This repository contains a list of NSO's hosts used to surveil for people. NSO Group claims that its Pegasus spyware is only used to “investigate terrorism and crime” and “leaves no traces whatsoever”. This Forensic Methodology Report shows that neither of these statements are true. This report accompanies the release of the Pegasus Project, a collaborative investigation that involves more than 80 journalists from 17 media organizations in 10 countries coordinated by Forbidden Stories with technical support of "Amnesty International’s Security Lab".
However, on further analysis we also noticed suspicious redirects and we can at least from the forensic work, use the information to prevent certain Domains and DNS's. it should make it harder for Pegasus, to communicate with the C&C's from the NSO Group.
This is a list of domains and DNSs which has been collected from Amnesty International’s Security Lab.
You can check the huge writeup here: https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/
Made with 0n1cOn3's help. Thank you!
All material in this repository is in the public domain.