ai-honeypots.com TLP:WHITE

IOC Feed

Threat intelligence derived from a distributed LLM honeypot network.
Sensors pose as Ollama, LiteLLM, OpenAI-compatible, and LM Studio endpoints.
Updated hourly — all data is TLP:WHITE (unrestricted, CC0 public domain).

Formats JSON · plain-text IP list · STIX 2.1 · MISP native
License CC0 1.0 Universal
ATT&CK TTPs mapped per indicator
Contact feeds@ai-honeypots.com

Available Feeds

Full IOC Feed — 7-day window

All indicators from the past 7 days. Includes actor category, MITRE ATT&CK TTPs, behavioral metadata, sample prompts, and analyst context. JSON with full taxonomy.

Latest High-Confidence — 24h

Only high-confidence indicators from the past 24 hours. Suitable for real-time ingestion into SIEMs, firewall blocklists, and threat intel platforms. Refreshes every 15 minutes.

Extended Window — 28 days

Full 4-week history. Useful for threat hunting, retrospective analysis, and building blocklists with broad coverage. Same schema as 7-day feed.

STIX 2.1 Bundle — Platform Ingest

OASIS STIX 2.1 structured bundle containing indicator, intrusion-set, and relationship objects. Compatible with OpenCTI, Anomali ThreatStream, Splunk ES, IBM QRadar, and any TAXII-aware platform. Indicators linked to named campaign intrusion-sets. Content-Type: application/stix+json.

MISP Native Feed

Native MISP feed format with manifest.json and hashes.csv for incremental sync. Add https://ai-honeypots.com/feeds/misp/ as a feed URL in your MISP instance. Two events available: 7-day and 28-day windows. Each IP is an ip-dst attribute tagged with actor category and MITRE ATT&CK technique IDs.

Actor Taxonomy

SCANNER-MASS
High-volume single-purpose endpoint scanners; no prompt interaction
SCANNER-ENUM
Multi-persona enumerators systematically mapping AI service surfaces
SCANNER-COORDINATED
Multi-IP clusters operating as a single coordinated scan campaign
MCP-SCANNER
Dedicated Model Context Protocol endpoint probers (emerging attack surface)
RELAY-OPERATOR
Shadow API backend pool managers; clockwork rotation, no prompts
RELAY-VERIFIER
Automated relay health-check systems using canned test prompts
RELAY-CUSTOMER
End-users of relay pools; requests using relay-specific model aliases
RELAY-CATALOGER
Model×persona matrix sweepers building backend capability inventories
IDENTITY-PROBER
Prompt-engineering attacks to extract true model identity / bypass system prompts
CREDENTIAL-HARVESTER
Targets .env, API keys, config files — no AI model interaction
INFRA-COLLISION
Legitimate infra accidentally hitting AI endpoints (NTLM, Grafana, etc.)

Integration Examples

# Download plain-text IP blocklist curl -s https://ai-honeypots.com/feeds/iocs.txt | grep -v '^#' | awk '{print $1}' > ai_iocs.txt # Python — ingest full feed import requests feed = requests.get("https://ai-honeypots.com/feeds/iocs.json").json() for ioc in feed["indicators"]: print(ioc["value"], ioc["actor_category"], ioc["confidence"]) # jq — filter by actor category curl -s https://ai-honeypots.com/feeds/iocs.json \ | jq '.indicators[] | select(.actor_category=="MCP-SCANNER") | .value' # High-confidence only (last 24h, for real-time blocking) curl -s https://ai-honeypots.com/feeds/latest.json | jq '.indicators[].value' # STIX 2.1 — download and count object types curl -s https://ai-honeypots.com/feeds/stix.json \ | jq '.objects | group_by(.type) | map({(.[0].type): length}) | add' # MISP — add as a native feed (recommended) # In MISP: Sync Actions → Feeds → Add Feed # URL: https://ai-honeypots.com/feeds/misp/ # Format: MISP # Enabled: yes # MISP will auto-fetch manifest.json, hashes.csv, and event files. # MISP — import STIX 2.1 bundle via PyMISP (alternative) from pymisp import PyMISP from stix2 import parse bundle = parse(open("stix.json").read(), allow_custom=True) # then push to MISP via misp.add_event() or use MISP's built-in STIX import # OpenCTI — push via pycti from pycti import OpenCTIApiClient api = OpenCTIApiClient("https://your-opencti/", "your-token") api.stix2.import_bundle_from_file("stix.json")

Feed Schema

{ "ioc_type": "ip", "value": "1.2.3.4", "tlp": "WHITE", "confidence": "high", // low | medium | high | very-high "actor_category": "MCP-SCANNER", // see taxonomy above "ttps": ["T1046","T1190"],// MITRE ATT&CK technique IDs "first_seen": "2024-06-01T00:00:00+00:00", "last_seen": "2024-06-07T23:59:59+00:00", "total_hits": 1842, "distinct_personas": 6, "distinct_paths": 23, "prompt_count": 0, "user_agents": ["mcp-sonar/1.0 (security-research)"], "models_requested": [], "interesting_paths": ["/mcp","/mcp/v1/tools","/mcp/list"], "sample_prompts": [], "details": "Analyst narrative with behavioral context...", "source": "ai-honeypots.com", "honeypot_context": "Distributed LLM honeypot — TLP:WHITE, no PII" }