Here's a list of 8723 IPs used in a SPAM botnet the last two days. I know we're not the only ones seeing this mess which I think is why I'm being allowed to publicly share this time. There seems to be a pattern to these netblocks when I spot check them, but I'll let y'all see what you see.

https://csnt.ninja/spamBotnet.txt

#threatIntel #spam

I share one little text file here and wake up to a bunch of ../ in my access logs. I love it.

@cR0w

For your amusement: https://dotdotslash.ing/

@m Did you do this?! I love it.

cc: @reverseics

@cR0w @reverseics

Yeah, I collect ../'s glad you like it.

@m @reverseics Well it's been a big year for you then. And I'm sure there's more to come.

@m @cR0w #directorytraversalmemes

@m @cR0w This is exactly what I looked for the other day thanks!

@m @cR0w Would it be possible to make more historical data available (vs. latest only)?

I'm going to take this down later today so if this list is something you're interested in, grab it.

@buherator @cR0w

Assuming this is being directed at me, in short, no because there isn't an authoritative source of directory traversals so it'd be a link to at least these three and probably others.

https://www.exploit-db.com/search?q=Directory+Traversal

https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=directory+traversal

https://cwe.mitre.org/data/definitions/22.html

PAN really out here trying to be civil in my access logs after today? GTFO.

@cR0w lmao we all probably get those

@me We definitely do. I'm just snarky today.