Sebel
Checks SSL/TLS certificates for potential malicious connections by detecting and blocking certificates used by botnet command and control (C&C) servers.
Install / Use
/learn @teler-sh/SebelREADME
sebel
sebel is a Go package that provides functionality for checking SSL/TLS certificates against malicious connections, by identifying and blacklisting certificates used by botnet command and control (C&C) servers.
Usage
Setting up Sebel instance:
import "github.com/teler-sh/sebel"
// ...
s := sebel.New(Options{/* ... */})
defer s.Close() // Stop background refresh if enabled
[!NOTE] The
Optionsparameter is optional. See Options for available configuration.
Examples
Next, set the transport for the HTTP client you are using:
// initialize Sebel (fetch SSLBL data)
s := sebel.New()
defer s.Close()
client := &http.Client{
Transport: s.RoundTripper(http.DefaultTransport),
}
// now, you can use [client.Do], [client.Get], etc. to create requests.
resp, err := client.Get("https://c2.host")
if err != nil && sebel.IsBlacklist(err) {
// certificate blacklisted
panic(err)
}
defer resp.Body.Close()
Alternatively, for seamless integration without configuring a new client, replace your current default HTTP client with Sebel's RoundTripper:
http.DefaultClient.Transport = sebel.New().RoundTripper(http.DefaultTransport)
You can also check the certificate later using Sebel's CheckTLS.
r, err := http.Get("https://c2.host")
if err != nil {
panic(err)
}
defer r.Body.Close()
s := sebel.New()
_, err = s.CheckTLS(r.TLS)
if err != nil && sebel.IsBlacklist(err) {
// certificate blacklisted
panic(err)
}
Or check a host directly using CheckHost:
s := sebel.New()
_, err := s.CheckHost("c2.host", "443", nil)
if err != nil && sebel.IsBlacklist(err) {
// certificate blacklisted
panic(err)
}
Background Refresh
To keep the SSLBL data up-to-date automatically:
s := sebel.New(sebel.Options{
DataRefreshInterval: 5 * time.Minute,
})
defer s.Close() // Important: stop the background goroutine
client := &http.Client{
Transport: s.RoundTripper(http.DefaultTransport),
}
These examples demonstrate various ways to set up Sebel and integrate it with HTTP clients for SSL/TLS certificate checks.
Status
[!CAUTION] Sebel has NOT reached 1.0 yet. Therefore, this library is currently not supported and does not offer a stable API; use at your own risk.
There are no guarantees of stability for the APIs in this library, and while they are not expected to change dramatically. API tweaks and bug fixes may occur.
License
sebel is released by @dwisiswant0 under the Apache 2.0 license. See LICENSE.
Related Skills
node-connect
338.0kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
xurl
338.0kA CLI tool for making authenticated requests to the X (Twitter) API. Use this skill when you need to post tweets, reply, quote, search, read posts, manage followers, send DMs, upload media, or interact with any X API v2 endpoint.
frontend-design
83.4kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
338.0kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
