Friday, September 10, 2021

Siem Rule - IP Lookup Service

 Malware IP lookup service #siem detection rule idea


dns request in:

 - canireachthe.net

 - ipv4.icanhazip.com

 - ip.anysrc.net

 - edns.ip-api.com

 - wtfismyip.com

 - checkip.dyndns.org

 - api.2ip.ua

 - icanhazip.com

 - api.ipify.org

 - ip-api.com

 - checkip.amazonaws.com

 - ipecho.net

 - ipinfo.io

 - ipv4bot.whatismyipaddress.com

 - freegeoip.app

 

imagename not in 

 - brave.exe

 - iexplore.exe

 - opera.exe

 - firefox.exe

 - msedge.exe

 - chrome.exe

 - vivaldi.exe


1 comment:

  1. I know of a group of private investigators who can help you with they are also hackers but prefer to be called private investigators They can help with your bitcoin issues and your clients will be happy doing business with you,they can also help yo with your bad credit score,hacking into phones,binary recovery,wiping criminal records,increase school score, stolen files in your office or school,blank atm etc. Just name it and you will live a better life
    Contact +1(407) 777-4240
    Premiumhackservices@gmail.com

    ReplyDelete