https://www.circl.lu/services/passive-dns/
https://www.circl.lu/services/passive-ssl/
analyzer: circl
query: ...
password: ...
username: ...
Name | Type | Required? | Default | Desc. |
---|---|---|---|---|
query | String | Yes | Domain or SHA1 certificate fingerprint | |
username | String | No | ENV[”CIRCL_PASSIVE_USERNAME”] | Username |
password | String | Noe | ENV[”CIRCL_PASSIVE_PASSWORD”] | Password |
The analyzer uses CIRCL passive DNS API or passive SSL API:
IP addresses matched with a query are treated as artifacts.
This rule outputs the following type of artifacts.
Mihari loads your username and password via environment variables CIRCL_PASSIVE_USERNAME
and CIRCL_PASSIVE_PASSWORD
by default.