Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR wants to create a file
indicators-for-tinycheck.json
for each release via github actions. This file shall then be used as additional source of stalkerware IOCs for the tinycheck tool.The file will contain IOC objects for the known domains in
network.csv
and the certificates incertificates.csv
and it's most recent version shall be downloadable via https://github.com/Te-k/stalkerware-indicators/releases/download/indicators-for-tinycheck.jsonFor this, you need to create a secret
RELEASE_TOKEN
in this repository with a github token withrepo
permissions. Then, whenever a release has been created, this workflow will checkout the repo, runcreate-indicatory-for-tinycheck.py
and push the created file to the release assets. Example can be seen here: https://github.com/jbrinksmeier/stalkerware-indicators/releasesThe file is meant to be compatible for the generic watcher script of tinycheck: https://github.com/KasperskyLab/TinyCheck/blob/main/server/backend/watchers.py
Example domain ioc:
Example certificate ioc: