Feeds wishlist¶
This is a list with various feeds, which are either currently not supported or the usage is not clearly documented in IntelMQ.
If you want to contribute documenting how to configure existing bots in order to collect new feeds or by creating new parsers, here is a list of potentially interesting feeds. See Feeds documentation for more information on this.
This list evolved from the issue Contribute: Feeds List (#384).
- Lists of feeds:
- Some third party intelmq bots: NRDCS’ IntelMQ fork
- List of potentially interesting data sources:
- Abuse.ch SSL Blacklists
- AbuseIPDB
- Adblock Plus
- apivoid IP Reputation API
- Anomali Limo Free Intel Feed
- APWG’s ecrimex
- Berkeley
- Binary Defense
- Bot Invaders Realtime tracker
- Botherder Targetedthreats
- Botscout Last Caught
- botvrij
- Carbon Black Feeds
- CERT.pl Phishing Warning List
- Chaos Reigns
- Critical Stack
- Cruzit
- Cyber Crime Tracker
- drb-ra C2IntelFeeds
- DNS DB API
- ESET Malware Indicators of Compromise
- Facebook Threat Exchange
- FilterLists
- Firehol IPLists
- Google Webmaster Alerts
- GPF Comics DNS Blacklist
- Greensnow
- Greynoise
- HP Feeds
- IBM X-Force Exchange
- ImproWare AntiSpam
- ISightPartners
- James Brine
- Joewein
- Maltrail:
- Malware
- Suspicious
- Mass Scanners (for whitelisting)
- Malshare
- MalSilo Malware URLs
- Malware Config
- Malware DB (cert.pl)
- MalwareInt
- Malware Must Die
- Manity Spam IP addresses
- Marc Blanchard DGA Domains
- MaxMind Proxies
- mIRC Servers
- Monzymerza
- Multiproxy
- Neo23x0 signature-base
- OpenBugBounty
- Phishing Army
- Phishstats, offers JSON (“API) and CSV download.
- Project Honeypot (#284)
- RST Threat Feed (offers a free and a commercial feed)
- SANS ISC
- ShadowServer Sandbox API
- Shodan search API
- Snort
- stopforumspam Toxic IP addresses and domains
- Spamhaus Botnet Controller List
- SteveBlack Hosts File
- The Haleys
- Threat Crowd
- Threat Grid
- Threatstream
- TOR Project Exit addresses
- TotalHash
- UCE Protect
- Unit 42 Public Report IOCs
- URI BL
- urlscan.io
- Virustotal
- virustream
- VoIP Blacklist
- YourCMC