Every day brings a new lesson in cyber threat intelligence (CTI). In this Curated Intel Diary series, we’ll be sharing quick thoughts, tips, and takeaways from the trenches, small insights that make our collective work in CTI just a bit sharper.
<start>
Here is simple guide to mapping ASNs per sector and region.
1) Grab a list of all ASNs by running the following command:
curl https://bgp.potaroo.net/cidr/autnums.html > ASNs.txt
2) Load this recipe into CyberChef
3) Change Sector in the top regex and Country Code in the lower regex
Example Image:
4) You could also use this https://urlhaus.abuse.ch/feeds to check what IPs have been tagged as malicious on those ASNs
</end>