Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/roguecybersecuritychannel/malicious-ip-detector

A script to that checks for active connections to known malicious foreign IP addresses.
https://github.com/roguecybersecuritychannel/malicious-ip-detector

antivirus blueteam-tools blueteaming-tools bluteam cybersecurity edr ip malicious-ip-detection malicious-url-detection soc soc-analyst windows-10 windows-11

Last synced: 2 months ago
JSON representation

A script to that checks for active connections to known malicious foreign IP addresses.

Awesome Lists containing this project

README 

        
Malicious IP Detector  

----------------------------

 
      

       __  ___        __ _        _                        ____ ____     ____         __               __

      /  |/  /____ _ / /(_)_____ (_)____   __  __ _____   /  _// __ \   / __ \ ___   / /_ ___   _____ / /_ ____   _____

     / /|_/ // __ `// // // ___// // __ \ / / / // ___/   / / / /_/ /  / / / // _ \ / __// _ \ / ___// __// __ \ / ___/

    / /  / // /_/ // // // /__ / // /_/ // /_/ /(__  )  _/ / / ____/  / /_/ //  __// /_ /  __// /__ / /_ / /_/ // /

   /_/  /_/ \__,_//_//_/ \___//_/ \____/ \__,_//____/  /___//_/      /_____/ \___/ \__/ \___/ \___/ \__/ \____//_/

                                {GitHub:https://github.com/RogueCyberSecurityChannel} 



- Web scrape https://raw.githubusercontent.com/stamparm/ipsum/master/ipsum.txt for  an updated list of known malicious IP's (updated daily)

- Query active connections to foreign IP addresses

- Look for matches

- Output information on active process (PID, filepath, SHA 256 Hash)



git clone

```sh

git clone https://github.com/RogueCyberSecurityChannel/Malicious-IP-Detector

```

 - Check out https://github.com/stamparm/ipsum for a full breakdown of their banned IP list and how they maintain it