Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/duggytuxy/malicious_ip_addresses
These are the IP addresses of the most active C2/Botnets/Zombies/Scanners in European Cyber Space
https://github.com/duggytuxy/malicious_ip_addresses
botnets ddos ipaddresses ipv4 malicious malware zombies
Last synced: 2 months ago
JSON representation
These are the IP addresses of the most active C2/Botnets/Zombies/Scanners in European Cyber Space
- Host: GitHub
- URL: https://github.com/duggytuxy/malicious_ip_addresses
- Owner: duggytuxy
- Created: 2023-06-16T16:14:41.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2024-04-13T06:19:04.000Z (3 months ago)
- Last Synced: 2024-04-13T20:53:11.364Z (3 months ago)
- Topics: botnets, ddos, ipaddresses, ipv4, malicious, malware, zombies
- Homepage: https://discord.gg/be-cyber
- Size: 10.2 MB
- Stars: 123
- Watchers: 8
- Forks: 17
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Lists
- awesome-stars - duggytuxy/malicious_ip_addresses - Lists of addresses of the most active C2, Botnets, Zombies, Scanners in European Cyber Space (Others)
README
# Malicious IP Addresses
These are the IP addresses of the most active Botnets/Zombies/Scanners in European Cyber Space
***Support our work with a donation*** 👉 https://www.paypal.com/donate/?hosted_button_id=8GBRAM5CU57S4
# All lists available
```blacklist_ips_for_fortinet_firewall_aa.txt```
```blacklist_ips_for_fortinet_firewall_ab.txt```
```botnets_zombies_scanner_spam_ips.txt``` (full list)
```botnets_zombies_scanner_spam_ips_ipv6.txt``` (soon !!!)
# Categories
- SSH Brute Forcers
- FortiOS CVE | RCE Exploits
- Exchange CVE | RCE Exploits
- VPN-SSL Brute Forcers
- C2 Cobalt Strike
- CGI Script Scanner
- Cisco ASA Scanner
- MSSQL Bruteforcer
- GPON CVE-2018-10561 Router Worm
- GPON CVE-2018-10562 Router Worm
- SSH Worm
- VMware ESXi Scanner
- RDP Worm
- Grafana API_JSONRPC.PHP Zabbix Credentials Disclosure
- WordPress Core User Enumeration
- Ivanti EPMM (MobileIron Core) Authentication Bypass
- Huawei HG532 UPnP CVE-2017-17215 Worm
- Open Proxy Scanner
- QNX Qconn Exploit
- ProxyLogon SSRF Vuln Check
- Atlassian Confluence Server Privilege Escalation
- Shodan Scanners
- Stretchoid Scanner
- XWorm MaaS (IoC)
- CVE-2023-22518 Exploitation
- NjRat
- QaKBot
- Malware
- Phishing
- Mirai
Etc.
# Update
I have created specific lists for Fortinet firewall users following the limitation set by Fortinet:
```blacklist_ips_for_fortinet_firewall_aa.txt```
```blacklist_ips_for_fortinet_firewall_ab.txt```
- etc.
Also, you will need to fork the list and split it into 130,000 entries per file.
In this way, you can validate it in your Threat feeds of your Fortinet Firewall.
PS: this list will be updated every 24/48h