You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After the recent integration of Abusix to identify IP address abuse teams, it may be interesting to integrate @ninoseki's abuse_whois project to obtain abuse references for domain names as well.
And recently we went even further. With the last release (6.0.2) we added a new TakeDown_Request Playbook which automates everything: in this way the user needs only to submit the domain they want to take down and IntelOwl would do all the rest.... and it would send the email to the abuse contact provider too :) You could give it a try :)
We'll show this use case at the next Honeynet Workshop, then we'll share slides and content here
FYI sending email approach does not work well in many cases. Especially if you send an email to a domain registrar.
I often get automatic reply says “please submit it via our form”. And in most cases a form has a captcha. So it’s difficult to automate the whole process.
Thanks for sharing :) Right now our playbook sends the email only to hosting providers and not domain registrars. I have no actual extensive experience on that so what you shared is nice to know. I'll update this post if we get more interesting findings about.
Name
After the recent integration of Abusix to identify IP address abuse teams, it may be interesting to integrate @ninoseki's abuse_whois project to obtain abuse references for domain names as well.
Link
https://github.com/ninoseki/abuse_whois
Why should we use it
To improve interactions with abuse teams.
The text was updated successfully, but these errors were encountered: