08:00
Daniele Cantarini ea4105b5ee
incorrect regex update 
As described in issue #195 the regex "/((?:\\+|00)61)?1(3|8)00975707|08|09|10|11/g" should be corrected in "/((?:\\+|00)61)?1(3|8)00975707(08|09|10|11)/g"
 2021-11-30 10:36:19 +01:00
Alexandre Dulaunoy 3637925e8f
chg: [warning-lists] updated 2021-11-19 10:58:42 +01:00
Alexandre Dulaunoy fad9f6d675
Merge pull request #194 from drewm27/main 
Additional sinkholes found for shadowserver and looking up neighbor IP ranges for sinkhole DNS names
 2021-11-18 15:31:50 +01:00
Drew Middlesworth 7b26dc4489 sinkhole.fitsec.com revese DNS 2021-11-17 13:54:58 -08:00
Drew Middlesworth 77de13eac0 Reverse lookup of this IP shows sinkhole.hyas.com. 2021-11-17 13:50:10 -08:00
Drew Middlesworth c65df599a3 This range all has reverse DNS lookup info pointing to sinkholed.by.zinkhole.org. 2021-11-17 13:46:58 -08:00
Drew Middlesworth 48465b733e Combine cert.pl range, a significant number of these IPs revese lookup to sinkhole.cert.pl. 2021-11-17 13:42:33 -08:00
Drew Middlesworth 09f0c14794 5 of the hosts in this range are also shadowserver sinkholes according to their reverse DNS 2021-11-17 12:56:17 -08:00
Drew Middlesworth b50769586d Reverse looking up all these addresses in this range mention sinkhole 2021-11-17 12:50:05 -08:00
Drew Middlesworth 69460b61d1 Added sinkhole used for abuseat.org and spamhaus 2021-11-17 09:50:30 -08:00
Alexandre Dulaunoy ea53651d3d
chg: [warning-lists] updated 2021-10-28 11:45:21 +02:00
Drew Middlesworth 48e49f6f99 Fix order 2021-10-27 15:09:36 -07:00
Drew Middlesworth 3e81a6e376 New sinkholes detected from work with riskrecon.com and other security sites. Running curl on any of these IPs pretty well shows they are sinkholes 2021-10-27 10:45:45 -07:00
Alexandre Dulaunoy 27fb7a6a44
chg: [lists] updated 2021-10-05 15:37:06 +02:00
Alexandre Dulaunoy 477531af06
chg: [lists] updated 2021-09-30 14:19:26 +02:00
Alexandre Dulaunoy 35b1be4789
chg: [warning-lists] updated 2021-09-23 11:10:27 +02:00
Alexandre Dulaunoy 5b792f577f
chg: [warning-lists] updated to the latest version 2021-09-17 15:27:37 +02:00
Jakub Onderka 5687ebf976 new: Include dnscrypt-resolvers IP addresses to public-dns lists 2021-09-15 11:44:51 +02:00
Alexandre Dulaunoy 037ad1a8fa
chg: [warning-lists] updated to the latest version 2021-08-30 16:00:10 +02:00
Alexandre Dulaunoy e0cfdf97b9
chg: [warning-lists] updated 2021-08-17 15:17:57 +02:00
Alexandre Dulaunoy ab5ea4ab14
chg: [warning-lists] updated 2021-07-31 09:51:18 +02:00
Alexandre Dulaunoy 9aa99012c7
chg: [warning-lists] updated 2021-07-19 22:51:39 +02:00
Alexandre Dulaunoy 0dac22e317
chg: [warning-lists] updated to the latest version 2021-07-13 09:23:11 +02:00
Alexandre Dulaunoy 9ca0e09801
fix: [public-dns] 9.9.9.9 added 2021-07-01 17:35:15 +02:00
Alexandre Dulaunoy bc7ad438a5
chg: [warning-lists] updated 2021-06-30 16:16:16 +02:00
Alexandre Dulaunoy a219c925ec
chg: [dynamic-dns] jq all the things 2021-06-29 11:44:03 +02:00
Alexandre Dulaunoy 20018b2d34
Merge branch 'patch-2' of https://github.com/ekamioka/misp-warninglists into ekamioka-patch-2 2021-06-29 11:43:14 +02:00
Jakub Onderka 00d5e40ac1 new: List of known SMTP receiving IP addresses 2021-06-14 23:26:44 +02:00
Jakub Onderka e7401c9cbe new: List of known SMTP sending IP ranges 2021-06-14 23:09:39 +02:00
Alexandre Dulaunoy 6a454c984b
chg: [update] update of all the warning-lists 2021-06-14 11:03:34 +02:00
Jakub Onderka 6c9eff2dcc new: Generator for Akamai 2021-06-13 15:48:55 +02:00
Jakub Onderka 98f7390e88 chg: [cidr] Consolidate CIDR networks 2021-06-13 14:54:48 +02:00
Alexandre Dulaunoy 0c8d517366
Merge pull request #188 from JakubOnderka/office365-cn 
chg: [microsoft-office365-cn] Update to latest version
 2021-06-13 07:36:08 +02:00
Jakub Onderka 7dfdb1dbaf chg: [microsoft-office365-cn] Update to latest version 2021-06-12 18:38:05 +02:00
ekamioka d7fa29e35a
add more dynamic DNS domains 2021-06-12 11:30:39 -03:00
Jakub Onderka d66a51e537 new: [crl] Genreate domains and IPs directly from Mozilla intermediate list 2021-06-12 11:28:13 +02:00
Jakub Onderka f0f7b08c15 new: [apple] IP ranges assigned to Apple 2021-06-10 18:05:01 +02:00
Jakub Onderka 8f2691535b fix: [mozilla-IntermediateCA] Typo 2021-06-10 17:57:35 +02:00
Jakub Onderka 7290956691 chg: [ovh-cluster] Change list typo to cidr 2021-06-10 17:37:35 +02:00
Jakub Onderka c9320d8ca9 new: [google-gmail-sending-ips] Add generator and update to latest version 2021-06-10 16:26:26 +02:00
Jakub Onderka 14ee657daf new: [google-gcp] Add generator and update to latest version 2021-06-10 16:07:29 +02:00
Jakub Onderka a6c3455944 new: [azure] List for Azure China, Germany and US Gov cloud 2021-06-10 11:15:32 +02:00