ThreatFox
ThreatFox is a platform from abuse.ch and Spamhaus dedicated to sharing indicators of compromise (IOCs) associated with malware, with the infosec community, AV vendors and cyber threat intelligence providers. Upload IOCs and explore the database for valuable intelligence. Use the APIs to seamlessly push and pull signals, and automate bulk queries.
With this intelligence, gain insights into malware behavior, to help identify, track, and mitigate against malware and botnet-related cyber threats.
ThreatFox data
Browse IOCs
Gain valuable insights, find the most recently added IOCs and identify current emerging threats
Spamhaus datasets enhanced by ThreatFox
Access Spamhaus’ datasets, enriched with malware samples from ThreatFox.
Data for threat hunting
Context-rich metadata relating to IP, domain and malware signals.
Perimeter protection
Border Gateway Protocol feeds to stop compromised devices communicating with active botnet C2 servers.
Network protection
A range of response policy zones (RPZs) protecting against malicious threats at DNS level.