c_meyer/KasperskyLab-TinyCheck
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adding new detections

Browse Source
This commit is contained in:
Félix Aime
2021-04-25 11:06:35 +02:00
parent 0a00cc1b08
commit bf848cd224
10 changed files with 81 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
analysis/locales/en.json
View File

@ -68,6 +68,10 @@
"title": "The certificate associated to {} is self-signed.",
"description": "The use of self-signed certificates is a common thing for attacker infrastructure. We recommend to check the host {} which is associated to this certificate, by looking at the domain name (if any), its WHOIS record, its creation date, and by checking its reputation on the internet."
},
"SSL-04": {
"title": "A certificate contains the domain name {}, categorized as {}",
"description": "One of the certificates exchanged contains the domain name {}. This domain name has been explicitly classified as malicious. Your device is definitely compromised and should be investigated further by a professional team."
},
"ADV-01": {
"title": "Check the alerts for {}",
"description": "Please, check the reputation of the host {}, this one seems to be malicious as it leveraged {} alerts during the session."
@ -109,4 +113,4 @@
"low_msg": "You have only {} low alert(s), don't hesitate to check them.",
"none_msg": "Everything looks fine, zero alerts. Don't hesitate to check the uncategorized communications, if any."
}
}
}