About OSINT feeds

This section describes OSINT feeds supported by Kaspersky CyberTrace.

OSINT feeds are publicly available threat intelligence data sources provided by organizations and individuals.

OSINT feeds supported by Kaspersky CyberTrace

Kaspersky CyberTrace supports OSINT feeds from the following sources:

The following table lists supported OSINT feeds:

OSINT feeds

Identifier

Description

Link

Abuse.ch_Feodo_BlockIP

Feodo IP Blocklist

https://feodotracker.abuse.ch/downloads/ipblocklist.txt

Abuse.ch_SSL_Certificate_BlockIP

Botnet C2 IP Denylist

https://sslbl.abuse.ch/

Abuse.ch_SSL_Certificate_BlockHash

SSL Certificate Denylist

https://sslbl.abuse.ch/

Blocklist.de_BlockIP

Blocklist.de IP Blocklist

https://lists.blocklist.de/lists/all.txt

CyberCrime_Tracker_BlockUrl

Cyber Crime Tracker URL Blocklist

http://cybercrime-tracker.net/all.php

EmergingThreats_BlockIP

Raw IPs for the firewall block lists

https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt

EmergingThreats_CompromisedIP

Compromised IP addresses

https://rules.emergingthreats.net/blockrules/compromised-ips.txt

The OSINT feeds in the table above are maintained by third parties only. Some URLs in the table may, for various reasons, become obsolete over time.

Page top