cname-trackers
masscan
Our great sponsors
cname-trackers | masscan | |
---|---|---|
25 | 64 | |
369 | 22,600 | |
1.1% | - | |
8.2 | 7.8 | |
8 days ago | about 1 month ago | |
JavaScript | C | |
MIT License | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
cname-trackers
-
uBlock Origin Lite now available on Firefox
Note that CNAMEs is literally caused by GDPR, and the pathway every single ad or tracking company seems to go sooner or later.
For people not understanding how it works: you can set a CNAME entry on your tracker.domain.tld to bypass all Browser's third-party tracking preventions, and make it look like it's a normal subdomain of your website.
You need to make a CNAME tracker database manually by resolving the reverse entries for known IPs. Usually there is hundreds or thousands of CNAME entries pointing to the same IP address.
The AdGuard team also made a database for this, in case anyone needs it for UBOL [1]
[1] https://github.com/AdguardTeam/cname-trackers
-
Disguised trackers are blocked regardless of toggle (which is a good thing)
So nextdns’s third party disguised trackers is actually really tiny of a list, like 30 domains. (Im trying to add more so it has the same amount of cname’s blocked as adguard). Anyways, the reason why the list is so tiny is because it uses wildcard logic so all subdomains get blocked. It already uses some of the cname companies that adguards cname-tracker list uses but not all. Hopefully my pull request can get merge eventually because then the setting will be a little bit more effective
-
How to block fathom tracking
I see fathom on Adguard CNAME tracker. Example:
- Privacy doesn't exist
- Does the Adguard Tracking Protection List protect Chrome and Safari from CNAME trackers?
- fastmailusercontent.com added to AdGuard Tracking Protection filters
-
YouTube ads in Safari: you see them now, will you see them in the future?
> uBlock Origin already performs CNAME decloaking and blocks this approach, it’s pretty cool.
... which in return is a static list of domains which needs to be regularly updated, and therefore is not really failsafe. uBlock0 uses Adguard's scraped dataset [1] as a source to do this, as Chrome Extensions cannot make DNS requests without a DNS-via-HTTPS endpoint.
[1] https://github.com/AdguardTeam/cname-trackers
-
Marvel.com CNAME Tracker not in list
Not sure where I should report this, but I seem to have found a CNAME cloaking tracker which i don't find in either the original or disguised tracker lists here https://github.com/AdguardTeam/cname-trackers Is there a mechanism for reporting these? I saw someone posted a list on github, but no response there. Maybe this example is just ordinary tracking though?
-
Magic Lasso Adblock - free ad blocker updated with support for Apple Silicon and Big Sur
Are you able to block trackers/ads using this new CNAME cloaking technique? https://github.com/AdguardTeam/cname-trackers
masscan
- Why so many bots?
-
Mass Scanning
Can I get banned for mass scanning with https://github.com/robertdavidgraham/masscan or does it slow down any other vms from other persons?
-
Has anyone ever had their homelab or network hacked? What happened?
Nope, this doesn't work any more. Shodan checks all ports (so any attackers using data from Shodan already know which ports you have open), and tools like masscan (https://github.com/robertdavidgraham/masscan) let you portscan the entire IPv4 address space in less than 10 minutes.
-
Private server intruded
https://github.com/LogoiLab/mcsl https://github.com/robertdavidgraham/masscan
-
My home server is frustrating me. Please help me, home server wizards.
Changing the default port does nothing for security. It only prevents some basic brute force or default password scripts. Anyone is able to scan for it in no time anyway (https://github.com/robertdavidgraham/masscan).
-
Should I be Concerned?
But it should blow away the far-too-common belief that no-one's after you because you're not interesting enough. IPv4 is smaller than we think. It is not difficult to scan the entire ipv4 space in minutes. And every single one of those is going to knock your door on the way past.
-
Ask HN: Looking for an Old Article
I'm not sure about the article, but the blazingly-fast IP scanner sounds a lot like Masscan. It can scan the entire Internet in 5 minutes and has received a lot of press: https://github.com/robertdavidgraham/masscan . https://rushter.com/blog/how-masscan-works/ is one of many articles about it.
-
Is my Synology getting port-scanned?
Here's an except from the masscan docs:
- I was hit with ransomware in my Plex server and I'm not sure where it came from. Could a DMZ be the cause?
- PSA: Masscan has changed his IP. Please block the new one on your firewall! Its likely our vps reporting worked.
What are some alternatives?
cname-cloaking-blocklist - A list of domains used by tracking companies as CNAME destination when disguising third-party trackers as first-party trackers.
RustScan - 🤖 The Modern Port Scanner 🤖
stealth - :rocket: Stealth - Secure, Peer-to-Peer, Private and Automateable Web Browser/Scraper/Proxy
zmap - ZMap is a fast single packet network scanner designed for Internet-wide network surveys.
wirehole - WireHole is a combination of WireGuard, Pi-hole, and Unbound in a docker-compose project with the intent of enabling users to quickly and easily create a personally managed full or split-tunnel WireGuard VPN with ad blocking capabilities thanks to Pi-hole, and DNS caching, additional privacy options, and upstream providers via Unbound.
amass - In-depth attack surface mapping and asset discovery
WebKit - Home of the WebKit project, the browser engine used by Safari, Mail, App Store and many other applications on macOS, iOS and Linux.
nuclei - Fast and customizable vulnerability scanner based on simple YAML based DSL.
pihole-regex - Custom regex filter list for use with Pi-hole.
zgrab2-configurations - A repository for possible zgrab2 configurations
AdguardFilters - AdGuard Content Blocking Filters
mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.