Collect public information from pages that report internet attacks or bad IPs
The data retrieve from the pages are shown in the following format:
IP: Attacker ip SourceInfo: Page’s url where the data comes from Type: Attack type Country: Attacker's country Domain: Attacker's domain URL: Attacker's url WhoIsInfo: Whois info from Attacker ip
The sources are the URL where the information is collected and standardize it with the structure of the data format.
- http://autoshun.org/files/shunlist.csv
- https://www.badips.com/
- http://lists.blocklist.de/
- http://cybercrime-tracker.net
- http://www.dshield.org/
- https://feodotracker.abuse.ch/
- http://dragonresearchgroup.org/
- http://hosts-file.net/
- http://malc0de.com/
- http://www.malwaredomainlist.com/
- http://mirror1.malwaredomains.com/
- https://lists.malwarepatrol.net/
- http://www.nothink.org/
- http://www.malwareblacklist.com/
- http://www.openbl.org/
- https://palevotracker.abuse.ch/
- http://data.phishtank.com/
- https://reputation.alienvault.com/
- http://rules.emergingthreats.net/
- http://vxvault.net/
- http://map.norsecorp.com/
- https://torstatus.blutmagie.de/