L0rdRaiden Posted April 9, 2019 Share Posted April 9, 2019 Proyect: https://github.com/stamparm/maltrail Sample docker: https://github.com/ston3o/docker-maltrail Quote Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name (e.g. zvpprsensinaix.com for Banjori malware), URL (e.g. hXXp://109.162.38.120/harsh02.exe for known malicious executable), IP address (e.g. 185.130.5.231 for known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in discovery of unknown threats (e.g. new malware). Quote Link to comment
dee31797 Posted April 12, 2019 Share Posted April 12, 2019 Here's a docker image for maltrail that's been updated recently. Most downloads on dockerhub from what I can find. https://github.com/thelittlefireman/docker-maltrail docker run -d --name maltrail -v /yourappdata/folder:/var/log/maltrail -e PASSWD=admin --net=host --privileged thelittlefireman/docker-maltrail Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.