Comments (1)
Would modifying the process_features( ) method to check for IPs in the host field of HTTP flows be enough to enhance the existing code, we can identify the HTTP flows and iterate through each row to extract the host field and, consequently, the IP addresses.
from stratospherelinuxips.
Related Issues (20)
- Installation issues and official python 3.8
- Add more tests to test_http_analyzer.py
- Delete azure from microsoft domains and whitelists, we shouldn’t whitelist these.
- Change slips.conf format to yaml.
- add an evidence when DoH is detected, and don't alert connection without DNS when DoH is detected HOT 1
- Building slips from dockerfile failed HOT 3
- False Positive in C&C channel detection model
- The whitelist of organizations is not being applied to the Host in HTTP
- Add more tests for Threat_intelligence Module
- Add more tests to Leak_Detector
- Add test for set_evidence.py
- In multiple empty connections we should match www.google.*, and check that the domain belongs to google organization
- Check if it’s better to have a TI list of benign UAs or a list of Malicious UAs
- Fix FP the “conn to private ip to the routers ip on port 67”
- Add more IPs to the invalid DNS answers list for detecting DNS re-binding
- add tests for urlhaus module
- add more tests to test_update_file_manager.py
- Local-link addresses and multicast addresses are not considered part of the local network, and they should.
- There is a need to analyze and better understand how Slips changes detections based on thresholds and TI feeds and modules
- Fix the format of the documentation
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from stratospherelinuxips.