New Tool for IOC Processing


I ran across a new IOC harvesting and processing tool on Github. It was posted a couple of weeks ago by an author named Silas Cutler and is licensed as GNU General Public License v3.0

It was recently featured on

Since it is relatively new I haven’t had time to run it in my lab yet, but based on the description it boasts an impressive collection engine. It can pull from these feeds (likely via API):
VirusTotal (
MalShare (
BambenekFeeds (
FeodoBlockList (
Malc0deIPList (
NoThinkIPFeeds (
OpenPhishURLs (
TorNodes (

If you are looking to feed your SIEM, this might be a cost-effective IOC processing solution.