Skip to content

AbuseIPDB#

README

AbuseIPDB#

AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet.

The analyzer comes in only one flavor.

Requirements#

You need a valid AbuseIPDB API integration subscription to use the analyzer:

  • Provide your API key as a value for the key parameter.
  • Set the days parameter to limit temporal range in search

AbuseIPDB#

Author: Matteo Lodi
License: AGPL-v3
Version: 1.0
Supported observables types:
- ip
Registration required: True
Subscription required: True
Free subscription: True
Third party service: https://www.abuseipdb.com/

Description#

Determine whether an IP was reported or not as malicious by AbuseIPDB

Configuration#

key API key for AbuseIPDB
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
days Check for IP Reports in the last X days
Default value if not configured 30
Type of the configuration item number
The configuration item can contain multiple values False
Is required False

Templates samples for TheHive#

AbuseIPDB: Long report template


Last update: November 15, 2021 06:39:11