wdes/security
1
0
Fork 0
Code Actions Packages Releases Activity

Better documentation

Browse Source
This commit is contained in:
William Desportes
2025-04-05 16:01:53 +02:00
parent c644bf482c
commit 1d2ef921ff
1 changed files with 37 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
README.md
View File

@ -6,8 +6,8 @@
- `https://security.wdes.eu/scanners/stretchoid.txt` (List of all known stretchoid IPs) - `https://security.wdes.eu/scanners/stretchoid.txt` (List of all known stretchoid IPs)
- `https://security.wdes.eu/scanners/binaryedge.txt` (List of all known binaryedge IPs) - `https://security.wdes.eu/scanners/binaryedge.txt` (List of all known binaryedge IPs)
- `https://security.wdes.eu/scanners/shadowserver.txt` (List of all known shadowserver IPs) - `https://security.wdes.eu/scanners/shadowserver.txt` (List of all known shadowserver (shadowserver.org) IPs)
- `https://security.wdes.eu/scanners/censys.txt` (List of all IPs declared by censys scanner on their [FAQ](https://docs.censys.com/docs/opt-out-of-data-collection) - `https://security.wdes.eu/scanners/censys.txt` (List of all IPs declared by censys scanner (censys.io) on their [FAQ](https://docs.censys.com/docs/opt-out-of-data-collection)
- `https://security.wdes.eu/scanners/internet-measurement.com.txt` (List of all IPs declared by internet-measurement.com on [their website](https://internet-measurement.com/#ips)) - `https://security.wdes.eu/scanners/internet-measurement.com.txt` (List of all IPs declared by internet-measurement.com on [their website](https://internet-measurement.com/#ips))
- `https://security.wdes.eu/scanners/anssi.txt` (List of all IPs declared by CERT-FR/ANSSI on [their website](https://www.cert.ssi.gouv.fr/scans/)) - `https://security.wdes.eu/scanners/anssi.txt` (List of all IPs declared by CERT-FR/ANSSI on [their website](https://www.cert.ssi.gouv.fr/scans/))
@ -22,13 +22,41 @@
## Other similar projects ## Other similar projects
- https://github.com/szepeviktor/debian-server-tools/tree/master/security/myattackers-ipsets/ipset - https://github.com/szepeviktor/debian-server-tools/tree/master/security/myattackers-ipsets/ipset
- https://github.com/wravoc/authlog-threats/blob/main/scanners - https://github.com/wravoc/authlog-threats/blob/main/scanners (not updated in 2025 since two years)
- https://github.com/stamparm/maltrail/blob/master/trails/static/mass_scanner.txt - https://github.com/stamparm/maltrail/blob/master/trails/static/mass_scanner.txt
## Bad actors to handle ## TODO list
### Features
- https://security.wdes.eu/scanners/<scanner>.txt#commented -> Output with the name
### Scanners
- scan-*.shadowserver.org example: scan-37-1d.shadowserver.org
- *.scan.bufferover.run example: bogota.scan.bufferover.run - *.scan.bufferover.run example: bogota.scan.bufferover.run
- security.criminalip.com
- zl-ams-nl-gr1-wk102b.internet-census.org
- optout.scanopticon.com - optout.scanopticon.com
- pinger*.netsec.colostate.edu
- pinger-*.ant.isi.edu
- researchscanner*.eecs.berkeley.edu
- researchscan*.eecs.umich.edu
- researchscan*.comsys.rwth-aachen.de
- scanners.labs.rapid7.com, scanner*.labs.rapid7.com
- openresolverproject.org, opensnmpproject.org, openntpproject.org, openssdpproject.org, openresolverproject.org
- probe*.projectblindferret.com
- shodan.io, *.census.shodan.io, census*.shodan.io
- kudelskisecurity.com
- riskiq.com
- scan.sba-research.org, scanning.sba-research.org
- 5thcolumn.net
- internet-census.org, ca-san-*-*-*.internet-census.org, Example: zl-ams-nl-gr1-wk102b.internet-census.org
- internettl.org
- netsystemsresearch.com
- tequilaboomboom.club
- scanner.openportstats.com
- outspoken.ca
- phenome.ca
- ltx71
- Greenbone
- leakix.net
- [45.83.64.0/22 is ALPHASTRIKE-RESEARCH](https://www.alphastrike.io/en/log4j/)
- security.criminalip.com