This repository has been archived by the owner on May 23, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 60
where do i start feeds
Wes edited this page Apr 17, 2017
·
12 revisions
These integrations assume you have the python SDK or perl SDK or successfully installed and a valid ~/.cif.yml config. Installing the python client is as easy as:
$ sudo pip 'cifsdk>=2.0,<3.0'
If you're not familiar with the [output] Feeds concept with CIF, checkout the CIF book. The most common feed combinations are:
$ cif --feed --otype ipv4 --confidence 85 --tags scanner
$ cif --feed --otype ipv4 --confidence 85 --tags hijacked
$ cif --feed --otype ipv4 --confidence 85 --tags botnet
$ cif --feed --otype ipv4 --confidence 85 --tags malware
$ cif --feed --otype ipv4 --confidence 85 --tags spam
$ cif --feed --otype fqdn --confidence 85 --tags botnet
$ cif --feed --otype fqdn --confidence 85 --tags malware
$ cif --feed --otype fqdn --confidence 85 --tags phishing
$ cif --feed --otype fqdn --confidence 65 --tags malware
$ cif --feed --otype url --confidence 85 --tags phishing
$ cif --feed --otype url --confidence 85 --tags malware
$ cif --feed --otype url --confidence 85 --tags botnet