Betreiber | Lizenz | Format | Download | Anmerkungen | |
fabriziosalmi - https://get.domainsblacklists.com/ | GPL | Domains | https://get.domainsblacklists.com/blacklist.txt | Aggregiert diverse verfügbare Blacklists Achunt | |
https://cert.pl/ | unbekannt | Diverse Formate | e.g. Domains https://hole.cert.pl/domains/domains.txt | - | |
https://oisd.nl/ | unbekannt | Diverse Formate | e.g. https://big.oisd.nl/domainswild2 | Aggregiert diverse Listen | |
https://github.com/RPiList/specials/blob/master/Blocklisten.md | unbekannt | Domains | e.g. Domains: https://raw.githubusercontent.com/RPiList/specials/master/Blocklisten/malware | Diverse Listen und Kategorien | |
https://kadantiscam.netlify.app/ | Creative Commons | Hosts File | https://raw.githubusercontent.com/PolishFiltersTeam/KADhosts/master/KADhosts.txt | - | |
https://www.abuseipdb.com/contact | https://www.abuseipdb.com/pricing | API | curl -s -G https://api.abuseipdb.com/api/v2/blacklist -d confidenceMinimum=95 -d plaintext -H "Key: API_KEY" -H "Accept: text/plain" > /tmp/abuseipdb-ips.acl
| - | |
https://www.proofpoint.com/us | Privat frei | IPs | http://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt | Mischung aus verschiedenen/freien Anbietern | |
https://pannoniait.at | Frei für alle | CSV | https://island.pannoniait.at/etufxbaedf12/intel-daily-requests-suspicious.csv , https://island.pannoniait.at/etufxbaedf12/intel-weekly-requests-suspicious.csv | Infos aus threat_intel inklusive Port und Anzahl der Hits der IPs | |
https://pannoniait.at | Frei für alle | IPs | https://island.pannoniait.at/etufxbaedf12/intel-daily-requests-suspicious.acl , https://island.pannoniait.at/etufxbaedf12/intel-weekly-requests-suspicious.acl | Infos aus threat_intel | |
https://pannoniait.at | Frei für alle | IPs | https://island.pannoniait.at/etufxbaedf12/pannoniait-daily-brute-forcer.acl , https://island.pannoniait.at/etufxbaedf12/pannoniait-weekly-brute-forcer.acl | SSH Brute Force Attackers daily/weekly | |
https://www.threatstop.com | kommerziell/community frei für privat | Applikation/ipset/DNS | Debian Repository | https://admin.threatstop.com/register/community | |
https://honeydb.io/ | frei für privat (?) | IP | curl -s --header "X-HoneyDb-ApiId: ID" --header "X-HoneyDb-ApiKey: KEY" https://honeydb.io/api/bad-hosts -o /tmp/honeydb_badhosts && cat /tmp/honeydb_badhosts | jq --raw-output '.[].remote_host' > /tmp/honeydb_clean
| Auth zB: über gmail Account möglich | |
https://rescure.me | frei für privat (?) | Domains | ( wget --quiet --timeout=15 --tries=2 https://rescure.me/rescure_domain_blacklist.txt -O /tmp/rescure.me.acl && grep -v -P "^[[:blank:]]+(#|[[:space:]]*)" /tmp/rescure.me.acl > /tmp/clean_rescure.me.acl ) || echo "Cannot update rescure.me blacklist"
| Achtung hatten u.a. www.youtube.com blacklisted | |
https://firebog.net/ | - | Diverse | - | Listet diverse Blacklists | |
https://winhelp2002.mvps.org/ | creativecommons | Hosts Format | https://winhelp2002.mvps.org/hosts.txt | There's no place like 127.0.0.1 :) | |
https://phishing.army/ | creativecommons | Domains | https://phishing.army/download/phishing_army_blocklist.txt | - | |
https://wiki.aa419.org/index.php/Main_Page | unbekannt | API/verschiedene Möglichkeiten | Account erstellen & API bedienen PHP Code e.g. php /usr/local/sbin/artists_against_419/artists_search.php 500 | artists_search.php.zip | |
http://www.spamhaus.org | privat und kommerziell möglich | IP CIDR | wget --quiet --timeout=5 --tries=2 http://www.spamhaus.org/drop/drop.txt -O - | grep -P -o "^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}" > /tmp/spamhaus-droplist
| - | |
https://isc.sans.edu | creativecommons | IP CIDR /24 | wget --quiet --timeout=5 --tries=2 https://isc.sans.edu/block.txt -O - | grep -P -o "^([0-9]{1,3}\.){3}[0-9]{1,3}" | awk '{ print $1"/24" }' > /tmp/dshield-recommended-ips
| - | |
https://www.openphish.com | unbekannt | URLs | wget --quiet --timeout=5 --tries=2 https://www.openphish.com/feed.txt -O /tmp/openfish-feed
| - | |
https://urlhaus.abuse.ch/ | unbekannt | URLs | wget --quiet --timeout=5 --tries=2 https://urlhaus.abuse.ch/downloads/text/ -O /tmp/abuse.ch-urls-malicious
| - | |
https://urlhaus.abuse.ch/ | unbekannt | Domains | wget --quiet --timeout=5 --tries=2 https://urlhaus.abuse.ch/downloads/hostfile/ -O /tmp/abuse.ch-domains-malicious
| pihole kompatibel | |
https://abuse.ch | unbekannt | Domains/Hosts | wget -q --timeout=15 https://threatfox.abuse.ch/downloads/hostfile/ -O /tmp/threatfox.acl && grep -v '^#' /tmp/threatfox.acl | awk '{print $2}' | sort | uniq > /usr/local/etc/blacklists/threatfox.acl
| pihole kompatibel | |
https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist | MIT License | Hostname/Domain | wget --quiet --timeout=5 --tries=2 https://hosts.ubuntu101.co.za/domains.list -O /tmp/mitchellkrogza-domain.acl
| Achtung >16Mbyte groß/verschiedenste Kategorien zusammen gewürfelt | |
https://www.malwarepatrol.net/ | kommerziell | Diverse | - | - | |
https://otx.alienvault.com/api | frei für privat | API | - | | |
https://bambenekconsulting.com/ | kommerziell/researcher | CSV | - | - | |
mailsilo.gitlab.io | unbekannt | urls | wget --quiet --timeout=15 --tries=2 https://malsilo.gitlab.io/feeds/dumps/url_list.txt -O /tmp/malsilo_urls.acl && cat /tmp/malsilo_urls.acl | cut -d"," -f 3 | grep -o -P "(https://|http://).*/" | cut -d/ -f 3 | sort | uniq | grep -v -P "([0-9]{1,3}\.){3}[0-9]{1,3}" | cut -d ":" -f 1 > //tmp/malsilo_urls-clean.acl
| noch aktiv ? | |
https://www.joewein.net | frei für privat | domains/hostnames | wget --quiet --timeout=15 --tries=2 https://www.joewein.net/dl/bl/dom-bl.txt -O /tmp/joewein-bl.acl && cat /tmp/joewein-bl.acl | cut -d";" -f 1 > /tmp/joewein-bl-clean.acl
| noch aktiv ? | |
http://netlab.360.com/ | kommerziell | domains | wget --quiet "https://data.netlab.360.com/feeds/dga/dga.txt" -O /tmp/netlab360-dga.acl && grep ^[^#] /tmp/netlab360-dga.acl | awk '{ print $2 }' > /tmp/netlab360-dga-clean.acl
| Umgestellt auf paid | |
https://www.misp-project.org/feeds/ | unbekannt | diverse | - | EU gefördert diverse Feeds | |
https://www.circl.lu/ | unbekannt | misp | https://www.circl.lu/doc/misp/feed-osint/
| - | |
https://www.reddit.com/r/pfBlockerNG/ | unbekannt | Domain | ( wget --quiet --timeout=30 --tries=2 https://gist.githubusercontent.com/BBcan177/4a8bf37c131be4803cb2/raw -O /tmp/bbcan177-ms2-pfblockerng.acl && grep ^[^#] /tmp/bbcan177-ms2-pfblockerng.acl | awk '{ print $1 }' ) || echo "Could not update bbcan177-ms2-pfblockerng.acl List"
| - | |
https://zerodot1.gitlab.io/CoinBlockerListsWeb/ | AGPL | Domain/Hostnames | ( wget --quiet --timeout=30 --tries=2 https://zerodot1.gitlab.io/CoinBlockerLists/list.txt -O /tmp/zerodot1-coinblocker.acl && cat /tmp/zerodot1-coinblocker.acl ) || echo "Could not update zerodot1-coinblocker.acl List"
| Missbrauch durch unerlaubtes CryptoMining | |
https://www.pulsedive.com/ | frei für privat ? | API | - | - | |
https://project.turris.cz/en/ | unbekannt | CSV | https://project.turris.cz/greylist-data/greylist-latest.csv | Achtung Betreiber argumentiert nicht als Blacklist zu verwenden / zu Analysezwecken |
https://github.com/blocklistproject/Lists | frei verfügbar | Domains/Hostnamen | wget -q --timeout=15 --tries=2 -O /tmp/blocklistproject.github.io.acl https://blocklistproject.github.io/Lists/ransomware.txt https://blocklistproject.github.io/Lists/scam.txt https://blocklistproject.github.io/Lists/phishing.txt https://blocklistproject.github.io/Lists/malware.txt && grep -v ^# /tmp/blocklistproject.github.io.acl | uniq | sort | sed '/^$/d' | awk '{ print $2 }' > /tmp/blocklistproject.github.io.acl )
| Pihole kompatibles Basisformat | |