Open Source Intelligence
Open source intelligence (OSINT) is reporting, both short and long-form, developed by individuals and companies outlining specific threats, methodologies or actors. PassiveTotal maintains an extensive repository of parsed data from blogs, research papers and presentations in order to associate that reporting to infrastructure inside of the platform.
Data from the OSINT repository is public and freely available to all platform users. When identified, OSINT data and the respective classification (i.e. malicious, non-malicious, suspicious or unknown) will show up on the item being queries. Users can click the OSINT tab in order to see the detailed reporting or merely glean details from the contextual tags associated with the queried indicator.
Some of the feeds currently pulled into PassiveTotal include:
- RiskIQs Blacklist
- MDL - Malware Domain List
- TOR Exit nodes
- SSLBL - SSL Blacklist
- Security Reports & Blogs (crime and APT)
- Custom Google Search Engine