CalvinBackup/ShadowShells
1
0
Fork 0
mirror of https://github.com/JGoyd/ShadowShells.git synced 2026-02-12 13:22:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add files via upload

Browse Source
This commit is contained in:
Joseph Goydish II
2025-12-10 18:23:29 -05:00
committed by GitHub
parent af82be6e26
commit c45145756d
1 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
blocklist.csv Normal file
View File

@@ -0,0 +1,20 @@
type,value,first_seen,confidence,action,notes
domain,github.stormbreaker.pro,2025-12-07,High,monitor_block,Primary suspected C2 (observed repeatedly)
domain,stormbreaker.pro,2025-12-07,High,monitor_block,C2 variant
domain,kaylees.site,2025-12-09,High,monitor_block,Secondary C2 / proxy
domain,pir.kaylees.site,2025-12-09,High,monitor_block,Relay/variant
domain,spple.cf,2025-12-09,Medium,monitor,Typosquat / possible phishing
domain,apple.cf,2025-12-09,Medium,monitor,Typosquat / impersonation risk
domain,pstack.cf,2025-12-09,High,monitor_block,DNS queries observed in telemetry
domain,e.zip,2025-12-09,High,monitor_block,Download/payload host observed
domain,com.apple.pro,2025-12-09,Medium,monitor,Impersonation-like domain
domain,com.apple.online,2025-12-09,Medium,monitor,Impersonation-like domain
domain,modes.ga,2025-12-09,Medium,monitor,Observed in related telemetry
domain,quikit.ru,2025-12-09,Medium,monitor,Possible typosquat
domain,cs.cf,2025-12-09,Medium,monitor,Suspicious free-TLD domain
domain,authoriz.gq,2025-12-09,Medium,monitor,Suspect domain
domain,photod.cn,2025-12-09,Medium,monitor,Suspect domain
domain,nthropic.cn,2025-12-09,Medium,monitor,Suspect domain
domain,caller-id.ru,2025-12-09,Medium,monitor,Suspect domain
domain,family.cn,2025-12-09,Medium,monitor,Suspect domain
domain,ios.ml,2025-12-09,Medium,monitor,Suspect domain
1 type value first_seen confidence action notes
2 domain github.stormbreaker.pro 2025-12-07 High monitor_block Primary suspected C2 (observed repeatedly)
3 domain stormbreaker.pro 2025-12-07 High monitor_block C2 variant
4 domain kaylees.site 2025-12-09 High monitor_block Secondary C2 / proxy
5 domain pir.kaylees.site 2025-12-09 High monitor_block Relay/variant
6 domain spple.cf 2025-12-09 Medium monitor Typosquat / possible phishing
7 domain apple.cf 2025-12-09 Medium monitor Typosquat / impersonation risk
8 domain pstack.cf 2025-12-09 High monitor_block DNS queries observed in telemetry
9 domain e.zip 2025-12-09 High monitor_block Download/payload host observed
10 domain com.apple.pro 2025-12-09 Medium monitor Impersonation-like domain
11 domain com.apple.online 2025-12-09 Medium monitor Impersonation-like domain
12 domain modes.ga 2025-12-09 Medium monitor Observed in related telemetry
13 domain quikit.ru 2025-12-09 Medium monitor Possible typosquat
14 domain cs.cf 2025-12-09 Medium monitor Suspicious free-TLD domain
15 domain authoriz.gq 2025-12-09 Medium monitor Suspect domain
16 domain photod.cn 2025-12-09 Medium monitor Suspect domain
17 domain nthropic.cn 2025-12-09 Medium monitor Suspect domain
18 domain caller-id.ru 2025-12-09 Medium monitor Suspect domain
19 domain family.cn 2025-12-09 Medium monitor Suspect domain
20 domain ios.ml 2025-12-09 Medium monitor Suspect domain