When hosts on your network are accessing newly-registered domains, there’s a good chance bad things are heading your way. So, you’ll want to know as soon as possible if this is happening.
New from Stamus Labs - a collection of newly-registered domains that could be used for phishing or to host and control malware.
Every day, the Stamus Labs team collects all newly-registered domains and identifies those which appear to be algorithmically-generated (high-entropy) and those which use typosquatting and homoglyph techniques to mimic popular legitimate domains (phishing).
We package these into six feeds optimized for Clear NDR (community and enterprise) and Suricata 7 users and make them available for FREE.
Want to learn more? Our team has created several additional resources on this topic:
These lists contain all domains registered in the last 14 or 30 days (2 separate lists).
These lists contain the high-entropy domains registered in the last 14 or 30 days (2 separate lists).
These lists contain the suspected phishing domains registered in the last 14 or 30 days (2 separate lists).
To access README documentation, issues tracker and the threat intelligence wiki, please visit our GitHub page here >>
To ask questions, answer questions, or simply listen in, join our Discord community here >>
Below are a few of the many open-source tools developed and maintained by Stamus Labs.
ABOUT STAMUS NETWORKS
Stamus Networks is the global leader in Suricata-based network security and the creator of the innovative Clear NDR™ system. Designed to close visibility gaps and reduce alert fatigue, Clear NDR transforms raw network traffic into actionable security insights with unmatched transparency, customization, and effectiveness. Trusted by leading financial institutions, government agencies, and participants in NATO’s largest cybersecurity exercises, Stamus Networks delivers proven, high-performance network detection and response solutions. Stamus empowers security teams – delivering clarity amidst complexity – with greater control, fewer false positives, faster response times, and a more responsive, open approach than legacy vendors.
© 2014-2025 Stamus Networks, Inc. All rights Reserved.