This repository has been archived by the owner on May 23, 2019. It is now read-only.
where do i start feeds
These integrations assume you have the python SDK or perl SDK or successfully installed and a valid ~/.cif.yml config. Installing the python client is as easy as:
$ sudo pip 'cifsdk>=2.0,<3.0'If you're not familiar with the [output] Feeds concept with CIF, checkout the CIF book. The most common feed combinations are:
$ cif --feed --otype ipv4 --confidence 85 --tags scanner
$ cif --feed --otype ipv4 --confidence 85 --tags hijacked
$ cif --feed --otype ipv4 --confidence 85 --tags botnet
$ cif --feed --otype ipv4 --confidence 85 --tags malware
$ cif --feed --otype ipv4 --confidence 85 --tags spam $ cif --feed --otype fqdn --confidence 85 --tags botnet
$ cif --feed --otype fqdn --confidence 85 --tags malware
$ cif --feed --otype fqdn --confidence 85 --tags phishing
$ cif --feed --otype fqdn --confidence 65 --tags malware
$ cif --feed --otype url --confidence 85 --tags phishing
$ cif --feed --otype url --confidence 85 --tags malware
$ cif --feed --otype url --confidence 85 --tags botnet
