Intelligence Feeds

Search for Threat Intelligence Feeds
59 feeds found

Feed IoCs
Command and Controls
This feed allocates all the alive Command & Controls from different RAT's and Botnets. It generates low noise when used ...
17,848
Malware Distribution
Collection IoCs that are actively distributing malware. These endpoints are contacted to download following stages after...
30,079
TOR Nodes
Tor, short for The Onion Router, is free and open-source software for enabling anonymous communication. It is intended u...
8,124
Malicious IP
Set of IP addresses with context covering malicious hosts
249,613
T1566 - Phishing
Contains Phishing URLs that an adversary uses normally via email or other communication channels to trick a victim into ...
147,764
Advanced Persistent Threats
Maltiverse APT threat intelligence feed provides IoCs related to highly skilled, sophisticated and focused Attack Groups...
1,407
S0367 - Emotet
Emotet is a Trojan that is primarily spread through spam emails (malspam). The infection may arrive either via malicious...
130
Cybercrime
Covers most active and prolific threats used by active organized cybercrime. It contemplates IoCs from diverse malware f...
29,740
S0154 - Cobalt Strike
Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software des...
28,635
Malware
Covering the most dangerous, prevalent and emerging malware
17,638
Malicious URL
Covers malicious URL's disregarding phishing
39,838
Known Attackers
Contains a selection of active known attacker IPs. SSH Attackers, HTTP Attackers, Spammers and Bots, Mail Spammers, DDoS...
206,604
Malicious Hostnames
Collection of malicious hostnames disregarding DGA
175,363
S0650 - Qakbot
QakBot is a modular banking trojan that has been used primarily by financially-motivated actors since at least 2007. Qak...
8,225
Industrial Control Systems
This feeds provides IOC's related to well known malware and threat actors that are normally interested in Industrial Sec...
3,228
IoT
Feed that contains a collection of alive IoCs relate to Internet of Things threats like Mozi or Mirai
26,900
S0386 - Ursnif
Ursnif is a banking trojan and variant of the Gozi malware observed being spread through various automated exploit kits,...
958
Unreliable subdomains
This collection contains subdomains that are belonging to legit parent domains that are abused and used for non-legit pu...
541
S0379 - Revenge RAT
Revenge RAT is a freely available remote access tool written in .NET (C#).
86
S0453 - Pony
Pony is a credential stealing malware, though has also been used among adversaries for its downloader capabilities. The ...
4,588
S0331 - AgentTesla
AgentTesla is a sophisticated and widely-used Remote Access Trojan (RAT) that has been active since 2014. It is a form o...
12,590
S0344 - Azorult
Azorult is a commercial Trojan that is used to steal information from compromised hosts. Azorult has been observed in th...
1,546
S0262 - QuasarRAT
QuasarRAT is an open-source, remote access tool that has been publicly available on GitHub since at least 2014. QuasarRA...
1,133
S0385 - njRAT
njRAT is a remote access tool (RAT) that was first observed in 2012. It has been used by threat actors in the Middle Eas...
1,143
S0334 - DarkComet
DarkComet is a Windows remote administration tool and backdoor.
1,391