Combine c2-dns and c2-ip modules into c2

Question

Combine c2-dns and c2-ip modules into c2

chrisforce1 opened this issue 7 years ago · 3 comments

We should combine them by taking 5 random FQDNs and 5 random IP:port pairs, then:

Resolving the FQDNs (as per c2-dns)
Connecting to the resolved IPs on TCP port 80 (new code)
Connecting to the 5 IP:port pairs (as per c2-ip)

Answer 1 · 2019-05-31T07:54:21.000Z

While we're looking at this, we should also see if there's a way we can pull recent C2s from the CyberCrime Tracker, as the current code pulls the whole dataset and often hits C2 destinations from 2014-2015 which is far from ideal.

Answer 2 · 2019-06-17T19:44:59.000Z

Let's also move away from the CyberCrime Tracker here and use open-wisdom.

Answer 3 · 2019-09-07T07:57:29.000Z

Now that the open-wisdom issues are closed, can we solve this and tidy it all up? 🙏