Intel Stack

Find [ Evil ] in the noise

A 100% free intelligence marketplace from Intel Stack 
Optimized and ready for the Zeek (formerly Bro) Intelligence Framework

Threat Intelligence for Network Security Monitoring
Free threat intelligence aggregated, parsed and delivered by Intel Stack for the Zeek network security monitoring platform.
The Free Intel Market

Pick from an abundance of intel sources, feeds and blacklists. With feed summaries and reviews we empower you to select which feeds to trust. We are aggressively growing the market place and we plan to add new feeds on a regular basis. Have intel to share? If would like your intel added to the feed listing please contact us using this form.

Get Started - It's Free

Feature Overview
See what we have to offer
All The Basics

The Intel Stack intel market place has free feeds and is built to make deployments a snap. Designed for simplicity, we deduplicate and normalize all of the various sources. You are just a few clicks away from having the critical intelligence you need to protect your network.

Secure & Confidential

IntelStack supports two-factor auth via github and the google oauth apis. We put you in full control- you decide what intel where. We support numerous deployment options and all communications are encrypted and secure.

Command Line Control

With the Intel Stack client you have full control over the intel deployment process. The UI is designed to make it easy to start, our cli is there for power users. The entire deployment process is designed around your needs- light weight, fast, and powerful. Intuitive & easy to use.

Intel Mixology

Start by mixing and match the sources you trust - then we deliver fast and frequent updates. With collections you can create sets of intel for different types of sensors; ingress/egress, internal, partner/vpn- you decide. We give you the power to decide what indicators are important and optimize their delivery .

Free Feeds

A lot of intel providers resell free and public domain intel with little or no improvements. Starting with an easy to use client and gorgeous UI, we wanted to release a service we would use ourselves. We wanted to help leverage resources provided to the community for free by making them more accessible.

Peer Reviewed

Rate and comment on each intel feeds; subscribers can verify that feeds fit their needs. Intel provides get real time, real world feedback on the effectiveness of the intel and catch false positives as quickly as possible. Be sure to share you thoughts and opinions on feeds you us so other can benefit from it.

Deploying Your Feeds
Powerful, Fast & Simple.
Terminal

nsm@intel-stack: sudo intel-stack-intel api 12345-6789-101112

nsm@intel-stack: sudo intel-stack-intel fetch run

2019/06/24 11:35:39 Fetching feed subscriptions.

2019/06/24 11:35:39 * intel-stack-intel-1-Matsnu-Botnet.bro.dat

2019/06/24 11:35:40 * intel-stack-intel-2-C-Cs-IPs-Domains.bro.dat

2019/06/24 11:35:40 * intel-stack-intel-3-Cryptolocker.bro.dat

2019/06/24 11:35:40 * intel-stack-intel-4-Post-Tovar-GameOver-Zeus.bro.dat

2019/06/24 11:35:40 * intel-stack-intel-5-Tinybanker---Tinba.bro.dat

2019/06/24 11:35:40 * intel-stack-intel-6-PushDo-Malware.bro.dat

2019/06/24 11:35:40 * intel-stack-intel-7-Known-Tor-Exit-Nodes.bro.dat

2019/06/24 11:35:40 * intel-stack-intel-8-Cyber-Crime-Tracker.bro.dat

2019/06/24 11:35:40 * intel-stack-intel-9-Zeus-Tracker--Configs.bro.dat

2019/06/24 11:35:41 * intel-stack-intel-17-SpyEye--Domain-Block-List.bro.dat

2019/06/24 11:35:42 * intel-stack-intel-18-PhishTank-Intel-Feed-(Verified).bro.dat

2019/06/24 11:35:42 * intel-stack-intel-19-Abuse-Reporting-and-Blacklisting.bro.dat

2019/06/24 11:35:42 Creating master file: master-public.bro.dat

2019/06/24 11:35:42 Master file created successfully.

2019/06/24 11:35:42 Intel files located at: /opt/intel-stack/frameworks/intel

2019/06/24 11:35:42 API Requests Remaining: 75 of 100

nsm@intel-stack: