作者构建了一个每月仅需75美元的威胁情报平台,并免费提供包含59K IOC的STIX 2.1兼容数据源。该平台整合了多种来源的数据,并持续更新。微软Sentinel和AT&T已开始使用该平台,并提前发现了一些威胁。作者希望了解该平台的实用性及不足之处。 2025-12-18 18:53:47 Author: www.reddit.com(查看原文) 阅读量:7 收藏
Built a threat intel platform that runs on $75/month infrastructure. Decided to give the STIX feed away for free instead of charging enterprise prices for it.
What's in it:
-
59K IOCs (IPs, domains, hashes, URLs)
-
ThreatFox, OTX, honeypot captures, and original discoveries
-
STIX 2.1 compliant (works with Sentinel, TAXII consumers, etc.)
-
Updated continuously
Feed URL: https://analytics.dugganusa.com/api/v1/stix-feed
Search API (if you want to query it): https://analytics.dugganusa.com/api/v1/search?q=cobalt+strike
We've been running this for a few months. Microsoft Sentinel and AT&T are already polling it. Found 244 things before CrowdStrike/Palo Alto had signatures for them (timestamped, documented).
Not trying to sell anything - genuinely curious if it's useful and what we're missing. Built it to scratch our own itch.
Tear it apart.
如有侵权请联系:admin#unsafe.sh