Threat Intel Feeds
Free OSINT and threat intelligence feeds for blue teamers and security practitioners.
๐ OSINT & Reconnaissance
Shodan
Search engine for internet-connected devices. Identify exposed services, open ports, and vulnerable systems across the internet.
Free TierGreyNoise
Identifies IPs that are scanning the internet. Helps distinguish targeted attacks from background noise.
Free TierCensys
Internet-wide scanning and attack surface management. Search for hosts, certificates, and exposed infrastructure.
Free TierAlienVault OTX
Open threat exchange with millions of IOCs contributed by the security community. Pulses cover malware, phishing, and more.
FreeVirusTotal
Analyze suspicious files, URLs, IPs, and domains. Aggregates results from 70+ antivirus engines and threat intel tools.
Free Tierurlscan.io
Scan and analyze websites. Shows DOM, network requests, and threat indicators for any URL.
Free๐ฆ Malware & IOCs
abuse.ch
Collection of free threat intel projects including MalwareBazaar, ThreatFox, URLhaus, and Feodo Tracker.
FreeMalwareBazaar
Share and download malware samples. Searchable database of malware hashes, tags, and signatures.
FreeThreatFox
IOC sharing platform with indicators for malware families. Exportable in multiple formats for SIEM ingestion.
FreeURLhaus
Tracks URLs used for malware distribution. Real-time feed of active malware hosting sites.
FreeHybrid Analysis
Free malware analysis service with behavioral reports. Submit files and URLs for dynamic sandbox analysis.
FreeANY.RUN
Interactive malware sandbox. Watch malware execute in real time and extract IOCs from behavioral analysis.
Free Tier๐ Vulnerability & CVE Feeds
CISA KEV
CISA's Known Exploited Vulnerabilities catalog. Authoritative source for vulnerabilities actively exploited in the wild.
FreeNVD โ NIST
National Vulnerability Database. Comprehensive CVE details including CVSS scores, affected products, and remediation guidance.
FreeEPSS โ FIRST
Exploit Prediction Scoring System. Probability-based scoring for likelihood of CVE exploitation in the next 30 days.
FreeMicrosoft MSRC
Microsoft Security Response Center update guide. Monthly Patch Tuesday advisories and security bulletins.
FreeEmerging Threats
Open source IDS/IPS rules for Snort and Suricata. Community-driven ruleset updated daily with new threat signatures.
FreeExploit-DB
Archive of public exploits and vulnerable software. Maintained by Offensive Security, searchable by CVE or platform.
Free๐ซ IP Reputation & Blocklists
AbuseIPDB
Community-driven IP abuse reporting database. Check and report IPs involved in hacking, spam, and malicious activity.
Free TierFeodo Tracker
Tracks botnet C2 servers for Emotet, Dridex, and TrickBot. Blocklist available for firewall and IDS integration.
FreeFireHOL IP Lists
Aggregates hundreds of IP blocklists into unified feeds. Categorized by threat type and update frequency.
FreeSpamhaus
Industry standard blocklists for spam, malware, and botnet IPs. DROP and EDROP lists widely used in enterprise firewalls.
Free TierCINS Score
Collective Intelligence Network Security threat list. Automatically generated from honeypot and sensor data.
FreeTor Exit Nodes
Live list of Tor exit node IP addresses. Useful for detecting anonymous traffic in your environment.
Free๐ก Live Threat Intel โ Powered by CyberGrind API
Loading feed...