OSINT Feeds

Open Source Intelligence (OSINT) feeds can be incredibly valuable for security professionals, providing timely information about threats and vulnerabilities. Here are some notable free OSINT feeds and sources you can use:

  1. AlienVault Open Threat Exchange (OTX): This is one of the largest open threat intelligence communities where participants share threat data. It includes indicators of compromise (IoCs), tactics, techniques, and procedures (TTPs), and more.

  2. CIRCL (Computer Incident Response Center Luxembourg) Public MISP: CIRCL operates a MISP (Malware Information Sharing Platform) instance where they share indicators of compromise and threat intelligence freely with the community.

  3. Abuse.ch: Known for several high-quality threat intelligence feeds such as URLhaus, which lists URLs distributing malware, and Feodo Tracker, which focuses on tracking botnets such as Emotet and TrickBot.

  4. The Honeynet Project: Offers data from honeynet sensors deployed around the world, providing insights into emerging threats and attack methodologies.

  5. Google Safe Browsing: Google's service lets users check URLs against a constantly updated list of suspected phishing and malware websites.

  6. Emerging Threats by Proofpoint: Provides an open-source community version of their threat intelligence, which includes rules for IDS (Intrusion Detection Systems) like Snort and Suricata.

  7. Censys: Allows users to search and analyze the internet's attack surfaces to find vulnerable systems and applications. Censys offers a basic free plan with limited queries.

  8. Shodan: Known as the "search engine for hackers", Shodan can help identify vulnerable systems connected to the internet. The basic service is free, but detailed searches may require a paid plan.

  9. National Vulnerability Database (NVD): Maintained by NIST, this database provides CVE security vulnerabilities data syndicated in JSON and XML feeds.

  10. Anomali ThreatStream Community Edition: Offers a community version where you can access some threat intelligence feeds for free, albeit with limited functionality compared to their paid offerings.

Last updated