No announcement yet.

ioc2rpz 1.0.0

  • Filter
  • Time
  • Show
Clear All
new posts

  • ioc2rpz 1.0.0

    Hi there,

    This is a second time I'm going to demo ioc2rpz at DefCon Demo Labs. For the last year I've implemented some cool features, fixed bugs and refactored some code.

    The enchantments includes:
    - REST API;
    - DNS over TLS support (DoT);
    - IPv6;
    - cache and zone generation optimization;
    and some other improvements and bug fixes.

    Since January 2019 I'm using RPZ feeds at home on a Raspberry PI (bind) and in a Lab on Infoblox with ioc2rpz deployed on a publicly available server in the Internet. A public TSIG key was available for tests about 4 months and a few users tested it. To simplify a user experience, add some extra control and protect the service against abuse I've created an ioc2rpz community web-site ( On the community web-site your can get an access following RPZ feeds free of charge:
    If you want to test RPZ feeds in your environment you have multiple options which are easy:
    • Sign up on the ioc2rpz community web-site.
    • Deploy a docker container from the docker hub. Here is a simple instruction.
    • Deploy it on AWS using ECS. Here is another instruction.
    Do not forget about a GUI which is developed as a separate project ioc2rpz.gui (

    If you still confused what I'm speaking about you can watch a demo video. It is a bit outdated (was prepared for DefCon 26) but still actual + UX/UI was not significantly updated :)