Skip to content

Instantly share code, notes, and snippets.

View chrisforce1's full-sized avatar

Chris McNab chrisforce1

4 followers · 0 following
View GitHub Profile
@chrisforce1
chrisforce1 / bad_tlds.txt
Created September 9, 2018 21:16
A list of malicious TLDs sorted by severity (C2 domain count)
no-ip.biz
no-ip.org
ddns.net
zapto.org
no-ip.info
duckdns.org
hopto.org
pw
sytes.net
us
@chrisforce1
chrisforce1 / c2_tlds.csv
Created September 9, 2018 21:14
A list of malicious TLDs including C2 domain count
tld c2_count
no-ip.biz 3957
no-ip.org 2786
ddns.net 2362
zapto.org 1470
no-ip.info 1357
duckdns.org 340
hopto.org 332
pw 288
sytes.net 256
@chrisforce1
chrisforce1 / phishing_results.csv
Last active September 3, 2021 07:04
DiNgoeS phishing test results generated by AlphaSOC on 7 May 2018
We can make this file beautiful and searchable if this error is corrected: It looks like row 6 should actually have 12 columns, instead of 10. in line 5.
Phishing Domain,Comodo SecureDNS,Comodo Shield,Google Public DNS,Neustar Free Recursive DNS,Norton ConnectSafe,Cisco Umbrella,Quad9,SafeDNS,Safesurfer,WatchGuard,Yandex.DNS
signinnoww.com,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55
theacchelplogg.com,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55
suplognow.com,DNS Lookup Error,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55
helpfulsecure.com,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55,132.148.23.55
account-locked-serviceed.com,108.174.194.155,108.174.194.155,108.174.194.155,SITE_BLOCKED_OK,108.174.194.155,108.174.194.155,108.174.194.155,108.174.194.155,108.174.1
@chrisforce1
chrisforce1 / c2_results.csv
Created May 8, 2018 13:12
DiNgoeS C2 test results generated by AlphaSOC on 7 May 2018
We can make this file beautiful and searchable if this error is corrected: It looks like row 6 should actually have 12 columns, instead of 11. in line 5.
C2 Domain,Comodo SecureDNS,Comodo Shield,Google Public DNS,Neustar Free Recursive DNS,Norton ConnectSafe,Cisco Umbrella,Quad9,SafeDNS,Safesurfer,WatchGuard,Yandex.DNS
gtowers.ml,DNS Lookup Error,82.118.242.100,82.118.242.100,82.118.242.100,82.118.242.100,SITE_BLOCKED_OK,DNS Lookup Timeout,82.118.242.100,82.118.242.100,82.118.242.100,82.118.242.100
jaratp.cf,255.255.255.255,255.255.255.255,255.255.255.255,SITE_BLOCKED_OK,SITE_BLOCKED_OK,255.255.255.255,255.255.255.255,SITE_BLOCKED_OK,255.255.255.255,255.255.255.255,255.255.255.255
viruscheckmake.cf,103.63.2.227,103.63.2.227,103.63.2.227,103.63.2.227,103.63.2.227,103.63.2.227,103.63.2.227,103.63.2.227,103.63.2.227,103.63.2.227,103.63.2.227
cf23112.tmweb.ru,92.53.96.184,92.53.96.184,92.53.96.184,92.53.96.184,92.53.96.184,92.53.96.184,SITE_BLOCKED_OK,92.53.96.184,92.53.96.184,92.53.96.184,92.53.96.184
darlinculture.tk,DNS Lookup Error,111.90.149.124,111.90.149.124,111.90.149.124,111.90.149.124,111.90.149.124,111.90.149.124,111.90.149.124,111.90.149.124,SITE_BLOCK