After ~1 week running, the bot IPs API already has information ~47K distinct IPs. I continue to add more data sources/honey pots to keep on increasing that number.
You can check any IP with a GET request on antoinevastel.com/bots/ip/72.210 (modify the IP by the one you want to check)
Conversation
Replying to
Interesting work Antoine. Do you plan to provide more context about the type of malicious activity observed from the IPs? Are these web attackers or does it also include SSH bots and compromised devices serving as a part of botnets?
1
1
Replying to
Sure, for the moment I store everything in files so it's difficult to provide more context. However, I plan to migrate to a DB, which will make it easier to provide more context.
1
1
Show replies