ThreatCrowd
By ThreatCrowd.org
Query ThreatCrowd for Malware, Passive DNS and historical Whois data.

ThreatCrowd Transforms for Maltego
Threat Crowd is part of an open Threat Intelligence community which permits global collaboration and sharing of cyber threats. Users share IP addresses or websites from which attacks have originated, or, look up specific threats to see if anyone in the intelligence community has provided information about them and determined them to be malicious.
Query ThreatCrowd for Malware, Passive DNS and historical Whois data.
Benefits
- Enrich domains and IPs to historical dns resolutions and connecting malware
- Enrich MD5 hashes of malware to command and control domains and IP addresses
- Enrich the names of malware detections to the MD5 hashes of malware samples
Typical Users of This Data
- Threat Intelligence Teams
Pricing & Access
Community Hub
Available for users with Maltego CE.
- Click-and-Run: Simply install the Hub item on your Maltego Desktop Client and start using it.
Commercial Hub
Users with Maltego One have the following access or purchase options:
- Click-and-Run: Simply install the Hub item on your Maltego Desktop Client and start using it.
About ThreatCrowd
Threat Crowd is part of an open Threat Intelligence community which permits global collaboration and sharing of cyber threats. Users share IP addresses or websites from which attacks have originated, or, look up specific threats to see if anyone in the intelligence community has provided information about them and determined them to be malicious.
For more information, visit https://www.threatcrowd.org/.
