Data verified May 2026
ADYour product here. Reach security decision-makers.Launch a campaignThreatIngestor Description
An extendable tool to extract and aggregate IOCs from threat feeds. Integrates out-of-the-box with ThreatKB and MISP, and can fit seamlessly into any existing workflow with SQS, Beanstalk, and custom plugins. Currently used by InQuest Labs IOC-DB: https://labs.inquest.net/iocdb Overview: ThreatIngestor can be configured to watch Twitter, RSS feeds, sitemap (XML) feeds, or other sources, and extract meaningful information such as malicious IPs/domains and YARA signatures, and send that information to another system for analysis. Try it out now with this quick walkthrough, read more ThreatIngestor walkthroughs on the InQuest blog, and check out labs.inquest.net/iocdb, an IOC aggregation and querying tool powered by ThreatIngestor. Installation: ThreatIngestor requires Python 3.6+, with development headers. Install ThreatIngestor from PyPI: pip install threatingestor. Install optional dependencies for using some plugins, as needed: pip install threatingestor[all]. View the full installation instructions for more information. Usage: Create a new config.yml file, and configure each source and operator module you want to use. (See config.example.yml for layout.) Then run the sc
ThreatIngestor FAQ
Common questions about ThreatIngestor including features, pricing, alternatives, and user reviews.
ThreatIngestor is An extendable tool to extract and aggregate IOCs from threat feeds, integrates with ThreatKB and MISP. It is a Threat Management solution designed to help security teams with IOC, Threat Feed, Cyber Threat Intelligence.
ThreatIngestor is a free Threat Management tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/InQuest/ThreatIngestor/ for download and installation instructions.
Popular alternatives to ThreatIngestor include:
1.Hudson Rock Cybercrime Intelligence Tools - Cybercrime intelligence tools for searching compromised credentials from infostealers (Free)
2.Lunar - Free breach monitoring platform for compromised credential detection & alerting. (Free)
3.Webz.io - Web data platform providing open, deep & dark web APIs and monitoring. (Commercial)
4.CybersecRadars - Cybersecurity market intelligence platform for tracking competitors & funding (Commercial)
5.Bitdefender Operational Threat Intelligence - Threat intelligence platform providing global threat visibility and IoCs (Commercial)
Compare these tools and more at https://cybersectools.com/categories/threat-management
ThreatIngestor is for security teams and organizations that need IOC, Threat Feed, Cyber Threat Intelligence. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Threat Management tools can be found at https://cybersectools.com/categories/threat-management
Have more questions? Browse our categories or search for specific tools.
