ThreatParser is a command line tool for downloading and consolidating open source blacklists. The goal of ThreatParser is create a simple utility capable of integrating multiple lists into a singular point for consumption, additionally there is a GeoIP component for locating the country where BlackListed IP Addresses reside.

The ThreatParser tarball can be downloaded here.

ThreatParser is meant to run with minimal installation and dependencies. There are multiple
options for installing the dependencies. There is a gemfile that can be run with bundle as
well as a rakefile that cheats (uses system calls) at installing dependencies as well.

ThreatParser at a minimum need Ruby installed on a system as it is written in
Ruby. In addition Rubygems is also necessary for the program dependencies.

ThreatParser can dump information to a Mysql database. In order to do so, one should set up
a database with the following tables:
ipAddress char(15)
source char(75)
origin char(100)
info char(150)
domain varchar(500)

Visit the ThreatParser web site for the latest news and downloads

#ruby threatparser -v -D -p -f –yaml
#ruby threatparser -p
#ruby threatparser -f

ThreatParser contains pieces of source code that is Copyright (c) 2013 but in general is released under GPL