CalvinBackup/ShadowShells
1
0
Fork 0
mirror of https://github.com/JGoyd/ShadowShells.git synced 2026-02-13 05:42:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enhance README with purpose and usage instructions

Browse Source 
Added purpose and intended use sections to README.
This commit is contained in:
Joseph Goydish II
2025-12-10 18:12:11 -05:00
committed by GitHub
commit 5da4d1ce41
1 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
README.md Normal file
View File

@@ -0,0 +1,15 @@
# ShadowShells | Observed Indicators (Confirmed Malicious)
## Purpose
This package contains **sanitized traces and echoes** of observed entities | domains, UUIDs, processes, and signature strings | directly linked to confirmed command-and-control activity.
All data here is **metadata only**. No raw logs, PCAPs, or sensitive artifacts are included. ShadowShells acts as a **watchtower**, cataloging and guiding detection of hostile infrastructure.
## Intended Use
- Ingest `iocs.csv` into monitoring tooling, SIEM rules, DNS tracking, or threat-hunting routines.
- Apply `blocklist.txt` for defensive blocking or sinkholing.
- Consult `key_hits.txt` to track behaviors or patterns: shell anomalies, proxy/tunnel strings, beacon pulses.
## License
**Defensive use only. Provided as-is. No warranty.**