Merge pull request #2442 from gethvi/remove-deprecated-feeds-and-bots

FIX: Removes discontinued feeds and bots

CHANGELOG.md

@@ -63,6 +63,9 @@
   - Minor fixes/improvements and some refactoring (see also above: *Core*...).
 
 #### Parsers
+  - `intelmq.bots.parsers.netlab_360.parser`: Removed as the feed is discontinued. (#2442 by Filip Pokorný)
+  - `intelmq.bots.parsers.webinspektor.parser`: Removed as the feed is discontinued. (#2442 by Filip Pokorný)
+  - `intelmq.bots.parsers.sucuri.parser`: Removed as the feed is discontinued. (#2442 by Filip Pokorný)
 
 #### Experts
 - `intelmq.bots.experts.jinja` (PR#2417 by Mikk Margus Möll):

docs/user/feeds.md

@@ -1899,101 +1899,6 @@ module: intelmq.bots.parsers.microsoft.parser_ctip
 ---
 
 
-## Netlab 360
-
-### DGA
-
-This feed lists DGA family, Domain, Start and end of valid time(UTC) of a number of DGA families.
-
-**Public:** yes
-
-**Revision:** 2018-01-20
-
-**Documentation:** <http://data.netlab.360.com/dga>
-
-
-**Collector configuration**
-
-```yaml
-module: intelmq.bots.collectors.http.collector_http
-parameters:
-  http_url: http://data.netlab.360.com/feeds/dga/dga.txt
-  name: DGA
-  provider: Netlab 360
-  rate_limit: 3600
-```
-
-**Parser configuration**
-
-```yaml
-module: intelmq.bots.parsers.netlab_360.parser
-```
-
----
-
-
-### Hajime Scanner
-
-This feed lists IP address for know Hajime bots network. These IPs data are obtained by joining the DHT network and interacting with the Hajime node
-
-**Public:** yes
-
-**Revision:** 2019-08-01
-
-**Documentation:** <https://data.netlab.360.com/hajime/>
-
-
-**Collector configuration**
-
-```yaml
-module: intelmq.bots.collectors.http.collector_http
-parameters:
-  http_url: https://data.netlab.360.com/feeds/hajime-scanner/bot.list
-  name: Hajime Scanner
-  provider: Netlab 360
-  rate_limit: 3600
-```
-
-**Parser configuration**
-
-```yaml
-module: intelmq.bots.parsers.netlab_360.parser
-```
-
----
-
-
-### Magnitude EK
-
-This feed lists FQDN and possibly the URL used by Magnitude Exploit Kit. Information also includes the IP address used for the domain and last time seen.
-
-**Public:** yes
-
-**Revision:** 2018-01-20
-
-**Documentation:** <http://data.netlab.360.com/ek>
-
-
-**Collector configuration**
-
-```yaml
-module: intelmq.bots.collectors.http.collector_http
-parameters:
-  http_url: http://data.netlab.360.com/feeds/ek/magnitude.txt
-  name: Magnitude EK
-  provider: Netlab 360
-  rate_limit: 3600
-```
-
-**Parser configuration**
-
-```yaml
-module: intelmq.bots.parsers.netlab_360.parser
-```
-
----
-
-
 ## OpenPhish
 
 ### Premium Feed
@@ -2495,41 +2400,6 @@ module: intelmq.bots.parsers.github_feed
 ---
 
 
-## Sucuri
-
-### Hidden IFrames
-
-Latest hidden iframes identified on compromised web sites.
-
-**Public:** yes
-
-**Revision:** 2018-01-28
-
-**Documentation:** <http://labs.sucuri.net/?malware>
-
-**Additional Information:** Please note that the parser only extracts the hidden iframes  and the conditional redirects, not the encoded javascript.
-
-
-**Collector configuration**
-
-```yaml
-module: intelmq.bots.collectors.http.collector_http
-parameters:
-  http_url: http://labs.sucuri.net/?malware
-  name: Hidden IFrames
-  provider: Sucuri
-  rate_limit: 86400
-```
-
-**Parser configuration**
-
-```yaml
-module: intelmq.bots.parsers.sucuri.parser
-```
-
----
-
-
 ## Surbl
 
 ### Malicious Domains
@@ -2917,37 +2787,6 @@ parameters:
 ---
 
 
-## WebInspektor
-
-### Unsafe sites
-
-Latest detected unsafe sites.
-
-**Public:** yes
-
-**Revision:** 2018-03-09
-
-
-**Collector configuration**
-
-```yaml
-module: intelmq.bots.collectors.http.collector_http
-parameters:
-  http_url: https://app.webinspector.com/public/recent_detections/
-  name: Unsafe sites
-  provider: WebInspektor
-  rate_limit: 60
-```
-
-**Parser configuration**
-
-```yaml
-module: intelmq.bots.parsers.webinspektor.parser
-```
-
----
-
-
 ## ZoneH
 
 ### Defacements