🤖 It’s an easy mistake to dismiss bots as “dumb” because they’re probing for some technology you don’t use and would never be on your site.
🛡 But they’re equal-opportunity attackers; here’s a bot we identified with Wafris that was probing for:
- YII PHP Web Framework admin
- VS Code FTP Credentials
- Microsoft Exchange Backups
- Git Credentials
- Python Drupal Configs
- Mac .DS_Store files
- Laravel Telescope requests viewer
🕵‍♂️ Botnets are often rented out or repurposed for other attacks. Blocking their IPs or networks is a way to cut them off at the knees.
Top comments (0)