Explore OpenCTI or OpenAEV platform with 30 days Free Trial!
XTM Hub by FiligranSign In

Threatview.io - C2 Hunt Feed

Adversary & Campaign Insights
Infrastructure & Attack Surface Visibility

Overview

A list of CobaltStrike Infrastructure from https://threatview.io/Downloads/High-Confidence-CobaltStrike-C2 -Feeds.txt

A list of CobaltStrike Infrastructure from https://threatview.io/Downloads/High-Confidence-CobaltStrike-C2 -Feeds.txt This CSV feed ingester is designed to import and process data on identified CobaltStrike command and control (C2) infrastructure from ThreatView.io. CobaltStrike is a commercial penetration testing tool frequently misused by threat actors for malicious purposes. The feed contains high-confidence indicators of servers running CobaltStrike C2 infrastructure, allowing security teams to block connections to these known malicious endpoints. By incorporating this intelligence into OpenCTI, organizations can proactively defend against attacks utilizing this popular threat actor tool, identify potential ongoing compromises, and enhance their network defense capabilities against threat campaigns.

Basic information

Filigran
Damian Skeeles
CSV Feeds
April 13, 2026
400+
200+

    We use cookies to make the XTM Hub work, understand how it's used, and improve your experience. Strictly necessary cookies are always on. With your consent, we also use optional cookies for functionality, performance and analytics, and marketing. You can accept all, reject all, or choose which optional cookies to allow. You can change your preferences at any time via "Cookie settings". See our Cookie Policy for more information.