MrLooquer IOCFeed is now part of Maltiverse

Maltiverse is born as a service oriented to cybersecurity analysts for the advanced analysis of indicators of compromise. And few days ago Maltiverse announce the on boarding of a new IoC feed that contains really valuable information. This feed is MrLooquer IOCFeed.
MrLooquer IOC Feed is the first threat feed focused on systems with dual stack. Since IPv6 protocol has begun to be part of malware and fraud communications, It is necessary to detect and mitigate the threats in both protocols (IPv4 and IPv6).

We analyze and generate daily our dual stack threat feed. You can download below the IOCs we’ve seen in the last 7 days. However, you can access to all our threat database in our IPLake service.
Try Maltiverse with MrLooquer integrated and tell us your feelings.

MrLooquer on Maltiverse
Happy Haking

MrLooquer Rating Integration with Cloud Infrastructure

At last RootedCon edition our CTO Raul Requero presented to the audience our tool MrLooquer Rating.

One of the use cases we presented is the integration of MrLooquer Rating with Cloud environments. This integration solves one of the main problems of security officers, that is having an updated inventory in real time of elements exposed to internet and perform a security analysis automatically.
We have developed an AWS Lamba to make almost immediate starting monitoring your Cloud infrastructure with MrLooquer Rating.

To show how it works we shown a video with a real demo of an AWS account where the lamba is deployed and immediately all new instances launched are provisioned to MrLooquer Rating and analyzed.

Thank you to RootedCON organization for such a great opportunity to share our tools there!

If you want to test it by yourself you'll just need an authentication token that you can get from our web service.
Do you want to know more about this integration? Contact [email protected]

IOCFeed officially released

Dear Looquers,

We are glad to announce that we have officially published IOCFeed in RootedCON X edition. IOCFeed is the new OSINT (Open Source INtelligence) resource available to security community that provides dual stack information about threats in Internet.

This data source can help analysts to do threat analysis. The main goal of this feed is to help security analysts with valuable insight that allows finding interesting connections between IOCs that can be extended to IPv4. Looking at IPv6 information like the prefix analysts can find relationships between threats and determine if a prefix can be considered as malicious, looking at ASN analysts can find statistics of malicious agents present in Internet providers, and other use cases that we will publish in this blog in the following weeks. You are invited to use this feed and give us feedback.

Also, if you are a researcher, a university or a company, and you are interested in complement your data sources with dual stack informa…

When IPv6 met Malware

What are those malware families shown in this graph?
Do you want to know more about these IOCs related with IPv6? Next saturday we are going to publish the first dual stack IOCFeed with useful information for threat analysis to community.
This feed will be free and contains network information such as IPv4, IPv6, open ports, ASN and even CVEs that affect the host. Also, there are interesting relationships between IOCs that can be obtained of you look at IPv6 network information. From now on, you will have a new tool to fingerprint threats in Internet.

More at
Follow us @mrlooquer

See you at RootedCON 2019!!

Dear Looquers, we're happy to announce that this year we will be at one of the top Security conferences of the year!

This time we are going to publish the first open feed with information of threats with dual stack (IPv4 and IPv6). You will discover how to get insightful information when you look at IPv6, you can get relations between IOCs using the prefix, open ports with CVEs affecting the threats, wrong dual stack configuration, and much more. We've reached an agreement with one of the top Cybersecurity companies in Spain to offer you this feed and we will invite others to join the project.

Also, thanks to RootedCON organization we will be able to show new features of MrLooquer Rating and the automatic integration with AWS infrastructures using serverless Lambdas.  See you there!

Follow us on Twitter: @mrlooquer

MrLooquer on Github

Since MrLooquer Born some people is using its API but not all of them publish their integrations. Luckily for us there are some tools integrate with MrLooquer. Thanks for use MrLooquer and for share it!!

Let us to highlight two of them:

Python library for MrlooquerMrLooquer is an IPv6 Intelligence search engine. And this is a python library for accessing IPV6 Search Engine.

Host-ScannerActive/passive network scanner and autonomous vulnerability assessment application. 

Enjoy this tools and remember if you are using MrLooquer API and want to share it with us do not hesitate to tell us how and where you use MrLooquer.

MrLooquer Team.

CyberCamp 2016 [ES/EN]