How do I match values in the TweetFeed search?

Type any string into the search box. Matches run against the IOC value (exact or substring), the tag (such as #CobaltStrike or #phishing), and the researcher handle. The search is case-insensitive.

IOC Search

Q: How fresh are TweetFeed search results?

The pipeline refreshes every 15 minutes and republishes week.csv. Each row shows its UTC timestamp in the Date column.

Search 7 days of IOCs from 90+ infosec researchers on Twitter/X

Data from: week.csv

URLs

Domains

IPs

SHA256

MD5

Date (UTC)	User	Type	Value	Tags

Frequently asked questions

What's in the search index?

The last 7 days of indicators of compromise (URLs, domains, IPs, SHA-256 and MD5 hashes) shared by 90+ infosec researchers on Twitter/X. The dataset is the same week.csv exposed at raw.githubusercontent.com/0xDanielLopez/TweetFeed/master/week.csv.

How do I match values?

Type any string into the search box. Matches run against the IOC value (exact or substring), the tag (e.g. #CobaltStrike, #phishing), and the researcher handle. The search is case-insensitive.

How fresh are results?

The pipeline refreshes every 15 minutes and republishes week.csv. Each row shows its UTC timestamp in the Date column.

What can I use this for?

Incident response triage, Threat Intelligence enrichment, and watchlist seeding for SIEM rule validation. Always verify each IOC before acting on it - confidence is community-sourced and not vetted (see the disclaimer in the API page).