Skip to content
/ ShadowShells Public

Indicators of a hidden mesh, traced through echoes and signals — a codex of activity for those who watch.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

JGoyd/ShadowShells

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
README.md
README.md
 
 
blocklist.csv
blocklist.csv
 
 
iocs.csv
iocs.csv
 
 
key hits.txt
key hits.txt
 
 

Repository files navigation

ShadowShells | Observed Indicators

Known tools leave familiar footprints, but when they surface inside a live C2 mesh,
the echoes change shape — and the signal becomes intelligence.

Purpose

This package contains sanitized traces and echoes of observed entities | domains, UUIDs, processes, and signature strings | directly linked to confirmed command-and-control activity.

All data here is metadata only. No raw logs, PCAPs, or sensitive artifacts are included. ShadowShells acts as a watchtower, cataloging and guiding detection of hostile infrastructure.

Intended Use

  • Ingest iocs.csv into monitoring tooling, SIEM rules, DNS tracking, or threat-hunting routines.
  • Apply blocklist.csv for defensive blocking or sinkholing.
  • Consult key hits.txt to track behaviors or patterns: shell anomalies, proxy/tunnel strings, beacon pulses.

License

Defensive use only. Provided as-is. No warranty.

About

Indicators of a hidden mesh, traced through echoes and signals — a codex of activity for those who watch.

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published