目录导航
C2 Tracker简介
各种工具/恶意软件使用的IOC(IOC,威胁情报)追踪器。最初是用于C2工具,但现已发展成跟踪信息窃取者和僵尸网络。它利用 Shodan 搜索来收集 IP 地址。最新的收集始终存储在数据中;IP 地址按工具分类,并生成 all.txt文件。
该供给应每天更新。我们正在积极努力使后端更加可靠。
我可以用它追踪什么?
- C2工具
- 恶意软件
- AcidRain Stealer
- Misha Stealer (AKA Grand Misha)
- Patriot Stealer
- RAXNET Bitcoin Stealer
- Titan Stealer
- Collector Stealer
- Mystic Stealer
- Gotham Stealer
- Meduza Stealer
- Quasar RAT
- ShadowPad
- AsyncRAT
- DcRat
- BitRAT
- DarkComet Trojan
- XtremeRAT Trojan
- NanoCore RAT Trojan
- Gh0st RAT Trojan
- DarkTrack RAT Trojan
- njRAT Trojan
- Remcos Pro RAT Trojan
- Poison Ivy Trojan
- Orcus RAT Trojan
- ZeroAccess Trojan
- HOOKBOT Trojan
- 工具
- 僵尸网络
本地运行
如果您想托管私有版本,请将您的 Shodan API 密钥放入名为SHODAN_API_KEY的环境变量中
echo SHODAN_API_KEY=API_KEY >> ~/.bashrc
bash
python3 -m pip install -r requirements.txt
python3 tracker.py下载地址
参考
- Hunting C2 with Shodan by Michael Koczwara
- Hunting Cobalt Strike C2 with Shodan by Michael Koczwara
- https://twitter.com/MichalKoczwara
- BushidoToken’s OSINT-SearchOperators
- https://twitter.com/MichalKoczwara
- https://twitter.com/MichalKoczwara/
- https://twitter.com/_montysecurity
- https://twitter.com/ViriBack/status/1713714868564394336
- https://gi7w0rm.medium.com/
- https://twitter.com/Glacius_/status
数据列表
7777 Botnet IPs.txt
Ares RAT C2 IPs.txt
AsyncRAT IPs.txt
BitRAT IPs.txt
Brute Ratel C4 IPs.txt
Caldera C2 IPs.txt
Cobalt Strike C2 IPs.txt
Covenant C2 IPs.txt
DarkComet Trojan IPs.txt
DarkTrack RAT Trojan IPs.txt
DcRat IPs.txt
Deimos C2 IPs.txt
Gh0st RAT Trojan IPs.txt
GoPhish IPs.txt
Havoc C2 IPs.txt
Hookbot IPs.txt
Meduza Stealer IPs.txt
Metasploit Framework C2 IPs.txt
Mythic C2 IPs.txt
NanoCore RAT Trojan IPs.txt
NimPlant C2 IPs.txt
njRAT Trojan IPs.txt
Orcus RAT Trojan IPs.txt
PANDA C2 IPs.txt
Poison Ivy Trojan IPs.txt
Posh C2 IPs.txt
Quasar RAT IPs.txt
Remcos Pro RAT Trojan IPs.txt
ShadowPad IPs.txt
Sliver C2 IPs.txt
XMRig Monero Cryptominer IPs.txt
XtremeRAT Trojan IPs.txt
ZeroAccess Trojan IPs.txt
all.txt截图
7777 Botnet IPs
Cobalt Strike C2 IPs
Sliver C2 IPs
