23 lines
1.0 KiB
Markdown
23 lines
1.0 KiB
Markdown
# Wdes SAS security toolkit
|
|
|
|
- `stretchoid.txt` (List of all known stretchoid IPs)
|
|
- `binaryedge.txt` (List of all known binaryedge IPs)
|
|
- `censys-scanner.txt` (List of all IPs declared by censys scanner on their FAQ)
|
|
- `scanners/internet-measurement.com.txt` (List of all IPs declared by internet-measurement.com on [their website](https://internet-measurement.com/#ips))
|
|
- `bad-networks.txt` (List of some hand picked bad networks)
|
|
- `bad-ips.txt` (List of some hand picked bad IPs that caused harm/attacks/scans to mail servers)
|
|
|
|
## Other similar projects
|
|
|
|
- https://github.com/szepeviktor/debian-server-tools/tree/master/security/myattackers-ipsets/ipset
|
|
- https://github.com/wravoc/authlog-threats/blob/main/scanners
|
|
- https://github.com/stamparm/maltrail/blob/master/trails/static/mass_scanner.txt
|
|
|
|
## Bad actors to handle
|
|
|
|
- scan-*.shadowserver.org example: scan-37-1d.shadowserver.org
|
|
- *.scan.bufferover.run example: bogota.scan.bufferover.run
|
|
- security.criminalip.com
|
|
- zl-ams-nl-gr1-wk102b.internet-census.org
|
|
- optout.scanopticon.com
|