Better documentation
This commit is contained in:
46
README.md
46
README.md
@ -6,8 +6,8 @@
|
||||
|
||||
- `https://security.wdes.eu/scanners/stretchoid.txt` (List of all known stretchoid IPs)
|
||||
- `https://security.wdes.eu/scanners/binaryedge.txt` (List of all known binaryedge IPs)
|
||||
- `https://security.wdes.eu/scanners/shadowserver.txt` (List of all known shadowserver IPs)
|
||||
- `https://security.wdes.eu/scanners/censys.txt` (List of all IPs declared by censys scanner on their [FAQ](https://docs.censys.com/docs/opt-out-of-data-collection)
|
||||
- `https://security.wdes.eu/scanners/shadowserver.txt` (List of all known shadowserver (shadowserver.org) IPs)
|
||||
- `https://security.wdes.eu/scanners/censys.txt` (List of all IPs declared by censys scanner (censys.io) on their [FAQ](https://docs.censys.com/docs/opt-out-of-data-collection)
|
||||
- `https://security.wdes.eu/scanners/internet-measurement.com.txt` (List of all IPs declared by internet-measurement.com on [their website](https://internet-measurement.com/#ips))
|
||||
- `https://security.wdes.eu/scanners/anssi.txt` (List of all IPs declared by CERT-FR/ANSSI on [their website](https://www.cert.ssi.gouv.fr/scans/))
|
||||
|
||||
@ -22,13 +22,41 @@
|
||||
## Other similar projects
|
||||
|
||||
- https://github.com/szepeviktor/debian-server-tools/tree/master/security/myattackers-ipsets/ipset
|
||||
- https://github.com/wravoc/authlog-threats/blob/main/scanners
|
||||
- https://github.com/wravoc/authlog-threats/blob/main/scanners (not updated in 2025 since two years)
|
||||
- https://github.com/stamparm/maltrail/blob/master/trails/static/mass_scanner.txt
|
||||
|
||||
## Bad actors to handle
|
||||
## TODO list
|
||||
|
||||
- scan-*.shadowserver.org example: scan-37-1d.shadowserver.org
|
||||
- *.scan.bufferover.run example: bogota.scan.bufferover.run
|
||||
- security.criminalip.com
|
||||
- zl-ams-nl-gr1-wk102b.internet-census.org
|
||||
- optout.scanopticon.com
|
||||
### Features
|
||||
|
||||
- https://security.wdes.eu/scanners/<scanner>.txt#commented -> Output with the name
|
||||
|
||||
### Scanners
|
||||
|
||||
- *.scan.bufferover.run example: bogota.scan.bufferover.run
|
||||
- optout.scanopticon.com
|
||||
- pinger*.netsec.colostate.edu
|
||||
- pinger-*.ant.isi.edu
|
||||
- researchscanner*.eecs.berkeley.edu
|
||||
- researchscan*.eecs.umich.edu
|
||||
- researchscan*.comsys.rwth-aachen.de
|
||||
- scanners.labs.rapid7.com, scanner*.labs.rapid7.com
|
||||
- openresolverproject.org, opensnmpproject.org, openntpproject.org, openssdpproject.org, openresolverproject.org
|
||||
- probe*.projectblindferret.com
|
||||
- shodan.io, *.census.shodan.io, census*.shodan.io
|
||||
- kudelskisecurity.com
|
||||
- riskiq.com
|
||||
- scan.sba-research.org, scanning.sba-research.org
|
||||
- 5thcolumn.net
|
||||
- internet-census.org, ca-san-*-*-*.internet-census.org, Example: zl-ams-nl-gr1-wk102b.internet-census.org
|
||||
- internettl.org
|
||||
- netsystemsresearch.com
|
||||
- tequilaboomboom.club
|
||||
- scanner.openportstats.com
|
||||
- outspoken.ca
|
||||
- phenome.ca
|
||||
- ltx71
|
||||
- Greenbone
|
||||
- leakix.net
|
||||
- [45.83.64.0/22 is ALPHASTRIKE-RESEARCH](https://www.alphastrike.io/en/log4j/)
|
||||
- security.criminalip.com
|
||||
|
||||
Reference in New Issue
Block a user