SSLBL - SSL Blacklist Logo

SSLBL - SSL Blacklist

Visit Website

The SSL Blacklist (SSLBL) is a project of abuse.ch that detects malicious SSL connections by identifying and blacklisting SSL certificates used by botnet C&C servers. It also identifies JA3 fingerprints to detect and block malware botnet C&C communication on the TCP layer. The platform provides a list of malicious SSL certificates, JA3 fingerprints, and statistics on botnet C&C operations that leverage SSL to encrypt botnet C&C traffic. The platform offers several features, including: * Identifying botnet command and control (C&C) infrastructure * Detecting botnet C&C communication * Providing insights into botnet C&C operations that leverage SSL to encrypt botnet C&C traffic

FEATURES

ALTERNATIVES

Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.

A tool to extract indicators of compromise from security reports in PDF format.

Tools to export data from MISP MySQL database for post-incident analysis and correlation.

A collection of Yara rules for the Burp Yara-Scanner extension to identify malicious software on websites.

A PowerShell script to interact with the MITRE ATT&CK Framework via its own API using the deprecated MediaWiki API.

A comprehensive Threat Intelligence Program Management Solution for managing the entire CTI lifecycle.

VirusTotal API v3 is a threat intelligence platform for scanning files, URLs, and IP addresses, and retrieving reports on threat reputation and context.

Converts OpenIOC v1.0 XML files into STIX Indicators, generating STIX v1.2 and CybOX v2.1 content.

CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved