Feed | IoCs | |
---|---|---|
|
Command and Controls
This feed allocates all the alive Command & Controls from different RAT's and Botnets. It generates low noise when used ... |
17,848 |
|
Malware Distribution
Collection IoCs that are actively distributing malware. These endpoints are contacted to download following stages after... |
30,079 |
|
TOR Nodes
Tor, short for The Onion Router, is free and open-source software for enabling anonymous communication. It is intended u... |
8,124 |
|
Malicious IP
Set of IP addresses with context covering malicious hosts |
249,613 |
![]() |
T1566 - Phishing
Contains Phishing URLs that an adversary uses normally via email or other communication channels to trick a victim into ... |
147,764 |
|
Advanced Persistent Threats
Maltiverse APT threat intelligence feed provides IoCs related to highly skilled, sophisticated and focused Attack Groups... |
1,407 |
![]() |
S0367 - Emotet
Emotet is a Trojan that is primarily spread through spam emails (malspam). The infection may arrive either via malicious... |
130 |
|
Cybercrime
Covers most active and prolific threats used by active organized cybercrime. It contemplates IoCs from diverse malware f... |
29,740 |
![]() |
S0154 - Cobalt Strike
Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software des... |
28,635 |
|
Malware
Covering the most dangerous, prevalent and emerging malware |
17,638 |
|
Malicious URL
Covers malicious URL's disregarding phishing |
39,838 |
|
Known Attackers
Contains a selection of active known attacker IPs. SSH Attackers, HTTP Attackers, Spammers and Bots, Mail Spammers, DDoS... |
206,604 |
|
Malicious Hostnames
Collection of malicious hostnames disregarding DGA |
175,363 |
![]() |
S0650 - Qakbot
QakBot is a modular banking trojan that has been used primarily by financially-motivated actors since at least 2007. Qak... |
8,225 |
|
Industrial Control Systems
This feeds provides IOC's related to well known malware and threat actors that are normally interested in Industrial Sec... |
3,228 |
|
IoT
Feed that contains a collection of alive IoCs relate to Internet of Things threats like Mozi or Mirai |
26,900 |
![]() |
S0386 - Ursnif
Ursnif is a banking trojan and variant of the Gozi malware observed being spread through various automated exploit kits,... |
958 |
|
Unreliable subdomains
This collection contains subdomains that are belonging to legit parent domains that are abused and used for non-legit pu... |
541 |
![]() |
S0379 - Revenge RAT
Revenge RAT is a freely available remote access tool written in .NET (C#). |
86 |
![]() |
S0453 - Pony
Pony is a credential stealing malware, though has also been used among adversaries for its downloader capabilities. The ... |
4,588 |
![]() |
S0331 - AgentTesla
AgentTesla is a sophisticated and widely-used Remote Access Trojan (RAT) that has been active since 2014. It is a form o... |
12,590 |
![]() |
S0344 - Azorult
Azorult is a commercial Trojan that is used to steal information from compromised hosts. Azorult has been observed in th... |
1,546 |
![]() |
S0262 - QuasarRAT
QuasarRAT is an open-source, remote access tool that has been publicly available on GitHub since at least 2014. QuasarRA... |
1,133 |
![]() |
S0385 - njRAT
njRAT is a remote access tool (RAT) that was first observed in 2012. It has been used by threat actors in the Middle Eas... |
1,143 |
![]() |
S0334 - DarkComet
DarkComet is a Windows remote administration tool and backdoor. |
1,391 |