An update to Criminal IP v1.63.1 has been released.
[Criminal IP v1.63.1] Regular Maintenance and Update Release
- Maintenance Period: 2024.08.22 05:00~10:00 AM (UTC)
[New Changes]
- Improvements to Asset Search Results Data and UI
- A new feature allows users to view the full banner in Asset Search query results. Users can scroll or zoom in on the banner data to see the full details.
- The search results now include open port data. Clicking on this data will trigger a search using the associated IP and port filters.
- New Filters Added to Asset Search
- rdp_target_name – This filter returns results based on the name of the computer targeted by a Remote Desktop connection. (rdp_target_name: WINDOWS)
- ssl_sha256 – This filter allows users to search using the SHA256 hash of a certificate’s full byte representation. (ssl_sha256: fa4328aecf7b07cb5bc855da3981c7f81bc8d92a)
- GitHub Use Cases and Sorting Functionality Added
- The official Criminal IP GitHub page now includes new repositories:
- C2-Daily-Feed – Provides daily updates of IP addresses derived from Criminal IP under the C2_TI license.
- Malicious-ip-Handler – Collects malicious IP addresses detected by the Criminal IP service, adds new IP addresses to files, and automatically deletes outdated ones.
- Fortinet-Maliciousip-AutoBlock – Automates the process of quickly blocking malicious IP addresses identified by Criminal IP using Fortinet firewalls.
- 12 additional repositories have been added to the list of recommended open-source use cases.
- A sorting feature has been added to the GitHub use cases list.
- The official Criminal IP GitHub page now includes new repositories:
[Improvement]
- Bug Fix for “NOT” Filter Usage in Asset Search
- A bug that caused data to not display when reusing the same filter after clicking a data item in the right-side Statistics panel has been fixed.
- Bug Fixes and Stability Enhancements
Thank you to all Criminal IP users.
We will continue to perform regular checks and updates to ensure service improvement.