__ ___ __ _ _ ____ ____ ____ __ __
/ |/ /____ _ / /(_)_____ (_)____ __ __ _____ / _// __ \ / __ \ ___ / /_ ___ _____ / /_ ____ _____
/ /|_/ // __ `// // // ___// // __ \ / / / // ___/ / / / /_/ / / / / // _ \ / __// _ \ / ___// __// __ \ / ___/
/ / / // /_/ // // // /__ / // /_/ // /_/ /(__ ) _/ / / ____/ / /_/ // __// /_ / __// /__ / /_ / /_/ // /
/_/ /_/ \__,_//_//_/ \___//_/ \____/ \__,_//____/ /___//_/ /_____/ \___/ \__/ \___/ \___/ \__/ \____//_/
{GitHub:https://github.com/RogueCyberSecurityChannel}
- Web scrape https://raw.githubusercontent.com/stamparm/ipsum/master/ipsum.txt for an updated list of known malicious IP's (updated daily)
- Query active connections to foreign IP addresses
- Look for matches
- Output information on active process (PID, filepath, SHA 256 Hash)
git clone
git clone https://github.com/RogueCyberSecurityChannel/Malicious-IP-Detector- Check out https://github.com/stamparm/ipsum for a full breakdown of their banned IP list and how they maintain it