Lists of VPN providers (automatically updated)
☆778Mar 18, 2026Updated this week
Alternatives and similar repositories for lists_vpn
Users that are interested in lists_vpn are comparing it to the libraries listed below
Sorting:
- List of Tor exit nodes built by CI☆15Updated this week
- ip addresses of VPNs☆79Updated this week
- Daily updated list of IP addresses / CIDR blocks used by data centers, cloud service providers, servers, etc.☆204Updated this week
- Passive TCP/IP Fingerprinting Tool. Run this on your server and find out what Operating Systems your clients are *really* using.☆410Mar 7, 2026Updated 2 weeks ago
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆23Dec 18, 2024Updated last year
- ipsets dynamically updated with firehol's update-ipsets.sh script☆3,777Mar 15, 2026Updated last week
- Aggregation of lists of malicious IP addresses, to be blocked in the WAN > LAN direction, integrated into firewalls: FortiGate, Palo Alto…☆225Updated this week
- Specific C2 Detection Tool Written To Detect C2 Servers From RisePro Stealer Malware.☆13Nov 10, 2023Updated 2 years ago
- A series of cloud focused KQL queries for threat hunting and DFIR☆11Oct 21, 2025Updated 5 months ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Daily feed of bad IPs (with blacklist hit scores)☆2,216Updated this week
- A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…☆762Aug 28, 2025Updated 6 months ago
- A little tool to filter the stranger strings from a binary so you can analyze the good ones☆54Sep 11, 2025Updated 6 months ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆24Oct 9, 2024Updated last year
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆58Jun 7, 2022Updated 3 years ago
- This repository contains instructions how to use the free IP Address API. The databases are: ASN database, Geolocation database, hosting …☆115Mar 2, 2026Updated 2 weeks ago
- ☆23Mar 17, 2024Updated 2 years ago
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- ☆34Nov 11, 2025Updated 4 months ago
- Extended Static Analysis Tool for Analyzing Android APK Files.☆15Jan 3, 2024Updated 2 years ago
- custom Python script to perform Yara matching in Cortex XDR☆14May 18, 2021Updated 4 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- The collateral repository for The KQL Mysteries series☆26Mar 8, 2024Updated 2 years ago
- IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.☆69Dec 27, 2023Updated 2 years ago
- Effectively protect your web application from malicious attacks. This lightweight and highly customizable WAF provides HTTP request filte…☆12Mar 15, 2026Updated last week
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆110Feb 6, 2026Updated last month
- Compiled/Aggregated GEO-IP (CIDR) lists using RIPE/GEONAMES/IPDENY☆17Oct 26, 2025Updated 4 months ago
- A Node.js script that automates the reporting of malicious IP addresses detected by Cloudflare WAF to AbuseIPDB ☁️🕵️☆33Updated this week
- Download IP block lists by ASN - network provider addresses, updated daily☆405Updated this week
- IP list of known scanners.☆32Jan 5, 2026Updated 2 months ago
- ☆14Sep 22, 2023Updated 2 years ago
- Basically pipes.sh but rewritten in Python☆13Nov 16, 2025Updated 4 months ago
- TweetFeed collects Indicators of Compromise (IOCs) shared by the infosec community at Twitter. Here you will find malicious URLs, domains…☆640Updated this week
- Awesome list of keywords and artifacts for Threat Hunting sessions☆648Aug 4, 2025Updated 7 months ago
- Elyzer is an email header analyzer, written in python, capable of detecting potential spoofing attempts.☆49Dec 18, 2024Updated last year
- JA4TScan is an active TCP server fingerprinting tool.☆106Aug 29, 2024Updated last year
- macOS forensic timeline generator using the analysis result DBs of mac_apt☆93Sep 7, 2023Updated 2 years ago
- Specific C2 Detection Tool Written To Detect C2 Servers From Rhadamanthys Stealer Malware.☆16Nov 10, 2023Updated 2 years ago
- Warning lists to inform users of MISP about potential false-positives or other information in indicators☆606Updated this week