Add Criminal IP domain reputation source
Implements the Criminal IP API (api.criminalip.io/v1/domain/report) as a new blacklist source. Returns crit for High/Critical inbound or outbound risk scores, warn for Moderate; Safe and Low scores are not flagged.
This commit is contained in:
parent
c8bcac5a72
commit
a5559ad98f
2 changed files with 195 additions and 0 deletions
|
|
@ -23,6 +23,7 @@ widely-used reputation systems.
|
|||
| VirusTotal v3 | HTTPS lookup | yes (admin) | admin |
|
||||
| AlienVault OTX | HTTPS lookup | free (admin) | admin |
|
||||
| Pulsedive | HTTPS lookup | free (admin) | admin |
|
||||
| Criminal IP | HTTPS lookup | yes (admin) | admin |
|
||||
|
||||
### Obtaining API keys
|
||||
|
||||
|
|
@ -54,6 +55,11 @@ widely-used reputation systems.
|
|||
2. Go to your profile and copy the API key shown under *API*.
|
||||
3. Free tier available; higher quotas with a paid plan.
|
||||
|
||||
**Criminal IP** (option: `criminal_ip_api_key`)
|
||||
1. Register a free account at [criminalip.io](https://www.criminalip.io/).
|
||||
2. Go to *My Information → API Key* to find your key.
|
||||
3. Free tier: 100 requests/day. Paid plans unlock higher quotas.
|
||||
|
||||
DNS-based blocklists are queried in parallel. The OpenPhish feed is
|
||||
downloaded once per hour by the provider and cached in memory.
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue