├── Images ├── .DS_Store ├── Suricata_low_reputation_alerts.png └── ThreatHound_reputation.png ├── README.md ├── ReputationDB ├── 1st_Dual_Threat.data ├── BBcan177_DNS_Blacklist.data ├── BBcan177_Malicious_IPs.data ├── CoinBlockerLists.data ├── CoinBlockerLists_Additional_list.data ├── CoinBlockerLists_Browser_Mining.data ├── CoinBlockerLists_Mining_Server.data ├── CyberCure_ip_blocklist.data ├── CyberCure_url_blocklist.data ├── DShield_Suspicious_Domains.data ├── Darklist.data ├── Dictionary_SSH_Attacks.data ├── DigitalSide_Threat-Intel.data ├── Feodo_ip_blocklist.data ├── IPsum.data ├── LinuxTracker_Hancitor_IPs.data ├── Malc0de_DNS_Sinkhole.data ├── Monero_Miner.data ├── NoCoin.data ├── NoThink_SNMP_blacklists.data ├── NoThink_SSH_blacklists.data ├── OpenPhish.data ├── REScure_Domain_Blacklist.data ├── REScure_IP_Blacklist.data ├── RansomwareTracker_Domain_Blocklist.data ├── RansomwareTracker_IP_Blocklist.data ├── RansomwareTracker_URL_Blocklist.data ├── Rutgers_Blacklisted_IPs.data ├── Suspicious_DynamicDNS_Providers.data ├── Talos_IP_Blacklist.data ├── Tor_ALL_nodes.data ├── Tor_exit_nodes.data ├── URLHaus_Malware_URLs.data ├── VNC_RFB.data ├── VXvault_url_list.data ├── abuse.ch_URLhaus_List.data ├── abuse.ch_ssl_blacklist.data ├── alienvault_otx.data ├── appspot_malware_domain_lists.data ├── banarydefense_ip_banlist.data ├── blocklist_de.data ├── c2_domain_blocklist.data ├── c2_ip_blocklist.data ├── ci-badguys.data ├── cybercrime_tracker.data ├── dynamic_dns_providers.data ├── emerging-Block-IPs.data ├── emergingthreats_compromised_ips.data ├── fastintercept_threatlist.data ├── firefol_blocklist.data ├── greensnow_blocklist.data ├── hosts-file_emd.data ├── hosts-file_malwarebytes.data ├── hpHosts.data ├── ip_spam_list.data ├── joewein_Domains_Blacklist.data ├── known_malicious_DGAs.data ├── malsilo_iplist.data ├── malsilo_url_list.data ├── malwaredomainlist_iplist.data ├── malwaredomains_Malware_Domains.data ├── pop3gropers.data ├── ransomware_tracker.data ├── securitygive_iplist.data ├── sipinvitation.data ├── sipquery.data ├── sipregistration.data ├── snort_ip_filter.data └── sshpwauth.data ├── ThreatHound.py └── misp_feeds_index.json /Images/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/Images/.DS_Store -------------------------------------------------------------------------------- /Images/Suricata_low_reputation_alerts.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/Images/Suricata_low_reputation_alerts.png -------------------------------------------------------------------------------- /Images/ThreatHound_reputation.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/Images/ThreatHound_reputation.png -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/README.md -------------------------------------------------------------------------------- /ReputationDB/1st_Dual_Threat.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/1st_Dual_Threat.data -------------------------------------------------------------------------------- /ReputationDB/BBcan177_DNS_Blacklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/BBcan177_DNS_Blacklist.data -------------------------------------------------------------------------------- /ReputationDB/BBcan177_Malicious_IPs.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/BBcan177_Malicious_IPs.data -------------------------------------------------------------------------------- /ReputationDB/CoinBlockerLists.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/CoinBlockerLists.data -------------------------------------------------------------------------------- /ReputationDB/CoinBlockerLists_Additional_list.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/CoinBlockerLists_Additional_list.data -------------------------------------------------------------------------------- /ReputationDB/CoinBlockerLists_Browser_Mining.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/CoinBlockerLists_Browser_Mining.data -------------------------------------------------------------------------------- /ReputationDB/CoinBlockerLists_Mining_Server.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/CoinBlockerLists_Mining_Server.data -------------------------------------------------------------------------------- /ReputationDB/CyberCure_ip_blocklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/CyberCure_ip_blocklist.data -------------------------------------------------------------------------------- /ReputationDB/CyberCure_url_blocklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/CyberCure_url_blocklist.data -------------------------------------------------------------------------------- /ReputationDB/DShield_Suspicious_Domains.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/DShield_Suspicious_Domains.data -------------------------------------------------------------------------------- /ReputationDB/Darklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/Darklist.data -------------------------------------------------------------------------------- /ReputationDB/Dictionary_SSH_Attacks.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/Dictionary_SSH_Attacks.data -------------------------------------------------------------------------------- /ReputationDB/DigitalSide_Threat-Intel.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/DigitalSide_Threat-Intel.data -------------------------------------------------------------------------------- /ReputationDB/Feodo_ip_blocklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/Feodo_ip_blocklist.data -------------------------------------------------------------------------------- /ReputationDB/IPsum.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/IPsum.data -------------------------------------------------------------------------------- /ReputationDB/LinuxTracker_Hancitor_IPs.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/LinuxTracker_Hancitor_IPs.data -------------------------------------------------------------------------------- /ReputationDB/Malc0de_DNS_Sinkhole.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/Malc0de_DNS_Sinkhole.data -------------------------------------------------------------------------------- /ReputationDB/Monero_Miner.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/Monero_Miner.data -------------------------------------------------------------------------------- /ReputationDB/NoCoin.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/NoCoin.data -------------------------------------------------------------------------------- /ReputationDB/NoThink_SNMP_blacklists.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/NoThink_SNMP_blacklists.data -------------------------------------------------------------------------------- /ReputationDB/NoThink_SSH_blacklists.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/NoThink_SSH_blacklists.data -------------------------------------------------------------------------------- /ReputationDB/OpenPhish.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/OpenPhish.data -------------------------------------------------------------------------------- /ReputationDB/REScure_Domain_Blacklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/REScure_Domain_Blacklist.data -------------------------------------------------------------------------------- /ReputationDB/REScure_IP_Blacklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/REScure_IP_Blacklist.data -------------------------------------------------------------------------------- /ReputationDB/RansomwareTracker_Domain_Blocklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/RansomwareTracker_Domain_Blocklist.data -------------------------------------------------------------------------------- /ReputationDB/RansomwareTracker_IP_Blocklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/RansomwareTracker_IP_Blocklist.data -------------------------------------------------------------------------------- /ReputationDB/RansomwareTracker_URL_Blocklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/RansomwareTracker_URL_Blocklist.data -------------------------------------------------------------------------------- /ReputationDB/Rutgers_Blacklisted_IPs.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/Rutgers_Blacklisted_IPs.data -------------------------------------------------------------------------------- /ReputationDB/Suspicious_DynamicDNS_Providers.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/Suspicious_DynamicDNS_Providers.data -------------------------------------------------------------------------------- /ReputationDB/Talos_IP_Blacklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/Talos_IP_Blacklist.data -------------------------------------------------------------------------------- /ReputationDB/Tor_ALL_nodes.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/Tor_ALL_nodes.data -------------------------------------------------------------------------------- /ReputationDB/Tor_exit_nodes.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/Tor_exit_nodes.data -------------------------------------------------------------------------------- /ReputationDB/URLHaus_Malware_URLs.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/URLHaus_Malware_URLs.data -------------------------------------------------------------------------------- /ReputationDB/VNC_RFB.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/VNC_RFB.data -------------------------------------------------------------------------------- /ReputationDB/VXvault_url_list.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/VXvault_url_list.data -------------------------------------------------------------------------------- /ReputationDB/abuse.ch_URLhaus_List.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/abuse.ch_URLhaus_List.data -------------------------------------------------------------------------------- /ReputationDB/abuse.ch_ssl_blacklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/abuse.ch_ssl_blacklist.data -------------------------------------------------------------------------------- /ReputationDB/alienvault_otx.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/alienvault_otx.data -------------------------------------------------------------------------------- /ReputationDB/appspot_malware_domain_lists.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/appspot_malware_domain_lists.data -------------------------------------------------------------------------------- /ReputationDB/banarydefense_ip_banlist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/banarydefense_ip_banlist.data -------------------------------------------------------------------------------- /ReputationDB/blocklist_de.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/blocklist_de.data -------------------------------------------------------------------------------- /ReputationDB/c2_domain_blocklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/c2_domain_blocklist.data -------------------------------------------------------------------------------- /ReputationDB/c2_ip_blocklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/c2_ip_blocklist.data -------------------------------------------------------------------------------- /ReputationDB/ci-badguys.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/ci-badguys.data -------------------------------------------------------------------------------- /ReputationDB/cybercrime_tracker.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/cybercrime_tracker.data -------------------------------------------------------------------------------- /ReputationDB/dynamic_dns_providers.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/dynamic_dns_providers.data -------------------------------------------------------------------------------- /ReputationDB/emerging-Block-IPs.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/emerging-Block-IPs.data -------------------------------------------------------------------------------- /ReputationDB/emergingthreats_compromised_ips.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/emergingthreats_compromised_ips.data -------------------------------------------------------------------------------- /ReputationDB/fastintercept_threatlist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/fastintercept_threatlist.data -------------------------------------------------------------------------------- /ReputationDB/firefol_blocklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/firefol_blocklist.data -------------------------------------------------------------------------------- /ReputationDB/greensnow_blocklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/greensnow_blocklist.data -------------------------------------------------------------------------------- /ReputationDB/hosts-file_emd.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/hosts-file_emd.data -------------------------------------------------------------------------------- /ReputationDB/hosts-file_malwarebytes.data: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /ReputationDB/hpHosts.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/hpHosts.data -------------------------------------------------------------------------------- /ReputationDB/ip_spam_list.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/ip_spam_list.data -------------------------------------------------------------------------------- /ReputationDB/joewein_Domains_Blacklist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/joewein_Domains_Blacklist.data -------------------------------------------------------------------------------- /ReputationDB/known_malicious_DGAs.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/known_malicious_DGAs.data -------------------------------------------------------------------------------- /ReputationDB/malsilo_iplist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/malsilo_iplist.data -------------------------------------------------------------------------------- /ReputationDB/malsilo_url_list.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/malsilo_url_list.data -------------------------------------------------------------------------------- /ReputationDB/malwaredomainlist_iplist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/malwaredomainlist_iplist.data -------------------------------------------------------------------------------- /ReputationDB/malwaredomains_Malware_Domains.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/malwaredomains_Malware_Domains.data -------------------------------------------------------------------------------- /ReputationDB/pop3gropers.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/pop3gropers.data -------------------------------------------------------------------------------- /ReputationDB/ransomware_tracker.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/ransomware_tracker.data -------------------------------------------------------------------------------- /ReputationDB/securitygive_iplist.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/securitygive_iplist.data -------------------------------------------------------------------------------- /ReputationDB/sipinvitation.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/sipinvitation.data -------------------------------------------------------------------------------- /ReputationDB/sipquery.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/sipquery.data -------------------------------------------------------------------------------- /ReputationDB/sipregistration.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/sipregistration.data -------------------------------------------------------------------------------- /ReputationDB/snort_ip_filter.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/snort_ip_filter.data -------------------------------------------------------------------------------- /ReputationDB/sshpwauth.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ReputationDB/sshpwauth.data -------------------------------------------------------------------------------- /ThreatHound.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/ThreatHound.py -------------------------------------------------------------------------------- /misp_feeds_index.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n4ll3ec/ThreatHound/HEAD/misp_feeds_index.json --------------------------------------------------------------------------------