Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ch3k1/squidmagic
analyze a web-based network traffic 🕶 to detect central command and control servers
https://github.com/ch3k1/squidmagic
incident-response network-traffic proxy-server squid squidmagic
Last synced: 22 days ago
JSON representation
analyze a web-based network traffic 🕶 to detect central command and control servers
- Host: GitHub
- URL: https://github.com/ch3k1/squidmagic
- Owner: ch3k1
- Created: 2016-08-23T09:45:09.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2018-06-30T21:00:44.000Z (over 6 years ago)
- Last Synced: 2024-08-05T09:15:17.373Z (4 months ago)
- Topics: incident-response, network-traffic, proxy-server, squid, squidmagic
- Language: Python
- Homepage:
- Size: 1.9 MB
- Stars: 76
- Watchers: 8
- Forks: 27
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-network-stuff - **65**星 - based network traffic (<a id="7bf0f5839fb2827fdc1b93ae6ac7f53d"></a>工具 / <a id="b346105580b0240d693020ce8719ebca"></a>未分类)
README
Squidmagic is a tool designed to analyze a web-based network traffic to detect central command and control (C&C) servers and Malicious site, using Squid proxy server and Spamhaus.
### Install dependencies
```
pip install -r requirements.txt
```
### Usage
```
python squidmagic.py /squid/access.log
_ _ _
(_) | | (_)
___ __ _ _ _ _ __| |_ __ ___ __ _ __ _ _ ___
/ __|/ _` | | | | |/ _` | '_ ` _ \ / _` |/ _` | |/ __|
\__ \ (_| | |_| | | (_| | | | | | | (_| | (_| | | (__
|___/\__, |\__,_|_|\__,_|_| |_| |_|\__,_|\__, |_|\___|
| | __/ |
|_| |___/
Analyzing...
Analyzing by SBL Advisory...
Spam server detected, ip is 65.182.101.221
Analyzing by SBL_CSS Advisory...
safe server detected, host or ip is 65.182.101.221
Analyzing by PBL Advisory...
safe server detected, host or ip is 65.182.101.221
```