New Modules / Data Sources
This release introduces four new modules, including new data sources:
- sfp_botscout: Searches botscout.com’s database of spam-bot IPs and e-mail addresses. This introduces the new type of MALICIOUS_EMAILADDR, indicating an e-mail address is potentially malicious.
- sfp_malwarepatrol: Searches malwarepatrol.net’s database of malicious URLs/IPs.
- sfp_phone: Identify phone numbers in scraped webpages and WHOIS content.
- sfp_s3bucket: Search for potential Amazon S3 buckets associated with the target
- sfp_xforce: Obtain information from IBM X-Force Exchange about potential malicious IPs.
- Added bitcash.cz, VXVault and VOIPBL to sfp_malcheck.py
- Added SpamCop to sfp_blacklist.py
- New use case called “Passive”, only enabling modules that do not touch the target
- Updated sfp_accounts to reference the master account list maintained by WebReacher in Github
- Provided the ability to serve over HTTPS and perform basic authentication, see this section in the manual for more information.
- Removed sfp_similar, due to restrictions implemented by NameDroppers and DomainTools.
- A bunch of bug fixes and minor enhancements.