ThreatFox
ThreatFox is a platform from abuse.ch and Spamhaus dedicated to sharing indicators of compromise (IOCs) associated with malware, with the infosec community, AV vendors and cyber threat intelligence providers. Upload IOCs and explore the database for valuable intelligence. Use the APIs to seamlessly push and pull signals, and automate bulk queries.
With this intelligence, gain insights into malware behavior, to help identify, track, and mitigate against malware and botnet-related cyber threats.
ThreatFox data
Browse IOCs
Gain valuable insights, find the most recently added IOCs and identify current emerging threats
Spamhaus datasets enhanced by ThreatFox
Access Spamhaus’ datasets, enriched with malware samples from ThreatFox.
Perimeter protection
Border Gateway Protocol feeds to stop compromised devices communicating with active botnet C2 servers.
Network protection
A range of response policy zones (RPZs) protecting against malicious threats at DNS level.
Email protection
Real time DNS blocklists (DNSBLs) that integrate into existing email infrastructure, to protect against email-borne threats.