Designed to help aggregate IP, URL and Domain Indicators of Compromise into a central location for easier integration and analysis into open-source tooling by security analysts.
Feeds are queries and aggregated into lists separated by source and line-separated by '>>>' like 'IOC>>>Description'. Example below:
#Source Description
IOC>>>Description
IOC>>>Description
#Source New Description
IOC>>>Description
- https://www.binarydefense.com
- https://www.botvrij.eu
- http://cinsscore.com
- http://lists.blocklist.de
- https://feeds.dshield.org
- https://rules.emergingthreats.net
- https://github.com/firehol/blocklist-ipsets
- http://blocklist.greensnow.co
- https://myip.ms
- https://data.netlab.360.com
- https://report.rutgers.edu
- https://github.com/scriptzteam/badIPS
- https://github.com/SecOps-Institute
- https://github.com/stamparm/ipsum
- https://www.talosintelligence.com
- http://charles.the-haleys.org
- https://check.torproject.org
- http://tweettioc.com
- https://urlhaus.abuse.ch