Malware Patrol for MISP

Organize, share and correlate IOCs


Malware Patrol offers an integration with MISP, the open source threat intelligence platform used for sharing, storing and correlating IOCs.

This reputable and powerful tool is used by thousands of organizations worldwide and has many helpful, active communities. The platform is feature rich and boasts the following (and more) capabilties and options:

  • Sharing – automatically exchange & sync with other users and trust-groups
  • Importing – bulk-import, batch-import and free-text import
  • Exporting – generate IDS, OpenIOC, plain text, CSV, or JSON output
  • Automatic correlation – find relationships between attributes and indicators
  • Intelligence vocabularies & adjustable taxonomy – classify and tag events using your own classification schemes OR existing taxonomies, threat actors or MITRE ATT&CK
  • Python expansion modules – do-it-yourself or activate already available modules.


We offer two ways to integrate:

  1. Sync our instance with yours (one-way)
  2. Download MISP-formatted feeds.

The following data feeds are available:

  1. Anti-Mining
  2. Command & Control (C2) URLs
  3. DGA Domains
  4. Malicious IPs
  5. Malware URLs


Want to evaluate or find out more about integrating Malware Patrol’s data into your MISP instance?

Email: commercial (@)

Phone: +1.813.321.0987