Skip to content
This repository was archived by the owner on Apr 30, 2022. It is now read-only.

Tags

Jump to bottom
wes edited this page May 21, 2019 · 1 revision

CIF uses tags to describe indicators, a single indicator can have one tag or many tags. These tags are defined on ingest to CIF. Tags are not predefined by the CIF, a new tag can be created at any time by inserting a new tag with a newly created tag.

Default tags shipped with CIFv4:

  • botnet
  • exploit
  • hijacked
  • malware
  • phishing
  • scanner
  • search
  • suspicious
  • bruteforce
  • whitelist
  • uce
  • darknet
  • dns

You can see an example on how to search by tags with this command:

$ cif --tags malware -f csv
amber,everyone,2015-03-20T05:04:16Z,withfx.com,,,60.764,malware,,malc0de.com,
...

Support the Project!

Clone this wiki locally