mirror of https://github.com/MISP/MISP
1824 lines
56 KiB
JSON
1824 lines
56 KiB
JSON
[
|
|
{
|
|
"Feed": {
|
|
"name": "ELLIO: IP Feed (Community version)",
|
|
"provider": "ellio.tech",
|
|
"url": "https://cdn.ellio.tech/community-feed",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": true,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "CIRCL OSINT Feed",
|
|
"provider": "CIRCL",
|
|
"url": "https://www.circl.lu/doc/misp/feed-osint",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": true,
|
|
"source_format": "misp",
|
|
"fixed_event": false,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "The Botvrij.eu Data",
|
|
"provider": "Botvrij.eu",
|
|
"url": "https://www.botvrij.eu/data/feed-osint",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": true,
|
|
"source_format": "misp",
|
|
"fixed_event": false,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "blockrules of rules.emergingthreats.net",
|
|
"provider": "rules.emergingthreats.net",
|
|
"url": "https://rules.emergingthreats.net/blockrules/compromised-ips.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": false,
|
|
"override_ids": true,
|
|
"settings": "{\"csv\":{\"value\":\"1\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "Tor exit nodes",
|
|
"provider": "TOR Node List from dan.me.uk - careful, this feed applies a lock-out after each pull. This is shared with the \"Tor ALL nodes\" feed.",
|
|
"url": "https://www.dan.me.uk/torlist/?exit",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "Tor ALL nodes",
|
|
"provider": "TOR Node List from dan.me.uk - careful, this feed applies a lock-out after each pull. This is shared with the \"Tor exit nodes\" feed.",
|
|
"url": "https://www.dan.me.uk/torlist/",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "cybercrime-tracker.net - all",
|
|
"provider": "cybercrime-tracker.net",
|
|
"url": "https://cybercrime-tracker.net/all.php",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "\"{\\\"csv\\\":{\\\"value\\\":\\\"\\\"}}\"",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "Phishtank online valid phishing",
|
|
"provider": "Phishtank",
|
|
"url": "https://data.phishtank.com/data/online-valid.csv",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"2\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\\/^http:\\\\\\/\\\\\\/www.phishtank.com\\/i\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "ip-block-list - snort.org",
|
|
"provider": "https://snort.org",
|
|
"url": "https://snort.org/downloads/ip-block-list",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": true,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "diamondfox_panels",
|
|
"provider": "pan-unit42",
|
|
"url": "https://raw.githubusercontent.com/pan-unit42/iocs/master/diamondfox/diamondfox_panels.txt",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": true,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "pop3gropers",
|
|
"provider": "home.nuug.no",
|
|
"url": "https://home.nuug.no/~peter/pop3gropers.txt",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": true,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "Feodo IP Blocklist",
|
|
"provider": "abuse.ch",
|
|
"url": "https://feodotracker.abuse.ch/downloads/ipblocklist.csv",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"2\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "OpenPhish url list",
|
|
"provider": "openphish.com",
|
|
"url": "https://openphish.com/feed.txt",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "firehol_level1",
|
|
"provider": "iplists.firehol.org",
|
|
"url": "https://raw.githubusercontent.com/ktsaou/blocklist-ipsets/master/firehol_level1.netset",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "IPs from High-Confidence DGA-Based C&Cs Actively Resolving - requires a valid license",
|
|
"provider": "osint.bambenekconsulting.com",
|
|
"url": "https://osint.bambenekconsulting.com/feeds/c2-ipmasterlist-high.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"1\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "Domains from High-Confidence DGA-based C&C Domains Actively Resolving",
|
|
"provider": "osint.bambenekconsulting.com",
|
|
"url": "https://osint.bambenekconsulting.com/feeds/c2-dommasterlist-high.txt",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"1\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "ci-badguys.txt",
|
|
"provider": "cinsscore.com",
|
|
"url": "https://cinsscore.com/list/ci-badguys.txt",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": false,
|
|
"override_ids": true,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "alienvault reputation generic",
|
|
"provider": ".alienvault.com",
|
|
"url": "https://reputation.alienvault.com/reputation.generic",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"1\",\"delimiter\":\" \"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "blocklist.de/lists/all.txt",
|
|
"provider": "blocklist.de",
|
|
"url": "https://lists.blocklist.de/lists/all.txt",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "VNC RFB",
|
|
"provider": "dataplane.org",
|
|
"url": "https://dataplane.org/vncrfb.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "sshpwauth.txt",
|
|
"provider": "dataplane.org",
|
|
"url": "https://dataplane.org/sshpwauth.txt",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "sipregistration",
|
|
"provider": "dataplane.org",
|
|
"url": "https://dataplane.org/sipregistration.txt",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "sipquery",
|
|
"provider": "dataplane.org",
|
|
"url": "https://dataplane.org/sipquery.txt",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "sipinvitation",
|
|
"provider": "dataplane.org",
|
|
"url": "https://dataplane.org/sipinvitation.txt",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "DNS recursion desired",
|
|
"provider": "dataplane.org",
|
|
"url": "https://dataplane.org/dnsrd.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "DNS recursion desired IN ANY",
|
|
"provider": "dataplane.org",
|
|
"url": "https://dataplane.org/dnsrdany.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "DNS CH TXT version.bind",
|
|
"provider": "dataplane.org",
|
|
"url": "https://dataplane.org/dnsversion.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "IP protocol 41",
|
|
"provider": "dataplane.org",
|
|
"url": "https://dataplane.org/proto41.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "SMTP data",
|
|
"provider": "dataplane.org",
|
|
"url": "https://dataplane.org/smtpdata.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "SMTP greet",
|
|
"provider": "dataplane.org",
|
|
"url": "https://dataplane.org/smtpgreet.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "TELNET login",
|
|
"provider": "dataplane.org",
|
|
"url": "https://dataplane.org/telnetlogin.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "All current domains belonging to known malicious DGAs",
|
|
"provider": "osint.bambenekconsulting.com",
|
|
"url": "https://osint.bambenekconsulting.com/feeds/dga-feed-high.csv",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"1\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "VXvault - URL List",
|
|
"provider": "VXvault",
|
|
"url": "http://vxvault.net/URL_List.php",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "abuse.ch SSL IPBL",
|
|
"provider": "abuse.ch",
|
|
"url": "https://sslbl.abuse.ch/blacklist/sslblacklist.csv",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"2\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "http://cybercrime-tracker.net hashlist",
|
|
"provider": "http://cybercrime-tracker.net hashlist",
|
|
"url": "https://cybercrime-tracker.net/ccamlist.php",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "http://cybercrime-tracker.net gatelist",
|
|
"provider": "http://cybercrime-tracker.net gatelist",
|
|
"url": "https://cybercrime-tracker.net/ccamgate.php",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "blocklist.greensnow.co",
|
|
"provider": "greensnow.co",
|
|
"url": "https://blocklist.greensnow.co/greensnow.txt",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"1\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "This list contains all domains - A list for administrators to prevent mining in networks",
|
|
"provider": "ZeroDot1 - CoinBlockerLists",
|
|
"url": "https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list.txt?inline=false",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "This list contains all optional domains - An additional list for administrators",
|
|
"provider": "ZeroDot1 - CoinBlockerLists",
|
|
"url": "https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list_optional.txt?inline=false",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "This list contains all browser mining domains - A list to prevent browser mining only",
|
|
"provider": "ZeroDot1 - CoinBlockerLists",
|
|
"url": "https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list_browser.txt?inline=false",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "URLHaus Malware URLs",
|
|
"provider": "abuse.ch",
|
|
"url": "https://urlhaus.abuse.ch/downloads/csv_recent/",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"},\"disable_correlation\":\"1\"}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "CyberCure - IP Feed",
|
|
"provider": "www.cybercure.ai",
|
|
"url": "https://api.cybercure.ai/feed/get_ips?type=csv",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "CyberCure - Blocked URL Feed",
|
|
"provider": "www.cybercure.ai",
|
|
"url": "https://api.cybercure.ai/feed/get_url?type=csv",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "CyberCure - Hash Feed",
|
|
"provider": "www.cybercure.ai",
|
|
"url": "https://api.cybercure.ai/feed/get_hash?type=csv",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "ipspamlist",
|
|
"provider": "ipspamlist",
|
|
"url": "http://www.ipspamlist.com/public_feeds.csv",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "mirai.security.gives",
|
|
"provider": "security.gives",
|
|
"url": "https://mirai.security.gives/data/ip_list.txt",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "malsilo.url",
|
|
"provider": "MalSilo",
|
|
"url": "https://malsilo.gitlab.io/feeds/dumps/url_list.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": false,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "malsilo.ipv4",
|
|
"provider": "MalSilo",
|
|
"url": "https://malsilo.gitlab.io/feeds/dumps/ip_list.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": false,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "malsilo.domain",
|
|
"provider": "MalSilo",
|
|
"url": "https://malsilo.gitlab.io/feeds/dumps/domain_list.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": false,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "malshare.com - current all",
|
|
"provider": "malshare.com",
|
|
"url": "https://malshare.com/daily/malshare.current.all.txt",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "Panels Tracker",
|
|
"provider": "Benkow.cc",
|
|
"url": "https://benkow.cc/export.php",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": false,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3,4\",\"delimiter\":\";\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "IPsum (aggregation of all feeds) - level 1 - lot of false positives",
|
|
"provider": "IPsum",
|
|
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/1.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"automatic-collection\"",
|
|
"colour": "#005b9d",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "IPsum (aggregation of all feeds) - level 2 - medium false positives",
|
|
"provider": "IPsum",
|
|
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/2.txt",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004577",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "IPsum (aggregation of all feeds) - level 3 - low false positives",
|
|
"provider": "IPsum",
|
|
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/3.txt",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004577",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "IPsum (aggregation of all feeds) - level 4 - very low false positives",
|
|
"provider": "IPsum",
|
|
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/4.txt",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004577",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "IPsum (aggregation of all feeds) - level 5 - ultra false positives",
|
|
"provider": "IPsum",
|
|
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/5.txt",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004577",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "IPsum (aggregation of all feeds) - level 6 - no false positives",
|
|
"provider": "IPsum",
|
|
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/6.txt",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004577",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "IPsum (aggregation of all feeds) - level 7 - no false positives",
|
|
"provider": "IPsum",
|
|
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/7.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004577",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "IPsum (aggregation of all feeds) - level 8 - no false positives",
|
|
"provider": "IPsum",
|
|
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/8.txt",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004577",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "DigitalSide Threat-Intel OSINT Feed",
|
|
"provider": "osint.digitalside.it",
|
|
"url": "https://osint.digitalside.it/Threat-Intel/digitalside-misp-feed/",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "misp",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "Metasploit exploits with CVE assigned",
|
|
"provider": "eCrimeLabs",
|
|
"url": "https://feeds.ecrimelabs.net/data/metasploit-cve",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": true,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004577",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "Malware Bazaar",
|
|
"provider": "abuse.ch",
|
|
"url": "https://bazaar.abuse.ch/export/txt/md5/recent/",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]},\"url_params\":\"\"}",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\\/^#.*\\/i\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004577",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "PhishScore",
|
|
"provider": "PhishStats",
|
|
"url": "https://phishstats.info/phish_score.csv",
|
|
"rules": "",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "Threatfox",
|
|
"provider": "abuse.ch",
|
|
"url": "https://threatfox.abuse.ch/downloads/misp/",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]},\"url_params\":\"\"}",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"sharing_group_id": "0",
|
|
"tag_id": "0",
|
|
"default": false,
|
|
"source_format": "misp",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"event_id": "0",
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true,
|
|
"headers": "",
|
|
"caching_enabled": false,
|
|
"force_to_ids": false,
|
|
"orgc_id": "0",
|
|
"cached_elements": 0,
|
|
"coverage_by_other_feeds": "0%"
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "MalwareBazaar",
|
|
"provider": "abuse.ch",
|
|
"url": "https://bazaar.abuse.ch/downloads/misp/",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "misp",
|
|
"fixed_event": false,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "URLhaus",
|
|
"provider": "abuse.ch",
|
|
"url": "https://urlhaus.abuse.ch/downloads/misp/",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "misp",
|
|
"fixed_event": false,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"},\"disable_correlation\":\"1\"}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "URL Seen in honeypots",
|
|
"provider": "APNIC Community Honeynet Project",
|
|
"url": "https://feeds.honeynet.asia/url/latest-url-unique.csv",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"sharing_group_id": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true,
|
|
"caching_enabled": true,
|
|
"force_to_ids": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "SSH Bruteforce IPs",
|
|
"provider": "APNIC Community Honeynet Project",
|
|
"url": "https://feeds.honeynet.asia/bruteforce/latest-sshbruteforce-unique.csv",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"sharing_group_id": "0",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true,
|
|
"caching_enabled": true,
|
|
"force_to_ids": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "Telnet Bruteforce IPs",
|
|
"provider": "APNIC Community Honeynet Project",
|
|
"url": "https://feeds.honeynet.asia/bruteforce/latest-telnetbruteforce-unique.csv",
|
|
"rules": "",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"sharing_group_id": "0",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true,
|
|
"caching_enabled": true,
|
|
"force_to_ids": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "threatfox indicators of compromise",
|
|
"provider": "abuse.ch",
|
|
"url": "https://threatfox.abuse.ch/export/csv/recent/",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": false,
|
|
"distribution": "0",
|
|
"sharing_group_id": "0",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true,
|
|
"caching_enabled": true,
|
|
"force_to_ids": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "James Brine Bruteforce IPs",
|
|
"provider": "jamesbrine.com.au",
|
|
"url": "https://jamesbrine.com.au/csv",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]},\"type_attributes\":{\"NOT\":[]},\"type_objects\":{\"NOT\":[]},\"url_params\":\"\"}",
|
|
"enabled": true,
|
|
"distribution": "3",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"disable_correlation\":\"0\",\"csv\":{\"value\":\"1\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "List of malicious domains in Poland",
|
|
"provider": "CERT-PL",
|
|
"url": "https://hole.cert.pl/domains/domains.txt",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]},\"type_attributes\":{\"NOT\":[]},\"type_objects\":{\"NOT\":[]},\"url_params\":\"\"}",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"sharing_group_id": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"disable_correlation\":\"0\",\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": true,
|
|
"caching_enabled": true
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "List of malicious hashes",
|
|
"provider": "Banco do Brasil S.A",
|
|
"url": "https://cti.bb.com.br:8443/hash-list.csv",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]},\"type_attributes\":{\"NOT\":[]},\"type_objects\":{\"NOT\":[]},\"url_params\":\"\"}",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "csv",
|
|
"fixed_event": true,
|
|
"delta_merge": false,
|
|
"event_id": "0",
|
|
"publish": false,
|
|
"override_ids": false,
|
|
"settings": "{\"disable_correlation\":\"0\",\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false,
|
|
"headers": "",
|
|
"caching_enabled": true,
|
|
"force_to_ids": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004577",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "Shreshta: Newly Registered domain names(NRD) - 1 week (Community policy feed)",
|
|
"provider": "shreshtait.com",
|
|
"url": "https://shreshtait.com/newly-registered-domains/nrd-1w",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": true,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
},
|
|
{
|
|
"Feed": {
|
|
"name": "Shreshta: Newly Registered domain names (NRD) - 1 month (Community policy feed)",
|
|
"provider": "shreshtait.com",
|
|
"url": "https://shreshtait.com/newly-registered-domains/nrd-1m",
|
|
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
|
"enabled": true,
|
|
"distribution": "0",
|
|
"default": false,
|
|
"source_format": "freetext",
|
|
"fixed_event": true,
|
|
"delta_merge": true,
|
|
"publish": true,
|
|
"override_ids": false,
|
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
|
"input_source": "network",
|
|
"delete_local_file": false,
|
|
"lookup_visible": false
|
|
},
|
|
"Tag": {
|
|
"name": "osint:source-type=\"block-or-filter-list\"",
|
|
"colour": "#004f89",
|
|
"exportable": true,
|
|
"hide_tag": false
|
|
}
|
|
}
|
|
]
|