Skip to content

First version of the D4 passive DNS analyzer
Compare
Choose a tag to compare
@adulau adulau released this 05 Apr 14:11
· 20 commits to master since this release
v0.1
This tag was signed with the committer’s verified signature.
adulau Alexandre Dulaunoy
GPG key ID: 09E2CD4944E6CBCD
Learn about vigilant mode.
771718b
This commit was signed with the committer’s verified signature.
adulau Alexandre Dulaunoy
GPG key ID: 09E2CD4944E6CBCD
Learn about vigilant mode.

Features of the analyzer-d4-passivedns version 0.1

  • A dedicated Passive DNS analyzer for D4 client (passive dns client type 8) to ingest passive DNS records into a Passive DNS COF server
  • analyzer can filter out records coming from D4 sensors (such as specific types or records)
  • analyzer can set an expiration time for specific DNS record type (to expire common data that should be removed from the Passive DNS after a specific time)
  • A Passive DNS server supporting a REST API has been added to allow query and output of the Passive DNS records in COF format.
  • A simple PDNS injector to reinject Passive DNS records in COF format (from other Passive DNS server) into the Passive DNS server.
Assets 2
Loading