Extract and aggregate threat intelligence.

本项目致力于收集网上公开来源的威胁情报，主要关注信誉类威胁情报（如IP/域名等），以及事件类威胁情报。

10-20x more blocks for your CrowdSec bouncers — 120k+ IPs from 36 free threat feeds

Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨

AI-Powered Security Feed in Real Time

Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.

Automated threat intelligence collector built with Python and GitHub Actions — fetches recent IOCs from open sources, normalizes and enriches them (IP, URL, hash, CVE), and publishes ready-to-use feeds in CSV, JSON, and STIX formats.

🦅 Use fingerprinting to actively hunt for Command and Control servers on Shodan. Process threat feeds from Abuse.ch services to create a local database of C2 servers.

Scrapes a list of Payload Domains, IOC's & C2 IPs from from various feeds for easy blacklisting.

Threat-feed IP block automation for Linux and macOS firewalls (iptables, nftables, pf) with cron-ready updates, dry-run previews, and package releases.

Easily manage blocking any external threat across all your FortiGate firewalls within a minute.

Automated IPv4 threat intelligence: combined blacklist from 100+ feeds, confidence scoring, ASN reputation, geo-tagged per country. Updated every 3h.

Automatically created C2 Feeds for Fortigate

A retro-styled terminal dashboard in Python that pulls live cybersecurity threat feeds — CVEs, APT reports, zero-day alerts, ransomware, malicious IPs, and more. Features a scrolling ticker, color-coded severity, threat heat metrics, and API Tools. Fun, informative, and visually awesome — serious intel without taking itself too seriously.

Provide Rust-based MISP data models with full attribute support and bidirectional STIX 2.1 conversion for threat intelligence workflows.

🛡️ Import over 120,000 IPs from 36 threat feeds into CrowdSec for free, enhancing your security with crowd-sourced threat intelligence.

Automated phishing threat intelligence feed with URLs, IPs, domains, and IOC data.