MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
MISP/app/files/feed-metadata/defaults.json

1824 lines
56 KiB
JSON
Raw Blame History

[
{
"Feed": {
"name": "ELLIO: IP Feed (Community version)",
"provider": "ellio.tech",
"url": "https://cdn.ellio.tech/community-feed",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": true,
"publish": true,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "CIRCL OSINT Feed",
"provider": "CIRCL",
"url": "https://www.circl.lu/doc/misp/feed-osint",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": true,
"source_format": "misp",
"fixed_event": false,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
}
},
{
"Feed": {
"name": "The Botvrij.eu Data",
"provider": "Botvrij.eu",
"url": "https://www.botvrij.eu/data/feed-osint",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": true,
"source_format": "misp",
"fixed_event": false,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
}
},
{
"Feed": {
"name": "blockrules of rules.emergingthreats.net",
"provider": "rules.emergingthreats.net",
"url": "https://rules.emergingthreats.net/blockrules/compromised-ips.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "0",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": true,
"publish": false,
"override_ids": true,
"settings": "{\"csv\":{\"value\":\"1\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "Tor exit nodes",
"provider": "TOR Node List from dan.me.uk - careful, this feed applies a lock-out after each pull. This is shared with the \"Tor ALL nodes\" feed.",
"url": "https://www.dan.me.uk/torlist/?exit",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "0",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": true,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "Tor ALL nodes",
"provider": "TOR Node List from dan.me.uk - careful, this feed applies a lock-out after each pull. This is shared with the \"Tor exit nodes\" feed.",
"url": "https://www.dan.me.uk/torlist/",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "0",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": true,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "cybercrime-tracker.net - all",
"provider": "cybercrime-tracker.net",
"url": "https://cybercrime-tracker.net/all.php",
"rules": "",
"enabled": true,
"distribution": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": true,
"publish": false,
"override_ids": false,
"settings": "\"{\\\"csv\\\":{\\\"value\\\":\\\"\\\"}}\"",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "Phishtank online valid phishing",
"provider": "Phishtank",
"url": "https://data.phishtank.com/data/online-valid.csv",
"rules": "",
"enabled": true,
"distribution": "0",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": true,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"2\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\\/^http:\\\\\\/\\\\\\/www.phishtank.com\\/i\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "ip-block-list - snort.org",
"provider": "https://snort.org",
"url": "https://snort.org/downloads/ip-block-list",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": true,
"publish": true,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "diamondfox_panels",
"provider": "pan-unit42",
"url": "https://raw.githubusercontent.com/pan-unit42/iocs/master/diamondfox/diamondfox_panels.txt",
"rules": "",
"enabled": true,
"distribution": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": true,
"publish": true,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "pop3gropers",
"provider": "home.nuug.no",
"url": "https://home.nuug.no/~peter/pop3gropers.txt",
"rules": "",
"enabled": true,
"distribution": "0",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": true,
"publish": true,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "Feodo IP Blocklist",
"provider": "abuse.ch",
"url": "https://feodotracker.abuse.ch/downloads/ipblocklist.csv",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"2\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "OpenPhish url list",
"provider": "openphish.com",
"url": "https://openphish.com/feed.txt",
"rules": "",
"enabled": false,
"distribution": "3",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": true,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "firehol_level1",
"provider": "iplists.firehol.org",
"url": "https://raw.githubusercontent.com/ktsaou/blocklist-ipsets/master/firehol_level1.netset",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": true,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "IPs from High-Confidence DGA-Based C&Cs Actively Resolving - requires a valid license",
"provider": "osint.bambenekconsulting.com",
"url": "https://osint.bambenekconsulting.com/feeds/c2-ipmasterlist-high.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": true,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"1\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "Domains from High-Confidence DGA-based C&C Domains Actively Resolving",
"provider": "osint.bambenekconsulting.com",
"url": "https://osint.bambenekconsulting.com/feeds/c2-dommasterlist-high.txt",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": true,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"1\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "ci-badguys.txt",
"provider": "cinsscore.com",
"url": "https://cinsscore.com/list/ci-badguys.txt",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": true,
"publish": false,
"override_ids": true,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "alienvault reputation generic",
"provider": ".alienvault.com",
"url": "https://reputation.alienvault.com/reputation.generic",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"1\",\"delimiter\":\" \"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "blocklist.de/lists/all.txt",
"provider": "blocklist.de",
"url": "https://lists.blocklist.de/lists/all.txt",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "VNC RFB",
"provider": "dataplane.org",
"url": "https://dataplane.org/vncrfb.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "sshpwauth.txt",
"provider": "dataplane.org",
"url": "https://dataplane.org/sshpwauth.txt",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "sipregistration",
"provider": "dataplane.org",
"url": "https://dataplane.org/sipregistration.txt",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "sipquery",
"provider": "dataplane.org",
"url": "https://dataplane.org/sipquery.txt",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "sipinvitation",
"provider": "dataplane.org",
"url": "https://dataplane.org/sipinvitation.txt",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "DNS recursion desired",
"provider": "dataplane.org",
"url": "https://dataplane.org/dnsrd.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "DNS recursion desired IN ANY",
"provider": "dataplane.org",
"url": "https://dataplane.org/dnsrdany.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "DNS CH TXT version.bind",
"provider": "dataplane.org",
"url": "https://dataplane.org/dnsversion.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "IP protocol 41",
"provider": "dataplane.org",
"url": "https://dataplane.org/proto41.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "SMTP data",
"provider": "dataplane.org",
"url": "https://dataplane.org/smtpdata.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "SMTP greet",
"provider": "dataplane.org",
"url": "https://dataplane.org/smtpgreet.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "TELNET login",
"provider": "dataplane.org",
"url": "https://dataplane.org/telnetlogin.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "All current domains belonging to known malicious DGAs",
"provider": "osint.bambenekconsulting.com",
"url": "https://osint.bambenekconsulting.com/feeds/dga-feed-high.csv",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": true,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"1\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "VXvault - URL List",
"provider": "VXvault",
"url": "http://vxvault.net/URL_List.php",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "abuse.ch SSL IPBL",
"provider": "abuse.ch",
"url": "https://sslbl.abuse.ch/blacklist/sslblacklist.csv",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"2\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "http://cybercrime-tracker.net hashlist",
"provider": "http://cybercrime-tracker.net hashlist",
"url": "https://cybercrime-tracker.net/ccamlist.php",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "http://cybercrime-tracker.net gatelist",
"provider": "http://cybercrime-tracker.net gatelist",
"url": "https://cybercrime-tracker.net/ccamgate.php",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "blocklist.greensnow.co",
"provider": "greensnow.co",
"url": "https://blocklist.greensnow.co/greensnow.txt",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"1\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "This list contains all domains - A list for administrators to prevent mining in networks",
"provider": "ZeroDot1 - CoinBlockerLists",
"url": "https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list.txt?inline=false",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "This list contains all optional domains - An additional list for administrators",
"provider": "ZeroDot1 - CoinBlockerLists",
"url": "https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list_optional.txt?inline=false",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "This list contains all browser mining domains - A list to prevent browser mining only",
"provider": "ZeroDot1 - CoinBlockerLists",
"url": "https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list_browser.txt?inline=false",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "URLHaus Malware URLs",
"provider": "abuse.ch",
"url": "https://urlhaus.abuse.ch/downloads/csv_recent/",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"},\"disable_correlation\":\"1\"}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "CyberCure - IP Feed",
"provider": "www.cybercure.ai",
"url": "https://api.cybercure.ai/feed/get_ips?type=csv",
"rules": "",
"enabled": false,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
}
},
{
"Feed": {
"name": "CyberCure - Blocked URL Feed",
"provider": "www.cybercure.ai",
"url": "https://api.cybercure.ai/feed/get_url?type=csv",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
}
},
{
"Feed": {
"name": "CyberCure - Hash Feed",
"provider": "www.cybercure.ai",
"url": "https://api.cybercure.ai/feed/get_hash?type=csv",
"rules": "",
"enabled": false,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
}
},
{
"Feed": {
"name": "ipspamlist",
"provider": "ipspamlist",
"url": "http://www.ipspamlist.com/public_feeds.csv",
"rules": "",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "mirai.security.gives",
"provider": "security.gives",
"url": "https://mirai.security.gives/data/ip_list.txt",
"rules": "",
"enabled": false,
"distribution": "3",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "malsilo.url",
"provider": "MalSilo",
"url": "https://malsilo.gitlab.io/feeds/dumps/url_list.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": false,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "malsilo.ipv4",
"provider": "MalSilo",
"url": "https://malsilo.gitlab.io/feeds/dumps/ip_list.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": false,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "malsilo.domain",
"provider": "MalSilo",
"url": "https://malsilo.gitlab.io/feeds/dumps/domain_list.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": false,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "malshare.com - current all",
"provider": "malshare.com",
"url": "https://malshare.com/daily/malshare.current.all.txt",
"rules": "",
"enabled": false,
"distribution": "3",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "Panels Tracker",
"provider": "Benkow.cc",
"url": "https://benkow.cc/export.php",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": false,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3,4\",\"delimiter\":\";\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
}
},
{
"Feed": {
"name": "IPsum (aggregation of all feeds) - level 1 - lot of false positives",
"provider": "IPsum",
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/1.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": false,
"distribution": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"automatic-collection\"",
"colour": "#005b9d",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "IPsum (aggregation of all feeds) - level 2 - medium false positives",
"provider": "IPsum",
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/2.txt",
"rules": "",
"enabled": false,
"distribution": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004577",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "IPsum (aggregation of all feeds) - level 3 - low false positives",
"provider": "IPsum",
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/3.txt",
"rules": "",
"enabled": false,
"distribution": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004577",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "IPsum (aggregation of all feeds) - level 4 - very low false positives",
"provider": "IPsum",
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/4.txt",
"rules": "",
"enabled": false,
"distribution": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004577",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "IPsum (aggregation of all feeds) - level 5 - ultra false positives",
"provider": "IPsum",
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/5.txt",
"rules": "",
"enabled": false,
"distribution": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004577",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "IPsum (aggregation of all feeds) - level 6 - no false positives",
"provider": "IPsum",
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/6.txt",
"rules": "",
"enabled": false,
"distribution": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004577",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "IPsum (aggregation of all feeds) - level 7 - no false positives",
"provider": "IPsum",
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/7.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": false,
"distribution": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004577",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "IPsum (aggregation of all feeds) - level 8 - no false positives",
"provider": "IPsum",
"url": "https://raw.githubusercontent.com/stamparm/ipsum/master/levels/8.txt",
"rules": "",
"enabled": false,
"distribution": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004577",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "DigitalSide Threat-Intel OSINT Feed",
"provider": "osint.digitalside.it",
"url": "https://osint.digitalside.it/Threat-Intel/digitalside-misp-feed/",
"rules": "",
"enabled": false,
"distribution": "0",
"default": false,
"source_format": "misp",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
}
},
{
"Feed": {
"name": "Metasploit exploits with CVE assigned",
"provider": "eCrimeLabs",
"url": "https://feeds.ecrimelabs.net/data/metasploit-cve",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "0",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": true,
"publish": true,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004577",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "Malware Bazaar",
"provider": "abuse.ch",
"url": "https://bazaar.abuse.ch/export/txt/md5/recent/",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]},\"url_params\":\"\"}",
"enabled": false,
"distribution": "0",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\\/^#.*\\/i\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004577",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "PhishScore",
"provider": "PhishStats",
"url": "https://phishstats.info/phish_score.csv",
"rules": "",
"enabled": true,
"distribution": "0",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": true,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "Threatfox",
"provider": "abuse.ch",
"url": "https://threatfox.abuse.ch/downloads/misp/",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]},\"url_params\":\"\"}",
"enabled": true,
"distribution": "0",
"sharing_group_id": "0",
"tag_id": "0",
"default": false,
"source_format": "misp",
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true,
"headers": "",
"caching_enabled": false,
"force_to_ids": false,
"orgc_id": "0",
"cached_elements": 0,
"coverage_by_other_feeds": "0%"
}
},
{
"Feed": {
"name": "MalwareBazaar",
"provider": "abuse.ch",
"url": "https://bazaar.abuse.ch/downloads/misp/",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": false,
"distribution": "0",
"default": false,
"source_format": "misp",
"fixed_event": false,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
}
},
{
"Feed": {
"name": "URLhaus",
"provider": "abuse.ch",
"url": "https://urlhaus.abuse.ch/downloads/misp/",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": false,
"distribution": "0",
"default": false,
"source_format": "misp",
"fixed_event": false,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"},\"disable_correlation\":\"1\"}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
}
},
{
"Feed": {
"name": "URL Seen in honeypots",
"provider": "APNIC Community Honeynet Project",
"url": "https://feeds.honeynet.asia/url/latest-url-unique.csv",
"rules": "",
"enabled": false,
"distribution": "0",
"sharing_group_id": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true,
"caching_enabled": true,
"force_to_ids": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "SSH Bruteforce IPs",
"provider": "APNIC Community Honeynet Project",
"url": "https://feeds.honeynet.asia/bruteforce/latest-sshbruteforce-unique.csv",
"rules": "",
"enabled": false,
"distribution": "0",
"sharing_group_id": "0",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true,
"caching_enabled": true,
"force_to_ids": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "Telnet Bruteforce IPs",
"provider": "APNIC Community Honeynet Project",
"url": "https://feeds.honeynet.asia/bruteforce/latest-telnetbruteforce-unique.csv",
"rules": "",
"enabled": false,
"distribution": "0",
"sharing_group_id": "0",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true,
"caching_enabled": true,
"force_to_ids": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "threatfox indicators of compromise",
"provider": "abuse.ch",
"url": "https://threatfox.abuse.ch/export/csv/recent/",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": false,
"distribution": "0",
"sharing_group_id": "0",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true,
"caching_enabled": true,
"force_to_ids": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "James Brine Bruteforce IPs",
"provider": "jamesbrine.com.au",
"url": "https://jamesbrine.com.au/csv",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]},\"type_attributes\":{\"NOT\":[]},\"type_objects\":{\"NOT\":[]},\"url_params\":\"\"}",
"enabled": true,
"distribution": "3",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"publish": false,
"override_ids": false,
"settings": "{\"disable_correlation\":\"0\",\"csv\":{\"value\":\"1\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "List of malicious domains in Poland",
"provider": "CERT-PL",
"url": "https://hole.cert.pl/domains/domains.txt",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]},\"type_attributes\":{\"NOT\":[]},\"type_objects\":{\"NOT\":[]},\"url_params\":\"\"}",
"enabled": true,
"distribution": "0",
"sharing_group_id": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": true,
"publish": false,
"override_ids": false,
"settings": "{\"disable_correlation\":\"0\",\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": true,
"caching_enabled": true
}
},
{
"Feed": {
"name": "List of malicious hashes",
"provider": "Banco do Brasil S.A",
"url": "https://cti.bb.com.br:8443/hash-list.csv",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]},\"type_attributes\":{\"NOT\":[]},\"type_objects\":{\"NOT\":[]},\"url_params\":\"\"}",
"enabled": true,
"distribution": "0",
"default": false,
"source_format": "csv",
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
"override_ids": false,
"settings": "{\"disable_correlation\":\"0\",\"csv\":{\"value\":\"\",\"delimiter\":\"\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false,
"headers": "",
"caching_enabled": true,
"force_to_ids": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004577",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "Shreshta: Newly Registered domain names(NRD) - 1 week (Community policy feed)",
"provider": "shreshtait.com",
"url": "https://shreshtait.com/newly-registered-domains/nrd-1w",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": true,
"publish": true,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
},
{
"Feed": {
"name": "Shreshta: Newly Registered domain names (NRD) - 1 month (Community policy feed)",
"provider": "shreshtait.com",
"url": "https://shreshtait.com/newly-registered-domains/nrd-1m",
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
"enabled": true,
"distribution": "0",
"default": false,
"source_format": "freetext",
"fixed_event": true,
"delta_merge": true,
"publish": true,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false
},
"Tag": {
"name": "osint:source-type=\"block-or-filter-list\"",
"colour": "#004f89",
"exportable": true,
"hide_tag": false
}
}
]
Reference in New Issue View Git Blame Copy Permalink