Commit Graph

434 Commits (f9e75992098cc503eb823b6dbbcdc9f984b155e0)

Author SHA1 Message Date
Alexandre Dulaunoy d5eb05f959
chg: [warning-lists] updated 2021-12-17 11:47:24 +01:00
Alexandre Dulaunoy ffb894e06f
Merge pull request #199 from drewm27/main
New sinkhole hosts reported from riskrecon.com
2021-12-13 19:37:22 +01:00
Drew Middlesworth ddc42da45e New sinkhole hosts reported from riskrecon.com 2021-12-13 09:52:01 -08:00
Francis Trudeau 88bd36bcf8
update list
https://www.tunnelbear.com/whats-my-ip
2021-12-09 11:02:31 -07:00
Alexandre Dulaunoy 985863c7cf
chg: [lists] updated 2021-12-06 10:31:38 +01:00
Alexandre Dulaunoy 63dd0c6cbe
Merge pull request #197 from drewm27/main
Two more sinkholes from bitsight.com that are in use
2021-12-02 20:07:30 +01:00
Drew Middlesworth 59d9617a4c Two more sinkholes from bitsight.com that are in use 2021-12-02 09:28:09 -08:00
Daniele Cantarini ea4105b5ee
incorrect regex update
As described in issue #195 the regex "/((?:\\+|00)61)?1(3|8)00975707|08|09|10|11/g" should be corrected in "/((?:\\+|00)61)?1(3|8)00975707(08|09|10|11)/g"
2021-11-30 10:36:19 +01:00
Alexandre Dulaunoy 3637925e8f
chg: [warning-lists] updated 2021-11-19 10:58:42 +01:00
Alexandre Dulaunoy fad9f6d675
Merge pull request #194 from drewm27/main
Additional sinkholes found for shadowserver and looking up neighbor IP ranges for sinkhole DNS names
2021-11-18 15:31:50 +01:00
Drew Middlesworth 7b26dc4489 sinkhole.fitsec.com revese DNS 2021-11-17 13:54:58 -08:00
Drew Middlesworth 77de13eac0 Reverse lookup of this IP shows sinkhole.hyas.com. 2021-11-17 13:50:10 -08:00
Drew Middlesworth c65df599a3 This range all has reverse DNS lookup info pointing to sinkholed.by.zinkhole.org. 2021-11-17 13:46:58 -08:00
Drew Middlesworth 48465b733e Combine cert.pl range, a significant number of these IPs revese lookup to sinkhole.cert.pl. 2021-11-17 13:42:33 -08:00
Drew Middlesworth 09f0c14794 5 of the hosts in this range are also shadowserver sinkholes according to their reverse DNS 2021-11-17 12:56:17 -08:00
Drew Middlesworth b50769586d Reverse looking up all these addresses in this range mention sinkhole 2021-11-17 12:50:05 -08:00
Drew Middlesworth 69460b61d1 Added sinkhole used for abuseat.org and spamhaus 2021-11-17 09:50:30 -08:00
Alexandre Dulaunoy ea53651d3d
chg: [warning-lists] updated 2021-10-28 11:45:21 +02:00
Drew Middlesworth 48e49f6f99 Fix order 2021-10-27 15:09:36 -07:00
Drew Middlesworth 3e81a6e376 New sinkholes detected from work with riskrecon.com and other security sites. Running curl on any of these IPs pretty well shows they are sinkholes 2021-10-27 10:45:45 -07:00
Alexandre Dulaunoy 27fb7a6a44
chg: [lists] updated 2021-10-05 15:37:06 +02:00
Alexandre Dulaunoy 477531af06
chg: [lists] updated 2021-09-30 14:19:26 +02:00
Alexandre Dulaunoy 35b1be4789
chg: [warning-lists] updated 2021-09-23 11:10:27 +02:00
Alexandre Dulaunoy 5b792f577f
chg: [warning-lists] updated to the latest version 2021-09-17 15:27:37 +02:00
Jakub Onderka 5687ebf976 new: Include dnscrypt-resolvers IP addresses to public-dns lists 2021-09-15 11:44:51 +02:00
Alexandre Dulaunoy 037ad1a8fa
chg: [warning-lists] updated to the latest version 2021-08-30 16:00:10 +02:00
Alexandre Dulaunoy e0cfdf97b9
chg: [warning-lists] updated 2021-08-17 15:17:57 +02:00
Alexandre Dulaunoy ab5ea4ab14
chg: [warning-lists] updated 2021-07-31 09:51:18 +02:00
Alexandre Dulaunoy 9aa99012c7
chg: [warning-lists] updated 2021-07-19 22:51:39 +02:00
Alexandre Dulaunoy 0dac22e317
chg: [warning-lists] updated to the latest version 2021-07-13 09:23:11 +02:00
Alexandre Dulaunoy 9ca0e09801
fix: [public-dns] 9.9.9.9 added 2021-07-01 17:35:15 +02:00
Alexandre Dulaunoy bc7ad438a5
chg: [warning-lists] updated 2021-06-30 16:16:16 +02:00
Alexandre Dulaunoy a219c925ec
chg: [dynamic-dns] jq all the things 2021-06-29 11:44:03 +02:00
Alexandre Dulaunoy 20018b2d34
Merge branch 'patch-2' of https://github.com/ekamioka/misp-warninglists into ekamioka-patch-2 2021-06-29 11:43:14 +02:00
Jakub Onderka 00d5e40ac1 new: List of known SMTP receiving IP addresses 2021-06-14 23:26:44 +02:00
Jakub Onderka e7401c9cbe new: List of known SMTP sending IP ranges 2021-06-14 23:09:39 +02:00
Alexandre Dulaunoy 6a454c984b
chg: [update] update of all the warning-lists 2021-06-14 11:03:34 +02:00
Jakub Onderka 6c9eff2dcc new: Generator for Akamai 2021-06-13 15:48:55 +02:00
Jakub Onderka 98f7390e88 chg: [cidr] Consolidate CIDR networks 2021-06-13 14:54:48 +02:00
Alexandre Dulaunoy 0c8d517366
Merge pull request #188 from JakubOnderka/office365-cn
chg: [microsoft-office365-cn] Update to latest version
2021-06-13 07:36:08 +02:00
Jakub Onderka 7dfdb1dbaf chg: [microsoft-office365-cn] Update to latest version 2021-06-12 18:38:05 +02:00
ekamioka d7fa29e35a
add more dynamic DNS domains 2021-06-12 11:30:39 -03:00
Jakub Onderka d66a51e537 new: [crl] Genreate domains and IPs directly from Mozilla intermediate list 2021-06-12 11:28:13 +02:00
Jakub Onderka f0f7b08c15 new: [apple] IP ranges assigned to Apple 2021-06-10 18:05:01 +02:00
Jakub Onderka 8f2691535b fix: [mozilla-IntermediateCA] Typo 2021-06-10 17:57:35 +02:00
Jakub Onderka 7290956691 chg: [ovh-cluster] Change list typo to cidr 2021-06-10 17:37:35 +02:00
Jakub Onderka c9320d8ca9 new: [google-gmail-sending-ips] Add generator and update to latest version 2021-06-10 16:26:26 +02:00
Jakub Onderka 14ee657daf new: [google-gcp] Add generator and update to latest version 2021-06-10 16:07:29 +02:00
Jakub Onderka a6c3455944 new: [azure] List for Azure China, Germany and US Gov cloud 2021-06-10 11:15:32 +02:00
Jakub Onderka cdd8adc772 fix: [google-gmail-sending-ips] typo 2021-06-10 10:39:14 +02:00
Jakub Onderka 104bf6883f new: [second-level-tlds] Add generator and update to latest version 2021-06-10 10:36:57 +02:00
Jakub Onderka 66a92ab133 fix: [stackpath] List was empty 2021-06-10 10:13:12 +02:00
Jakub Onderka aee9919ac4 fix: [moz] Moz is not Mozilla 2021-06-10 10:02:20 +02:00
Jakub Onderka 18abc2bf9c chg: [rfc] Normalize RFC lists description 2021-06-10 09:59:04 +02:00
Jakub Onderka 8a2c3dc760 fix: [publicdns] IP addresses should be cidr 2021-06-10 09:59:04 +02:00
Alexandre Dulaunoy 8ecc9f4d77
chg: [dynamic-dns] jq all the things 2021-06-09 07:23:04 +02:00
Alexandre Dulaunoy c1036bceb2
Merge branch 'main' of https://github.com/ekamioka/misp-warninglists into ekamioka-main 2021-06-09 07:22:17 +02:00
ekamioka 44598bde73 init a list of dyn DNS TLD domains 2021-06-07 20:12:28 -03:00
Alexandre Dulaunoy f3a63c2b0f
new: [warning-lists] updated to the latest version 2021-06-04 11:02:42 +02:00
Kevin Holvoet 08a0a32813 generate-stackpath.py: Added scraper on website to get new link for ipblocks.txt file 2021-06-02 14:51:58 +02:00
Alexandre Dulaunoy 29192e0b20
chg: [update] MISP warning-lists updated 2021-05-26 09:35:54 +02:00
Alexandre Dulaunoy 63cc1ddbdb
chg: [url-shortners] fix #177 2021-05-01 10:38:08 +02:00
Alexandre Dulaunoy 695ebef8e1
chg: [nioc] sorted/jq 2021-05-01 10:34:29 +02:00
Alexandre Dulaunoy f681600374
Merge branch 'nioc-filehash' of https://github.com/RichieB2B/misp-warninglists into RichieB2B-nioc-filehash 2021-05-01 10:33:36 +02:00
Alexandre Dulaunoy fe4e44b24d
chg: [warning-lists] updated 2021-04-26 11:13:25 +02:00
Alexandre Dulaunoy 52b3824981
chg: [lists] updated 2021-04-21 16:49:17 +02:00
Kevin Holvoet 37bc01ae21 Created new Stackpath CDN IP list 2021-04-21 12:09:59 +02:00
Alexandre Dulaunoy 892ac72da4
chg: [warning-lists] updated 2021-04-20 11:32:03 +02:00
Alexandre Dulaunoy 43592376c0
Merge branch 'main' of github.com:MISP/misp-warninglists into main 2021-03-29 11:58:38 +02:00
Alexandre Dulaunoy d109a1ce95
chg: [update] run on all 2021-03-29 11:56:56 +02:00
przemekzny 2183e33033
Update list.json
Added domains of PKO Bank Polski S.A.
2021-02-01 17:20:04 +01:00
Alexandre Dulaunoy 2ca8b466cb
chg: [public-resolver] revert to previous one as the source is dropping
many known public resolver such as quad9
2021-01-15 10:11:05 +01:00
Alexandre Dulaunoy 43c62d127e
chg: [updates] updated warning-lists 2021-01-15 08:22:43 +01:00
Alexandre Dulaunoy 54e2d5c91d
chg: [warning-lists] updated 2021-01-05 09:15:17 +01:00
Alexandre Dulaunoy af399ce3ed
chg: [updated] warning-lists updated 2020-12-24 11:23:44 +01:00
Alexandre Dulaunoy 7f740f0e79
chg: [warning-lists] updated 2020-12-16 10:40:23 +01:00
Alexandre Dulaunoy 0f5059627d
chg: [update] automatic update 2020-12-10 23:06:00 +01:00
Richard van den Berg 0ddff6c50b Add nioc-filehash 2020-12-05 10:50:50 +01:00
Cormac Doherty 1fdada3976 Corrected version number to one 2020-12-04 22:03:18 +00:00
Cormac Doherty f949bbe8bd jq all the things 2020-12-04 21:57:44 +00:00
DocArmoryTech 5e0af2a6b3
Added Neo23x0/ti-falsepositive warninglist
Neo23x0:Neo23x0/ti-falsepositive is a "hash generator for typical false positive hashes". 

This warninglist was generated using a modified version of the generator (see: DocArmoryTech:DocArmoryTech-mispwl)

`python3 ./fp-hashes.py > list.json`
2020-12-04 16:16:05 +00:00
Alexandre Dulaunoy deef186d58
chg: [updates] updated warning lists 2020-11-23 08:59:40 +01:00
Alexandre Dulaunoy d4ca35c25c
chg: [warning-list] updated 2020-11-16 13:35:02 +01:00
Raphaël Vinot a80da878b9 chg: Bump moz-top500 2020-11-16 13:05:31 +01:00
Alexandre Dulaunoy aa499f4059
chg: [update] misp-warninglists updated 2020-11-10 11:55:39 +01:00
Alexandre Dulaunoy 1f01f885c7
Merge pull request #172 from pettai/Fastly
Add Fastly IPs
2020-11-07 08:05:13 +01:00
pettai 164eb276f1 Add Fastly IPs
Add all Fastlys IP addresses
2020-11-06 18:50:12 +01:00
chrisr3d 7154bfc01f
add: A few more phone numbers regexes 2020-10-31 22:06:20 +01:00
chrisr3d 6d49d3386f
add: Added regexes for the american fictitious numbers in the list 2020-10-30 23:29:18 +01:00
Alexandre Dulaunoy 53a03c6277
chg: [warning-lists] updated to the latest version 2020-10-28 09:38:58 +01:00
chrisr3d 8a629209f2
chg: Changed name to be displayed as warning and description 2020-10-27 11:19:05 +01:00
chrisr3d a50c06c9eb
chg: Turned the regexes for audiovisual works into a single one 2020-10-27 10:38:45 +01:00
chrisr3d 543406dff4
add: New Warninglist for phone numbers that should never be attributed
- First examples filling the list of regexes: the
  phone numbers used for audiovisual works, or
  the communications companies internal numbers.
  Those phone numbers are reserved and should
  never be given to any user
- We'll add as well the numbers reserved for the
  american audiovisual works soon
2020-10-27 04:03:44 +01:00
pettai 89344f9b5f +jq_all_the_things.sh
missed to run jq_all_the_things.sh
2020-10-25 20:57:20 +01:00
pettai e2d6211b67 Add GCP IPs
Add GCP (Google Cloud Platform) IP addresses
2020-10-24 23:59:33 +02:00
Alexandre Dulaunoy 278f726f1d
chg: [warning-lists] updated 2020-10-16 12:38:48 +02:00
Alexandre Dulaunoy 41c2c01627
chg: [warning-lists] updated 2020-10-13 13:30:01 +02:00
Alexandre Dulaunoy acfaf672d4
chg: [update] following changes + regular update 2020-09-30 23:19:13 +02:00
Alexandre Dulaunoy 0549cad3df
chg: [automatic updates] all warning-lists 2020-09-29 17:13:43 +02:00
cyber288 5e03dc549a
Changed matching algorithm to string 2020-09-23 15:57:34 -04:00