Aggregation of lists of malicious IP addresses, to be blocked in the WAN > LAN direction, integrated into firewalls: FortiGate, Palo Alto, pfSense, IPtables

Finds related domains and IPv4 addresses to do threat intelligence after Indicator-Intelligence collects static files.

Associated-Threat-Analyzer detects malicious IPv4 addresses and domain names associated with your web application using local malicious domain and IPv4 lists.

Curated block list including IPs, FQDNs, Domains, JA3, etc. Tailored for utmost precision to minimize false positives in personal or non-commercial environments. Updated regularly. For assistance or to support our initiatives, please reach out or consider participating in our sponsorship program

Use the Prowl API to obtain IP Reputation, Techniques Tactics and Procedures, Indicators of Attacks and Indicators of Compromise related to a public IP.

A list of malicious IP addresses associated with botnets, cyberattacks, and the generation of artificial traffic on websites. Useful for network administrators and security companies to block threats and protect against DDoS attacks.

Triage an IP using powershell

Criminal IP is a comprehensive OSINT-based Cyber Threat Intelligence (CTI) search engine that can be used as an automated Attack Surface Management solution.

My personal research on different attack vectors, including DDoS attack types, payloads and a honeypot sensor to detect malicious actors.

Takes a list of IP addresses stored in a file, looks them up using abuseipdb.com, and writes the output to a CSV file.

HeimdallBlocklists is a project designed to merge and manage multiple community-maintained blocklists, making them easily usable across various firewall solutions.