| Name | Type | Status | Indicators | Last Collection | Actions |
|---|---|---|---|---|---|
|
AlienVault OTX
AlienVault Open Threat Exchange - Free community-driven threat intelligence (requires OTX API key) Configured |
taxii | Enabled | 12736 | 2025-12-10 02:37 | |
|
Botvrij.eu MISP Feed - OSINT
Botvrij.eu OSINT MISP feed with botnet and malware intelligence |
rest_api | Enabled | 9948 | 2025-12-10 01:37 | |
|
CIRC.LU MISP Feed - OSINT
CIRCL OSINT MISP feed with community-contributed threat intelligence |
rest_api | Enabled | 9559 | 2025-12-10 01:32 | |
|
Danger.rulez.sk Brute Force IPs
SSH/FTP brute force attackers reported to danger.rulez.sk |
rest_api | Enabled | 459 | 2025-12-09 20:22 | |
|
Dataplane SSH Password Auth
IPs attempting SSH password authentication attacks |
rest_api | Enabled | 2018 | 2025-12-09 20:22 | |
|
EclecticIQ
EclecticIQ free threat intelligence API Key Missing |
taxii | Enabled | 10 | 2025-12-10 02:37 | |
|
Emerging Threats Compromised IPs
Known compromised IP addresses from Proofpoint Emerging Threats |
rest_api | Enabled | 449 | 2025-12-10 00:57 | |
|
Feodo Tracker Botnet C2s
Botnet command and control servers (Emotet, Dridex, TrickBot, QakBot) |
rest_api | Enabled | 10 | 2025-12-10 02:12 | |
|
FireHOL Level 1 - High Confidence Attackers
Maximum protection with minimum false positives - includes dshield, feodo, spamhaus_drop |
rest_api | Enabled | 4541 | 2025-12-10 01:22 | |
|
FireHOL Level 2 - Recent Attacks (48h)
IPs tracked for attacks in last 48 hours - includes blocklist_de, greensnow |
rest_api | Enabled | 726 | 2025-12-10 01:17 | |
|
FireHOL Level 3 - Recent Threats (30d)
Attacks, spyware, viruses detected in last 30 days |
rest_api | Enabled | 1385 | 2025-12-10 00:17 | |
|
MalwareBazaar Recent Samples
Recent malware samples from MalwareBazaar (last 60 minutes) |
rest_api | Enabled | 557 | 2025-12-10 02:37 | |
|
OpenPhish Phishing URLs
Active phishing URLs detected by OpenPhish |
rest_api | Enabled | 1085 | 2025-12-10 02:37 | |
|
SANS ISC Top Attackers
DShield.org top 20 attacking /24 subnets over last 3 days |
rest_api | Enabled | 33 | 2025-12-09 20:12 | |
|
Sblam HTTP Spammers
HTTP form (comment) spam sources identified by Sblam.com |
rest_api | Enabled | 1526 | 2025-12-10 02:37 | |
|
Spamhaus DROP List
Spamhaus Don't Route Or Peer list - worst spam/cybercrime netblocks |
rest_api | Enabled | 1470 | 2025-12-10 02:37 | |
|
SSL Blacklist - Certificates
Malicious SSL certificates used by botnets |
rest_api | Enabled | 1000 | 2025-12-10 02:37 | |
|
ThreatFox Recent IOCs
Recent indicators of compromise from ThreatFox (last 3 days) |
rest_api | Enabled | 2056 | 2025-12-10 02:37 | |
|
URLhaus Recent Payloads
Recent malware payloads from URLhaus (last 3 days) |
rest_api | Enabled | 894 | 2025-12-09 17:07 | |
|
URLhaus Recent URLs
Recent malicious URLs from URLhaus (last 3 days) |
rest_api | Enabled | 1000 | 2025-12-10 02:37 | |
|
VXVault Malware URLs
Last 100 malware distribution URLs from VXVault |
rest_api | Enabled | 100 | 2025-12-09 20:22 |