CalvinBackup/ShadowShells
1
0
Fork 0
mirror of https://github.com/JGoyd/ShadowShells.git synced 2026-02-12 13:22:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
7 Commits 1 Branch 0 Tags
76494bf97e93e4de05bc481c87001a56e9a2c5fe
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Joseph Goydish II 76494bf97e Add high-level detection guidance for key hits
2025-12-10 18:28:49 -05:00
blocklist.csv
Add files via upload
2025-12-10 18:23:29 -05:00
iocs.csv
Add files via upload
2025-12-10 18:20:47 -05:00
key hits.txt
Add high-level detection guidance for key hits
2025-12-10 18:28:49 -05:00
README.md
Update blocklist file format in README
2025-12-10 18:24:05 -05:00

README.md

ShadowShells | Observed Indicators

Known tools leave familiar footprints, but when they surface inside a live C2 mesh,
the echoes change shape — and the signal becomes intelligence.

Purpose

This package contains sanitized traces and echoes of observed entities | domains, UUIDs, processes, and signature strings | directly linked to confirmed command-and-control activity.

All data here is metadata only. No raw logs, PCAPs, or sensitive artifacts are included. ShadowShells acts as a watchtower, cataloging and guiding detection of hostile infrastructure.

Intended Use

  • Ingest iocs.csv into monitoring tooling, SIEM rules, DNS tracking, or threat-hunting routines.
  • Apply blocklist.csv for defensive blocking or sinkholing.
  • Consult key_hits.txt to track behaviors or patterns: shell anomalies, proxy/tunnel strings, beacon pulses.

License

Defensive use only. Provided as-is. No warranty.

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 57 KiB
Languages
CSV 100%