By Maltego Technologies
AbuseIPDB Transforms for Maltego
AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet. It crowdsources IP addresses that have been associated with malicious activity online and provides a central blacklist for webmasters, system administrators, and other interested parties. There are thousands of reports generated daily from users who detect suspicious traffic and report it to AbuseIPDB.
They offer a free API for both reporting malicious IP addresses detected on your systems, and checking IP addresses for reported malicious activity.
Any illegal, abusive or inappropriate activity detected from an IP address is considered to be malicious, such as attempted DDoS, any type of spam, fraudulent orders, hacking attempts, phishing, spoofing, SQL injection, etc.
With AbuseIPDB Transforms, get information about IPv4 and IPv6 Addresses, such as abuse score, IP usage type, hostname associated with the IP, Country, and ISP Details.
Benefits of the integration:
- Check if an IP address has been reported for abuse, and what those reports say specifically
- Report an IP address associated with malicious activity themselves, directly from Maltego
- Obtain additional information on an IP such as usage type, country, ISP, etc.
- Reduce the time taken to confirm if a particular IP address is malicious and see if anyone else has reported malicious activities from that IP
Typical users of this data:
- Threat Intelligence
- Cyber Analysts
Pricing & Access
Pricing Tier: Free
Hub Type: Commercial Hub and Community Hub
Requirements: Any Maltego license and AbuseIPDB API key
Access: Install directly from Transform Hub on Maltego Desktop Client and enter your AbuseIPDB API key. Register here for a free API key (1000 requests per day).
Reach out to us to learn more about this data integration and how to access it.
AbuseIPDB is a project managed by Marathon Studio’s Inc. Their mission is to help make the Web safer by providing a central repository for webmasters, system administrators, and other interested parties to report and identify IP addresses that have been associated with malicious activity online.
For more information, visit https://www.abuseipdb.com/