 |
VOOZH | about |
Aggregation of lists of malicious IP addresses, to be blocked in the WAN > LAN direction, integrated into firewalls: FortiGate, Palo Alto, pfSense, IPtables
An advanced, ultra-lightweight firewall orchestrator for Linux. SysWarden integrates Data-Shield IPv4 blocklists, Geo-Blocking, Spamhaus ASN, Fail2ban, and a WireGuard VPN to proactively block 98.2% of malicious traffic. Secure your servers and Docker containers with a near-zero memory footprint.
Finds related domains and IPv4 addresses to do threat intelligence after Indicator-Intelligence collects static files.
Associated-Threat-Analyzer detects malicious IPv4 addresses and domain names associated with your web application using local malicious domain and IPv4 lists.
A list of malicious IP addresses associated with botnets, cyberattacks, and the generation of artificial traffic on websites. Useful for network administrators and security companies to block threats and protect against DDoS attacks.
An automated mirror of malicious IP addresses from packetsdatabase.com, providing continuously updated blocklists and security feeds in multiple formats.
Criminal IP is a comprehensive OSINT-based Cyber Threat Intelligence (CTI) search engine that can be used as an automated Attack Surface Management solution.
Curated block list including IPs, FQDNs, Domains, JA3, etc. Tailored for utmost precision to minimize false positives in personal or non-commercial environments. Updated regularly. For assistance or to support our initiatives, please reach out or consider participating in our sponsorship program
HeimdallBlocklists is a project designed to merge and manage multiple community-maintained blocklists, making them easily usable across various firewall solutions.
Use the Prowl API to obtain IP Reputation, Techniques Tactics and Procedures, Indicators of Attacks and Indicators of Compromise related to a public IP.
Triage an IP using powershell
Self-hosted Geolocation and Malicious IP Detection API
IP blacklist aggregator
Automated IP blocklist aggregation with geolocation-based country filtering, Docker ready, and twice daily runs via GitHub Actions
SniffCat integration enabling automatic reporting of malicious activity detected by T-Pot honeypots by monitoring logs, analyzing attack attempts, and submitting reports automatically.
Takes a list of IP addresses stored in a file, looks them up using abuseipdb.com, and writes the output to a CSV file.
Offline-first, budget-aware log+CTI pipeline with optional LLM enrichment; grouping/sampling gates, strong CTI cache, reproducible reports, Streamlit UI.
A Node.js script that automates the reporting of malicious IP addresses detected by Cloudflare WAF to SniffCatDB ☁️🕵️
My personal research on different attack vectors, including DDoS attack types, payloads and a honeypot sensor to detect malicious actors.
🛡️ Comprehensive IP blacklist from trusted security sources - Updated regularly | Free to use Malware, Botnet, Spam & Attack Prevention for security, firewall, or research purposes.
Add a description, image, and links to the malicious-ips topic page so that developers can more easily learn about it.
To associate your repository with the malicious-ips topic, visit your repo's landing page and select "manage topics."