{"id":21042659,"url":"https://github.com/safebuffer/redblock","last_synced_at":"2025-07-01T02:36:45.266Z","repository":{"id":218436358,"uuid":"746366134","full_name":"safebuffer/redblock","owner":"safebuffer","description":"RedBlock is an Nginx module designed for offensive security operations and red teaming. This module empowers security professionals to easily block all IPs associated with hosting and cloud infrastructure, as well as known sandbox environments. ","archived":false,"fork":false,"pushed_at":"2024-01-21T21:26:55.000Z","size":60,"stargazers_count":21,"open_issues_count":0,"forks_count":2,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-04-12T15:56:10.148Z","etag":null,"topics":["cobaltstrike","nginx","nginx-module","opsec","pentesting-tools","redirector","redteam-infrastructure"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/safebuffer.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2024-01-21T20:47:33.000Z","updated_at":"2025-04-09T08:20:10.000Z","dependencies_parsed_at":"2024-01-21T23:44:22.996Z","dependency_job_id":null,"html_url":"https://github.com/safebuffer/redblock","commit_stats":null,"previous_names":["safebuffer/redblock"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/safebuffer/redblock","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/safebuffer%2Fredblock","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/safebuffer%2Fredblock/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/safebuffer%2Fredblock/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/safebuffer%2Fredblock/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/safebuffer","download_url":"https://codeload.github.com/safebuffer/redblock/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/safebuffer%2Fredblock/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":262884194,"owners_count":23379349,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cobaltstrike","nginx","nginx-module","opsec","pentesting-tools","redirector","redteam-infrastructure"],"created_at":"2024-11-19T14:08:35.209Z","updated_at":"2025-07-01T02:36:45.133Z","avatar_url":"https://github.com/safebuffer.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Redblock\n\nAnother redirector for your offensive operation infrastructure unless you're ready to add 50k network range to your nginx configuration file.\n\n## Overview\n\n![Redblock](/assets/red.png)\n\nRedblock is nginx module for hiding your C2/phishing/etc infrastructure from sandboxes, threat scanners. Easily block IPs associated with hosting, cloud infrastructure, and known sandbox environments.\nyou can use your own IPRanges Dataset.\n\n## Configuration\n\nBuild the module with dependencies.\n```bash\nmake install \u0026\u0026 make configure \u0026\u0026 make\n```\nFinal compiled library will be located at `objs/ngx_http_redblock_module.so`.\nyou will need to add it to `/etc/nginx/nginx.conf`\n```nginx\nload_module objs/ngx_http_redblock_module.so;\n```\ndataset location is `/etc/nginx/redblock_ranges.bin` you can change it in the code, you will have to copy the default dataset to that location. \n```bash\ncp ./ipv4_ranges.bin /etc/nginx/redblock_ranges.bin\n```\nYou'll need to restart `nginx` every time you rebuild the module.\n```bash\nservice nginx restart\n```\nnow you can see the blocked requests in error log.\n\n## Bring Your Own dataset\nyou can encode the list of the ip address you want \n```bash\npython encode_dataset.py input_file output_file [--ipv4] [--ipv6]\n```\nor update the current dataset by running \n```bash\npython palo_alto_edl_dataset.py\n```\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsafebuffer%2Fredblock","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsafebuffer%2Fredblock","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsafebuffer%2Fredblock/lists"}