Featured
AbuseIPDB Laravel
The AbuseIPDB Laravel package allows Laravel developers to easily integrate IP checking and reporting into their web applications, utilizing real-time data from AbuseIPDB.
Splunk
The Splunk app built internally by AbuseIPDB allows users to integrate IP threat intelligence directly into their Splunk environment. This app provides a threat check feature that allows users to check the reputation of an IP address.
Maintained By Community
Cortex XSoar
Cortex XSoar integrates with AbuseIPDB to enhance its SOAR platform, enabling automated threat detection and response using IP reputation data from AbuseIPDB.
Fail2Ban
Fail2Ban is a popular intrusion prevention software framework that protects your server from brute-force attacks. Integrate Fail2Ban with AbuseIPDB to automatically report abusive IPs.
Fortinet Integration
FortiGate firewall can integrate with AbuseIPDB via API to import blacklists and block IPs automatically. This integration allows Fortinet users
Maltego
Maltego is an open-source intelligence and forensics platform that provides powerful data mining and link analysis. Integrate Maltego with AbuseIPDB to utilize IP threat intelligence in your investigations.
Microsoft Copilot
Microsoft Copilot integrates AbuseIPDB to provide enhanced threat intelligence within its security plugin. This integration helps organizations to automatically analyze and respond to threats using AbuseIPDB’s IP reputation data.
Rapid7 InsightConnect
Rapid7 InsightConnect integrates AbuseIPDB into its security orchestration and automation platform, enabling organizations to streamline IP threat intelligence gathering and automate responses to malicious IP activity.
Splunk SOAR
Splunk SOAR is a security orchestration, automation, and response (SOAR) platform that integrates with AbuseIPDB to enhance automated workflows by utilizing real-time IP threat intelligence. This integration allows security teams to detect, respond to, and mitigate threats more efficiently using data from AbuseIPDB.
Splunk
The Splunk app built internally by AbuseIPDB allows users to integrate IP threat intelligence directly into their Splunk environment, enabling security teams to enhance their threat detection and incident response with real-time threat data.
Steampipe
Steampipe integrates with AbuseIPDB to allow security analysts to query IP threat intelligence data in real-time using SQL, enhancing the detection and response capabilities of security operations.
Sumo Logic
Sumo Logic integrates with AbuseIPDB to enhance its log analytics and security monitoring capabilities. This integration allows security teams to leverage real-time IP reputation data for advanced threat detection, enriched log insights, and automated responses.
Swimlane
Swimlane integrates AbuseIPDB into its security automation and orchestration platform to automate threat intelligence gathering and real-time responses to malicious IP activity. This integration enhances SOAR workflows by leveraging real-time IP reputation data to automate threat detection, reporting, and remediation actions.
Tines
Tines integrates AbuseIPDB to automate IP reputation checks and enrich threat intelligence workflows. This integration helps security teams automate incident response tasks, such as IP lookups and threat mitigation, using real-time data from AbuseIPDB, improving operational efficiency and security posture.
Torq
Torq integrates AbuseIPDB into its security automation platform to enable seamless real-time IP threat intelligence gathering and automatic response to threats. This integration helps organizations enhance their security posture by improving incident response times and reducing manual effort through automation.
Wazuh
Wazuh integrates with AbuseIPDB to enhance its security monitoring, detection, and response capabilities. Using real-time IP threat intelligence, Wazuh can detect, report, and automatically respond to suspicious activity and malicious actors, leveraging IP reputation data from AbuseIPDB.
Zero Networks
Zero Networks integrates AbuseIPDB to enforce Zero Trust network access control using real-time IP reputation data. By leveraging dynamic IP threat intelligence, this integration proactively prevents unauthorized access and mitigates malicious traffic across enterprise environments.
Zscaler
Zscaler integrates with AbuseIPDB to enhance its cloud security platform, delivering real-time IP threat intelligence and reinforcing Zero Trust architecture. This integration optimizes threat detection, response, and protection against advanced threats.
ArGoSoft
ArGoSoft Mail Server is a powerful and easy-to-use mail server that can be enhanced by integrating with AbuseIPDB to block and report abusive IP addresses.
Asustor
Asustor NAS devices integrate with AbuseIPDB to enhance network security by blocking malicious IPs based on threat intelligence from AbuseIPDB. This integration helps protect data stored on Asustor devices from unauthorized access.
Blink Ops
Blink is a security automation copilot that generates automated workflows to handle repetitive tasks and enforce security policies – simply by typing a prompt.
CSF
CSF is a popular security tool for Linux servers that provides advanced security features. Integrate CSF with AbuseIPDB to enhance your server"s protection by reporting and blocking abusive IPs.
D3
D3 Security integrates AbuseIPDB to enhance its security orchestration and automation capabilities. By leveraging IP threat intelligence, this integration helps automate the detection and response to malicious IP activities, improving overall incident management.
Mikrotik
The Mikrotik integration with AbuseIPDB allows Mikrotik routers to use IP blacklists from AbuseIPDB, enhancing network security by automatically blocking known malicious IPs.
NetHunt CRM API
The NetHunt CRM API integration with AbuseIPDB allows users to enrich their CRM data with IP reputation checks, improving the security of CRM activities.
OpenCTI
OpenCTI integrates AbuseIPDB for checking and importing IP blacklists into its threat intelligence platform.
OpenCTI
OpenCTI integrates AbuseIPDB for checking and importing IP blacklists into its threat intelligence platform.
PolarityCE
PolarityCE is an overlay widget that automatically retrieves data about IP addresses from AbuseIPDB as you copy them, providing real-time threat intelligence to enhance security operations.
ReliaQuest
ReliaQuest integrates with AbuseIPDB in its GreyMatter platform, enhancing visibility and automated threat response using real-time IP reputation data. This integration helps organizations to strengthen their security posture by proactively identifying and responding to malicious IP activity.
ReliaQuest
ReliaQuest integrates with AbuseIPDB to leverage real-time IP threat intelligence within its GreyMatter platform. This integration enhances proactive threat detection, automated response, and continuous monitoring of malicious IP activities, helping organizations to improve their security operations.
SpecterOps
SpecterOps integrates with AbuseIPDB to provide real-world IP threat intelligence during red team exercises, enhancing the realism of attack simulations and improving defense readiness. By using real-time malicious IP data, SpecterOps delivers more realistic offensive security operations.
Suricata
Suricata is an open-source network threat detection engine that supports IDS, IPS, and network security monitoring (NSM). By integrating with AbuseIPDB, Suricata enhances its detection capabilities with real-time IP threat intelligence, enabling better protection against malicious activities.
Synopsys
Synopsys integrates with AbuseIPDB to strengthen its software security testing capabilities by incorporating real-time IP threat intelligence. This integration enables security teams to automate the detection of malicious IPs during software testing, enhancing the overall security posture by identifying threats in real-time.
Silent Hunt
Silent Hunt integrates with AbuseIPDB to silently monitor and block malicious IPs in real time, enhancing security defenses with proactive IP reputation data. This integration helps automate the detection and mitigation of threats, allowing for more robust network protection.
SDKs
SDKs are a great way to connect your application to AbuseIPDB. We and our awesome community offer a variety of SDKs to help you make use of your Abuseipdb acoount today!
Abuseipdb Community Ecosystem
Our extensive community has built tools to connect your application to AbuseIPDB. Here are some community examples.
-
AbuseIP DB Bulk Check Script
This script allows you to perform bulk checks against AbuseIPDB, making it easy to check multiple IP addresses at once and get detailed reports on their activity.
-
AbuseIPDB Checker
The AbuseIPDB Checker tool allows users to quickly check IP addresses against AbuseIPDB"s database, providing insights into the reputation and malicious activity associated with each IP.
-
AbuseIPDB CLI
The AbuseIPDB CLI tool provides a command-line interface for interacting with the AbuseIPDB API, making it easy to check and report IP addresses directly from the terminal.
-
CSF Firewall
This abuseipdb-reporter.py python script allows you to utilise CSF Firewall to automatically detects harmful online activity and reports it to a AbuseIPDB security database. It helps make the internet safer by sharing information about suspicious IP addresses with other network administrators. It's customizable, user-friendly, and provides helpful feedback for easier use and troubleshooting.
-
AbuseIPdb SCAN
This is a python script that will parse IP addresses from files or manually interact with AbuseIPDB API. It will return the information about the IP into standard out in various outputs.
-
Maspik
Block spam in several ways, blacklist words/ honeypot / IP verification and more, integrate with almost any contact form plugin and comments.
-
Traffic Jammer
Prevent unwanted traffic incidents that might result in site outages and billing overages. WordPress plugin that blocks IP and bots categorized as harmful, resulting in heavy server loads from frequently crawled pages, or utilized in vulnerability/security breach scans.
-
CSF Integration Script
This script is designed to work with ConfigServer Security & Firewall (CSF) to report suspicious IP addresses to AbuseIPDB. It maps specific CSF triggers to the corresponding AbuseIPDB categories, constructs a detailed comment about the incident, and sends the report to AbuseIPDB using the provided API key.
-
FortiGate Script
FortiGateToAbuseIPDB is a Python script designed to automate the process of managing the quarantine list on FortiGate devices. It reads all IPv4/IPv6 addresses from the FortiGate quarantine list, forwards the malicious IPs to the AbuseIPDB service, and then clears the list. This helps in maintaining a clean quarantine list while contributing to a global database of malicious IP addresses.
-
SolarWinds Serv-U FTP Server Script
This manual provides detailed instructions on how to configure an event in SolarWinds Serv-U FTP Server to automatically report IP addresses involved in brute-force attempts to AbuseIPDB using a PowerShell script named Serv-UToAbuseIPDB. By automating this process, administrators can enhance their server's security by ensuring that malicious IP addresses are promptly reported and potentially blocked from further attacks.
-
Graylog Data Adaptor
This community guide explains how to integrate AbuseIPDB as a data adaptor within Graylog, enabling automatic lookup and monitoring of suspicious IP activity.
-
Graylog HTTP Notification with AbuseIPDB
A guide to setting up HTTP notifications with AbuseIPDB within Graylog, allowing users to send alerts for potentially malicious IP addresses.
-
Graylog AbuseIPDB Lookup Setup
A setup guide for integrating AbuseIPDB lookup with Graylog, enabling users to check the threat intelligence of IP addresses within their Graylog environment for enhanced security.
-
Cloudflare WAF Script
This project offers an automated script that collects and reports IP addresses that have triggered Cloudflare firewall events. In simple terms, it enables the reporting of incidents detected by Cloudflare WAF to the AbuseIPDB database.
-
UFW AbuseIPDB Reporter
This project offers an automated script that collects and reports IP addresses that have triggered Cloudflare firewall events. In simple terms, it enables the reporting of incidents detected by Cloudflare WAF to the AbuseIPDB database.
-
Golang Client
This is an API client for AbuseIPDB is built in Golang, allowing developers to integrate AbuseIPDB IP threat intelligence in their Go-based projects. This client gives you full access to the abuseipdb API.
-
Go AbuseIPDB Package
This Go package provides an API client for AbuseIPDB, enabling developers to interact with AbuseIPDB services for reporting and checking malicious IP addresses in their Go projects.
-
WAF-IPDB
This is a Python script that queries Cloudflare's firewall event logs and reports any potentially malicious IP addresses to AbuseIPDB, a database that tracks IPs associated with malicious activities.