Category Lists add ThreatFox IOCs

ntop / ntopng

Web-based Traffic and Security Network Traffic Monitoring

http://www.ntop.org

GNU General Public License v3.0

6.23k stars 654 forks source link

Category Lists add ThreatFox IOCs #6341

Closed martinscheu closed 2 years ago

martinscheu commented 2 years ago

What would you like to add or change?: Hello ntop Team If you please could add the abuse.ch ThreatFox IOCs. API https://threatfox.abuse.ch/api/

Why do you and others need this?: ThreatFox shares indicators of compromise (IOCs) associated with malware, which brings further malware detection. IOCs can be IP addresses, file names, download paths. E.g. hXXp://95.216.181.231/softokn3.dll hXXp://molinolatebaida[.]com/basic-jquery-slider-8ffe118/js/lib/five/fre.php

Thank you

MatteoBiscosi commented 2 years ago

Hi @martinscheu like requested I added the ThreatFox IOCs, already enabled by default Screenshot from 2022-05-20 17-54-33

lucaderi commented 2 years ago

Closing for inactivity. We assume the problem was solved.